| |
| |||||||
Log-Analyse und Auswertung: Schädlichen Link angeklickt.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.04.2013, 15:24
| #1 |
 |  Schädlichen Link angeklickt. Hallo ihr Lieben  ,Vor 2-3 Tagen habe ich einen schädlichen Link auf einem sozialen Netzwerk angeklickt, welcher von meiner Sicherheitssoftware Kaspersky (Internet Security 2013) geblockt wurde. Nach diesem Vorfall habe ich dann eine Vollständige Untersuchung sowie eine Untersuchung wichtiger Bereiche ausgeführt, ohne Fund. Jetzt bin ich mir immer noch unsicher, ob sich eventuell doch eine Schadsoftware in meinem System eingenistet hat. Da ich viel mit Online-Banking zu tun habe, wäre es für mich eine absolute Katastrophe. Verdächtige Symptome auf meinem PC konnte ich bislang nicht beobachten. Alles läuft wie immer, einwandfrei. Ich erkläre nun, wie ich eure Schritte, die ihr auf eurer 'Seite für Hilfesuchende' ausgeführt habe: Defogger: Ich habe Defogger gestartet, den 'Disable' Button gedrückt und habe dann die Meldung 'Finished' samt einen Log (Unten als Anhang verlinkt) bekommen. Defogger wollte keinen Neustart, also habe ich keinen Neustart ausgeführt. OTL: Habe ich genauso wie beschrieben ausgeführt, keine Probleme gehabt. Gmer: Gmer hat mir folgende Fehlermeldung ausgespuckt: 'gmer_2.1.19163.exe funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist.' Ich hatte bei dem Scan keine Internetverbindung und meine Sicherheitssoftware war deaktiviert (Nicht ausgeschaltet, lediglich deaktiviert, falls das einen Unterschied macht). Noch ein kleine Randnotiz: Sind meine Sorgen um einen Virenbefall berechtigt oder mache ich mir Sorgen um nichts? Ich danke schonmal für die Hilfe. |
|
22.04.2013, 14:12
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Schädlichen Link angeklickt. Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
22.04.2013, 15:16
| #3 | |
| | Schädlichen Link angeklickt. Extra:
__________________OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.04.2013 15:40:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andreas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,30 Gb Available Physical Memory | 78,92% Memory free
15,96 Gb Paging File | 14,09 Gb Available in Paging File | 88,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 160,00 Gb Total Space | 54,08 Gb Free Space | 33,80% Space Free | Partition Type: NTFS
Drive D: | 771,51 Gb Total Space | 644,71 Gb Free Space | 83,56% Space Free | Partition Type: NTFS
Computer Name: ANDREAS-PC | User Name: Andreas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{BFED26D7-FD29-466E-9CD8-1C265DE424DC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F9BE123F-5859-4E98-AB61-CEF24874B8DB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037BCE7B-9B42-42F6-9297-EF43DF1E8078}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0C2EE0C7-595E-4ABD-8970-7787ACBB19EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{10A3DE84-D533-426B-972A-F1A115A3B6BE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{132647E7-67C8-4E90-B8D5-F797389A550F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{13738BEF-65E1-4B3A-90D3-BEEBAB5958B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{141686F5-89E0-4957-9182-B384A11F1BAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{19A6EEC8-54FE-4139-868F-A084A8CED5FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E080D9E-6693-4048-995A-51A87AB677F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{1FE9616B-2CF3-47A1-A0AA-AC0EC051F50E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\skyk4rm4\counter-strike source\hl2.exe |
"{262CE14F-5445-477A-A296-DDE6338CF19C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{2AE6800D-1EC3-4FF3-8ECD-880039997523}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{33F34927-8354-4845-A3CE-4900A057C770}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{369ADF41-5BCE-44F2-85B8-07BA86789FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{398524C1-ADA1-492F-BD70-D457E065EFFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{3DBB7881-792A-4670-8AA1-4B2F0B7DE511}" = protocol=17 | dir=in | app=d:\origin\crysis 3 mp open beta\bin32\crysis 3 mp open beta.exe |
"{4C79DBC6-EBF8-427C-ABE7-3AD3C353FAA9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5379944B-D35B-4D2F-89C2-C95E8F72F31D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5660986F-F17B-420E-93C3-D63B9DCE0D60}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{5C38353D-2D74-4702-8A84-BC2EC907AAFC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{63C6A284-B23C-4144-9BA3-98E371CD1A80}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{67539F7A-BC9D-4BDA-BA01-413480CCE064}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{6A111D58-F74B-45EF-9822-18EA69BBB82D}" = protocol=6 | dir=in | app=d:\origin\crysis 3 mp open beta\bin32\crysis 3 mp open beta.exe |
"{6CE37E92-A95B-49A9-9E2C-3D9F9388517D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6F45A727-8CCA-403F-A0AB-B5FB57AB8702}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{7158F8F4-51F0-4913-B317-17D01753560B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{7292163F-5BD3-42C8-8E18-77E5EEA1BDC3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{73D55558-3D33-4787-9B40-7B35C297DD50}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{74B3FA36-F053-4376-BA7F-C3B4E3FC227F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\skyk4rm4\counter-strike source\hl2.exe |
"{7C3788C0-A146-4C3D-987A-C8EB436925B1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7F93CF24-5283-43D6-A22E-07E729B30941}" = protocol=6 | dir=in | app=d:\origin\battlefield 3\bf3.exe |
"{81EE05A9-FFAE-4F82-ACE4-A7B5537A0DF6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{84F948A0-023A-423F-8C57-2FA453AD3396}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8B8329C8-F3DC-4131-A2CE-E5D2A34D349E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8EDB552B-2807-4AAB-93D0-5F6A055E3C5F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8F5166DE-5CDC-4FDA-BD14-F6D767B07076}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{9022CB28-6B42-4996-B49C-B20A16A5593A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{94FCE939-CBEF-4681-9CFD-F8B54A443FB3}" = protocol=17 | dir=in | app=d:\origin\battlefield 3\bf3.exe |
"{A099ECD1-65FB-499F-93F3-50B0C82BFEA8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{A3815FC2-4996-4710-8B87-7EA638AB27A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{AA5967B2-DD79-423C-B50E-12B4A09C2295}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{AC67F9C1-65DB-4F12-AF84-BBAFB9714DF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{AC831492-E8AC-4B77-A86A-846754CDADAC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{ADCCC3E3-40FA-4B5A-9E0B-07DBF99C15AF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{B308D785-1343-4D5C-ABBB-6B1C66D7CA00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{B7485ACB-C9FB-40B7-976E-640030F7463E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{B9351489-0BBF-459F-977B-40B1AE342384}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{BAE80CD9-490C-4E94-A0AE-1EBF5230FFF0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{BE838C9F-5A44-4709-B162-533486B6A22D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{CB9543E8-5F3E-4DF4-884A-D9B0773E390D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{CCA6720A-506F-4CDD-B8C0-EDA403EF4907}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D4877B19-DF6B-4BF6-9C7C-87474074B683}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D4E21A8B-0AC5-4CF5-A68E-8303578CE436}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{D63D0A05-DDD9-4DF4-8C2E-60DB1B9D8BC6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D6BCDE36-0ED9-45D7-A5DC-BE01F2397F42}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{D97A8014-4FB4-439E-B92F-B64BBE7524A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{DB0EA775-24A9-4178-86AF-971592518E68}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DE2420EF-ADE4-4B28-8EB7-ABC3556F1E67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{E23BF0EC-8100-496C-9B49-4270A76E5D51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{E4D236A4-807D-4E1A-B2EA-3427640C5DF9}" = dir=in | app=c:\windows\system32\config\systemprofile\appdata\local\microsoft\skydrive\skydrive.exe |
"{E7ADBA66-A61D-4EF1-8ADB-5E99B0F3A9CF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7BAAB4F-2F19-4528-8C27-1E91F10B2AE1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F06C63B6-1D3F-4801-878C-3301A1F4CBEF}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F90D657D-1CF1-44AB-BC4C-9726E86C4228}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{F980F3C5-A557-4247-8190-0EAE257F463E}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{FAB070C9-A4F3-4881-A6DE-B375812314A7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{FE9E4F70-31F3-4465-BDD4-EBC39526CCB0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0407893F-352C-B182-E04A-A8C3333DA29B}" = AMD Drag and Drop Transcoding
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3145731D-C578-70ED-899F-7A670D2A6662}" = AMD Fuel
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}" = Trapcode Suite 64-bit
"{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8B10C8E-46F0-4C9A-A688-78B8A2F720BD}" = Windows Live Family Safety
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"Blender" = Blender
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{02454664-23E6-46B3-9CB3-30870AE3645E}" = Crysis®3 MP Open Beta
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}" = FIFA 13 Demo
"{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = AMD VISION Engine Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{884DF67C-F47D-4B09-B474-C3B7D51CA52A}" = Windows Live Family Safety
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E634921-4547-4CA9-AF79-08B735431C12}" = Play withSIX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer
"{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B2042D5E-986D-44EC-AEE3-AFE4108CCC93}" = Python 3.2
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.11 Game
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E320B23C-E9DC-377C-837E-D6D4BD27B169}" = Google Talk Plugin
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"FormatFactory" = FormatFactory 3.0.1
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031
"Google Chrome" = Google Chrome
"InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}" = Trapcode Suite 64-bit
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Opera 12.15.1748" = Opera 12.15
"Origin" = Origin
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.7
"PunkBusterSvc" = PunkBuster Services
"Steam App 12900" = Audiosurf
"Steam App 1840" = Source Filmmaker
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 206500" = AirMech
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218060" = BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien
"Steam App 224540" = Ace of Spades
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 240" = Counter-Strike: Source
"Steam App 33900" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 48000" = LIMBO
"Steam App 550" = Left 4 Dead 2
"Steam App 55040" = Atom Zombie Smasher
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 70300" = VVVVVV
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 7670" = BioShock
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Uplay" = Uplay
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.03.2013 19:20:13 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.03.2013 13:57:23 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.03.2013 22:23:37 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.03.2013 11:24:44 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.03.2013 20:25:06 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.03.2013 13:34:44 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.03.2013 13:18:47 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.04.2013 10:30:33 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.04.2013 12:13:41 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.04.2013 12:03:09 | Computer Name = Andreas-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 28.12.2012 09:38:56 | Computer Name = Andreas-PC | Source = bowser | ID = 8003
Description =
Error - 28.12.2012 13:28:47 | Computer Name = Andreas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 28.12.2012 13:30:25 | Computer Name = Andreas-PC | Source = bowser | ID = 8003
Description =
Error - 29.12.2012 09:47:49 | Computer Name = Andreas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 29.12.2012 09:50:23 | Computer Name = Andreas-PC | Source = bowser | ID = 8003
Description =
Error - 29.12.2012 10:55:03 | Computer Name = Andreas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 29.12.2012 10:56:29 | Computer Name = Andreas-PC | Source = bowser | ID = 8003
Description =
Error - 29.12.2012 14:35:50 | Computer Name = Andreas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 29.12.2012 14:38:51 | Computer Name = Andreas-PC | Source = bowser | ID = 8003
Description =
Error - 29.12.2012 15:34:13 | Computer Name = Andreas-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
< End of report >
[/CODE] OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.04.2013 15:40:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andreas\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 6,30 Gb Available Physical Memory | 78,92% Memory free 15,96 Gb Paging File | 14,09 Gb Available in Paging File | 88,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 160,00 Gb Total Space | 54,08 Gb Free Space | 33,80% Space Free | Partition Type: NTFS Drive D: | 771,51 Gb Total Space | 644,71 Gb Free Space | 83,56% Space Free | Partition Type: NTFS Computer Name: ANDREAS-PC | User Name: Andreas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.21 15:22:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andreas\Desktop\OTL.exe PRC - [2013.03.19 18:01:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.05.31 19:00:26 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2009.10.05 14:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe ========== Modules (No Company Name) ========== MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009.10.05 14:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe ========== Services (SafeList) ========== SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.12.19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2011.07.12 14:51:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService) SRV - [2013.04.14 03:35:35 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.13 21:14:59 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.19 18:01:37 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013.02.28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.05.31 19:00:26 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.02.12 23:01:36 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.06.20 10:32:00 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.05.29 15:55:40 | 000,640,344 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2012.05.25 19:38:48 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.05.25 19:30:34 | 000,027,992 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012.05.24 11:34:46 | 000,172,888 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2012.05.12 17:13:34 | 000,054,064 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2012.04.13 13:54:06 | 000,458,544 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:64bit: - [2012.04.12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.03.27 18:34:24 | 000,030,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.02.07 14:12:50 | 000,066,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV:64bit: - [2011.08.17 12:18:00 | 000,080,384 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:64bit: - [2011.08.17 12:18:00 | 000,057,088 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:64bit: - [2011.07.12 14:51:16 | 002,165,360 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2011.07.06 18:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011.06.16 21:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.06.16 21:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 22:35:03 | 000,192,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\eFE5b32e.sys -- (E100B) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.11.04 14:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune) DRV:64bit: - [2008.11.04 14:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (Magic Tune) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {003C3143-EED6-44EF-AA21-D2A7939CA8D9} IE:64bit: - HKLM\..\SearchScopes\{003C3143-EED6-44EF-AA21-D2A7939CA8D9}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {003C3143-EED6-44EF-AA21-D2A7939CA8D9} IE - HKLM\..\SearchScopes\{003C3143-EED6-44EF-AA21-D2A7939CA8D9}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://localoem.de.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 4A F4 35 E3 28 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {003C3143-EED6-44EF-AA21-D2A7939CA8D9} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.0.3382 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.09.18 18:07:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.09.18 18:07:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.09.18 18:07:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.09.18 18:07:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 21:14:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 21:14:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.12 00:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreas\AppData\Roaming\mozilla\Extensions [2013.03.10 13:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\y9jh2cl0.default\extensions [2013.03.10 13:27:14 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Andreas\AppData\Roaming\mozilla\firefox\profiles\y9jh2cl0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.13 21:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.18 18:07:22 | 000,000,000 | ---D | M] (反广告) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM [2013.04.13 21:14:59 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.10 14:53:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.10 14:53:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.10 14:53:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.10 14:53:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.10 14:53:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.10 14:53:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.56\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.56\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\plugin/npUrlAdvisor.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\plugin/online_banking_npapi.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\plugin/npABPlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Andreas\AppData\Roaming\Mozilla\plugins\npo1d.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\ CHR - Extension: Google Docs = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Facebook = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\ CHR - Extension: Google-Suche = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\ CHR - Extension: Google+ = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.0.1.424_0\ CHR - Extension: Google Kalender = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\ CHR - Extension: Chuck Anderson = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp\3_0\ CHR - Extension: AdBlock = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\ CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\ CHR - Extension: Google Maps = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\ CHR - Extension: Google Mail = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Anti-Banner = C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MagicTuneEngine] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKCU..\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1F1A19E-3D2B-42D4-A364-5159CE363B2C}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.21 15:22:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andreas\Desktop\OTL.exe [2013.04.19 14:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.04.18 15:16:26 | 000,000,000 | ---D | C] -- C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2013.04.18 15:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime [2013.04.17 15:19:12 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Andreas\Desktop\TDSSKiller.exe [2013.04.16 21:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avidemux 2.6 [2013.04.16 21:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux [2013.04.16 19:51:25 | 000,000,000 | ---D | C] -- C:\Users\Andreas\AppData\Roaming\avidemux [2013.04.14 21:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.13 21:14:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.24 00:00:02 | 000,000,000 | ---D | C] -- C:\Users\Andreas\Documents\Bioshock [2013.03.24 00:00:02 | 000,000,000 | ---D | C] -- C:\Users\Andreas\AppData\Roaming\Bioshock ========== Files - Modified Within 30 Days ========== [2013.04.21 15:39:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-551728064-1773113903-3793472962-1000UA.job [2013.04.21 15:37:40 | 000,000,000 | ---- | M] () -- C:\Users\Andreas\defogger_reenable [2013.04.21 15:24:10 | 000,377,856 | ---- | M] () -- C:\Users\Andreas\Desktop\gmer_2.1.19163.exe [2013.04.21 15:22:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andreas\Desktop\OTL.exe [2013.04.21 15:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.21 15:21:49 | 000,050,477 | ---- | M] () -- C:\Users\Andreas\Desktop\Defogger.exe [2013.04.21 15:01:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.21 14:36:42 | 000,024,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.21 14:36:42 | 000,024,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.21 14:33:47 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.21 14:33:47 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.21 14:33:47 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.21 14:33:47 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.21 14:33:47 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.21 14:29:59 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.21 14:29:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.21 14:29:28 | 2132,713,471 | -HS- | M] () -- C:\hiberfil.sys [2013.04.21 04:23:32 | 166,964,896 | ---- | M] () -- C:\Users\Andreas\Desktop\BF4wallpaper_ultra.png [2013.04.18 15:16:27 | 000,001,204 | ---- | M] () -- C:\Users\Andreas\Desktop\Format Factory.lnk [2013.04.16 21:00:46 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk [2013.04.14 20:15:25 | 000,027,552 | ---- | M] () -- C:\Users\Andreas\Documents\Track 1 - 1.sfk [2013.04.13 21:38:08 | 131,009,549 | ---- | M] () -- C:\Users\Andreas\Documents\Ohne Titel.mp4 [2013.04.13 21:10:51 | 004,893,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.13 15:40:32 | 011,948,965 | ---- | M] () -- C:\Users\Andreas\Desktop\01 - reunion .mp3 [2013.03.31 19:27:03 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013.03.31 19:27:03 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.03.31 19:26:42 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013.03.27 07:39:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-551728064-1773113903-3793472962-1000Core.job ========== Files Created - No Company Name ========== [2013.04.21 15:37:40 | 000,000,000 | ---- | C] () -- C:\Users\Andreas\defogger_reenable [2013.04.21 15:24:09 | 000,377,856 | ---- | C] () -- C:\Users\Andreas\Desktop\gmer_2.1.19163.exe [2013.04.21 15:21:48 | 000,050,477 | ---- | C] () -- C:\Users\Andreas\Desktop\Defogger.exe [2013.04.21 04:19:05 | 166,964,896 | ---- | C] () -- C:\Users\Andreas\Desktop\BF4wallpaper_ultra.png [2013.04.18 15:16:27 | 000,001,204 | ---- | C] () -- C:\Users\Andreas\Desktop\Format Factory.lnk [2013.04.16 21:00:46 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk [2013.04.14 20:15:25 | 000,027,552 | ---- | C] () -- C:\Users\Andreas\Documents\Track 1 - 1.sfk [2013.04.13 21:34:10 | 131,009,549 | ---- | C] () -- C:\Users\Andreas\Documents\Ohne Titel.mp4 [2013.04.13 21:25:20 | 011,948,965 | ---- | C] () -- C:\Users\Andreas\Desktop\01 - reunion .mp3 [2012.11.29 02:27:06 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.11.29 02:27:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.09.14 06:58:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.30 09:11:21 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.08.30 09:11:21 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.08.30 09:11:20 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.03.16 15:09:19 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.08.16 11:56:34 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.08.16 11:56:34 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.04.18 15:11:34 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\avidemux [2013.03.24 18:43:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Bioshock [2012.12.17 13:53:17 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Carbon [2013.03.14 21:14:55 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.11.22 12:45:25 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoft [2012.11.22 12:45:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers [2012.09.24 02:41:05 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech [2012.11.21 21:24:00 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera [2013.03.19 02:07:57 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Origin [2012.09.24 20:52:33 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Play withSIX [2012.10.16 12:26:38 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Publish Providers [2012.09.20 00:37:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\six-zsync [2012.11.18 15:38:23 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Sony [2012.12.02 02:52:28 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Sony Creative Software Inc [2013.04.21 14:33:29 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\uTorrent [2013.01.20 02:24:32 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Waterfox Limited ========== Purity Check ========== < End of report > [/CODE] Zitat:
Danke schonmal für deine Hilfe. PS: Ich benutze beide Festplatten; C/D. Ich hoffe, dass die Scans über beide Partitionen Auskunft geben :x |
|
22.04.2013, 16:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Schädlichen Link angeklickt. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.04.2013, 19:18
| #5 |
| | Schädlichen Link angeklickt. Gmer: Code:
ATTFilter GMER Logfile: Erster Mbar Log MIT Fund. Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.22.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Andreas :: ANDREAS-PC [administrator]
22.04.2013 19:48:24
mbar-log-2013-04-22 (19-48-24).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30752
Time elapsed: 10 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\Windows\System32\fsvk.exe.exe (Worm.Zhelatin) -> Delete on reboot.
(end)
Danach, zweiter Mbar Suchlauf ohne Fund. Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.22.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Andreas :: ANDREAS-PC [administrator]
22.04.2013 20:09:09
mbar-log-2013-04-22 (20-09-09).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30781
Time elapsed: 12 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
22.04.2013, 21:33
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Schädlichen Link angeklickt. aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Schädlichen Link angeklickt. |
|
23.04.2013, 00:02
| #7 |
| | Schädlichen Link angeklickt. aswMBR: Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-23 00:37:13
-----------------------------
00:37:13.482 OS Version: Windows x64 6.1.7601 Service Pack 1
00:37:13.482 Number of processors: 6 586 0x102
00:37:13.482 ComputerName: ANDREAS-PC UserName: Andreas
00:37:13.997 Initialize success
00:37:24.324 AVAST engine defs: 13042201
00:37:41.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
00:37:41.328 Disk 0 Vendor: Hitachi_ MS2O Size: 953869MB BusType: 11
00:37:41.406 Disk 0 MBR read successfully
00:37:41.406 Disk 0 MBR scan
00:37:41.422 Disk 0 Windows 7 default MBR code
00:37:41.422 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 163839 MB offset 2048
00:37:41.438 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 790028 MB offset 335544320
00:37:41.469 Disk 0 scanning C:\Windows\system32\drivers
00:37:48.426 Service scanning
00:38:03.402 Modules scanning
00:38:03.402 Disk 0 trace - called modules:
00:38:03.527 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
00:38:03.527 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800778c060]
00:38:04.042 3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> [0xfffffa8006aa2ac0]
00:38:04.042 5 amd_xata.sys[fffff880017edb3f] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa800748c6e0]
00:38:04.479 AVAST engine scan C:\Windows
00:38:05.555 AVAST engine scan C:\Windows\system32
00:40:00.247 AVAST engine scan C:\Windows\system32\drivers
00:40:09.388 AVAST engine scan C:\Users\Andreas
00:44:47.258 AVAST engine scan C:\ProgramData
00:46:08.674 Scan finished successfully
00:50:27.003 Disk 0 MBR has been saved successfully to "C:\Users\Andreas\Desktop\MBR.dat"
00:50:27.008 The log file has been saved successfully to "C:\Users\Andreas\Desktop\aswMBR.txt"
TDSSKiller: Code:
ATTFilter
00:54:29.0880 2040 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:54:30.0052 2040 ============================================================
00:54:30.0052 2040 Current date / time: 2013/04/23 00:54:30.0052
00:54:30.0052 2040 SystemInfo:
00:54:30.0052 2040
00:54:30.0052 2040 OS Version: 6.1.7601 ServicePack: 1.0
00:54:30.0052 2040 Product type: Workstation
00:54:30.0052 2040 ComputerName: ANDREAS-PC
00:54:30.0052 2040 UserName: Andreas
00:54:30.0052 2040 Windows directory: C:\Windows
00:54:30.0052 2040 System windows directory: C:\Windows
00:54:30.0052 2040 Running under WOW64
00:54:30.0052 2040 Processor architecture: Intel x64
00:54:30.0052 2040 Number of processors: 6
00:54:30.0052 2040 Page size: 0x1000
00:54:30.0052 2040 Boot type: Normal boot
00:54:30.0052 2040 ============================================================
00:54:30.0676 2040 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:54:30.0676 2040 ============================================================
00:54:30.0676 2040 \Device\Harddisk0\DR0:
00:54:30.0676 2040 MBR partitions:
00:54:30.0676 2040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x13FFF800
00:54:30.0676 2040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14000000, BlocksNum 0x60706000
00:54:30.0676 2040 ============================================================
00:54:30.0691 2040 C: <-> \Device\Harddisk0\DR0\Partition1
00:54:30.0738 2040 D: <-> \Device\Harddisk0\DR0\Partition2
00:54:30.0738 2040 ============================================================
00:54:30.0738 2040 Initialize success
00:54:30.0738 2040 ============================================================
00:55:21.0891 2512 ============================================================
00:55:21.0891 2512 Scan started
00:55:21.0891 2512 Mode: Manual; SigCheck; TDLFS;
00:55:21.0891 2512 ============================================================
00:55:22.0343 2512 ================ Scan system memory ========================
00:55:22.0343 2512 System memory - ok
00:55:22.0343 2512 ================ Scan services =============================
00:55:22.0530 2512 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:55:22.0624 2512 1394ohci - ok
00:55:22.0640 2512 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:55:22.0655 2512 ACPI - ok
00:55:22.0686 2512 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:55:22.0702 2512 AcpiPmi - ok
00:55:22.0827 2512 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:55:22.0842 2512 AdobeARMservice - ok
00:55:22.0936 2512 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:55:22.0967 2512 AdobeFlashPlayerUpdateSvc - ok
00:55:23.0014 2512 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:55:23.0045 2512 adp94xx - ok
00:55:23.0076 2512 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:55:23.0092 2512 adpahci - ok
00:55:23.0108 2512 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:55:23.0123 2512 adpu320 - ok
00:55:23.0154 2512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:55:23.0201 2512 AeLookupSvc - ok
00:55:23.0217 2512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:55:23.0248 2512 AFD - ok
00:55:23.0264 2512 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:55:23.0279 2512 agp440 - ok
00:55:23.0295 2512 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:55:23.0310 2512 ALG - ok
00:55:23.0342 2512 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:55:23.0342 2512 aliide - ok
00:55:23.0388 2512 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:55:23.0435 2512 AMD External Events Utility - ok
00:55:23.0498 2512 AMD FUEL Service - ok
00:55:23.0513 2512 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:55:23.0544 2512 amdide - ok
00:55:23.0560 2512 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:55:23.0591 2512 AmdK8 - ok
00:55:23.0747 2512 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:55:23.0888 2512 amdkmdag - ok
00:55:23.0919 2512 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:55:23.0966 2512 amdkmdap - ok
00:55:23.0997 2512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
00:55:24.0028 2512 AmdPPM - ok
00:55:24.0059 2512 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:55:24.0075 2512 amdsata - ok
00:55:24.0090 2512 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:55:24.0106 2512 amdsbs - ok
00:55:24.0106 2512 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:55:24.0122 2512 amdxata - ok
00:55:24.0137 2512 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
00:55:24.0153 2512 amd_sata - ok
00:55:24.0153 2512 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
00:55:24.0168 2512 amd_xata - ok
00:55:24.0215 2512 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:55:24.0231 2512 AODDriver4.2 - ok
00:55:24.0262 2512 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:55:24.0309 2512 AppID - ok
00:55:24.0324 2512 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:55:24.0356 2512 AppIDSvc - ok
00:55:24.0371 2512 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:55:24.0418 2512 Appinfo - ok
00:55:24.0496 2512 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:55:24.0512 2512 Apple Mobile Device - ok
00:55:24.0543 2512 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
00:55:24.0558 2512 arc - ok
00:55:24.0558 2512 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:55:24.0574 2512 arcsas - ok
00:55:24.0652 2512 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:55:24.0683 2512 aspnet_state - ok
00:55:24.0699 2512 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:55:24.0746 2512 AsyncMac - ok
00:55:24.0777 2512 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:55:24.0792 2512 atapi - ok
00:55:24.0839 2512 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:55:24.0870 2512 AtiHDAudioService - ok
00:55:24.0902 2512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:55:24.0980 2512 AudioEndpointBuilder - ok
00:55:24.0995 2512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:55:25.0026 2512 AudioSrv - ok
00:55:25.0073 2512 [ 6FDDD18A650764A59302A018765E5521 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
00:55:25.0104 2512 AVP - ok
00:55:25.0120 2512 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:55:25.0151 2512 AxInstSV - ok
00:55:25.0182 2512 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:55:25.0214 2512 b06bdrv - ok
00:55:25.0245 2512 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:55:25.0276 2512 b57nd60a - ok
00:55:25.0323 2512 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:55:25.0354 2512 BDESVC - ok
00:55:25.0354 2512 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:55:25.0416 2512 Beep - ok
00:55:25.0432 2512 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:55:25.0479 2512 BFE - ok
00:55:25.0494 2512 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:55:25.0557 2512 BITS - ok
00:55:25.0572 2512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
00:55:25.0604 2512 blbdrive - ok
00:55:25.0650 2512 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:55:25.0666 2512 Bonjour Service - ok
00:55:25.0682 2512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:55:25.0713 2512 bowser - ok
00:55:25.0744 2512 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
00:55:25.0775 2512 BrFiltLo - ok
00:55:25.0791 2512 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
00:55:25.0806 2512 BrFiltUp - ok
00:55:25.0838 2512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:55:25.0838 2512 Browser - ok
00:55:25.0853 2512 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:55:25.0884 2512 Brserid - ok
00:55:25.0900 2512 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:55:25.0916 2512 BrSerWdm - ok
00:55:25.0931 2512 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:55:25.0947 2512 BrUsbMdm - ok
00:55:25.0962 2512 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:55:25.0978 2512 BrUsbSer - ok
00:55:25.0994 2512 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:55:26.0009 2512 BTHMODEM - ok
00:55:26.0040 2512 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:55:26.0072 2512 bthserv - ok
00:55:26.0087 2512 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:55:26.0134 2512 cdfs - ok
00:55:26.0150 2512 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
00:55:26.0165 2512 cdrom - ok
00:55:26.0181 2512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:55:26.0228 2512 CertPropSvc - ok
00:55:26.0243 2512 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
00:55:26.0259 2512 circlass - ok
00:55:26.0274 2512 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:55:26.0290 2512 CLFS - ok
00:55:26.0337 2512 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:55:26.0368 2512 clr_optimization_v2.0.50727_32 - ok
00:55:26.0399 2512 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:55:26.0415 2512 clr_optimization_v2.0.50727_64 - ok
00:55:26.0462 2512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:55:26.0493 2512 clr_optimization_v4.0.30319_32 - ok
00:55:26.0493 2512 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:55:26.0508 2512 clr_optimization_v4.0.30319_64 - ok
00:55:26.0540 2512 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
00:55:26.0555 2512 CmBatt - ok
00:55:26.0571 2512 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:55:26.0586 2512 cmdide - ok
00:55:26.0618 2512 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
00:55:26.0664 2512 CNG - ok
00:55:26.0680 2512 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
00:55:26.0696 2512 Compbatt - ok
00:55:26.0711 2512 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:55:26.0742 2512 CompositeBus - ok
00:55:26.0742 2512 COMSysApp - ok
00:55:26.0758 2512 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:55:26.0774 2512 crcdisk - ok
00:55:26.0805 2512 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:55:26.0852 2512 CryptSvc - ok
00:55:26.0883 2512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:55:26.0961 2512 DcomLaunch - ok
00:55:26.0976 2512 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:55:27.0008 2512 defragsvc - ok
00:55:27.0023 2512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:55:27.0054 2512 DfsC - ok
00:55:27.0070 2512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:55:27.0101 2512 Dhcp - ok
00:55:27.0117 2512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:55:27.0148 2512 discache - ok
00:55:27.0195 2512 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
00:55:27.0210 2512 Disk - ok
00:55:27.0226 2512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:55:27.0242 2512 Dnscache - ok
00:55:27.0257 2512 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:55:27.0288 2512 dot3svc - ok
00:55:27.0304 2512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:55:27.0351 2512 DPS - ok
00:55:27.0366 2512 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:55:27.0398 2512 drmkaud - ok
00:55:27.0429 2512 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:55:27.0444 2512 DXGKrnl - ok
00:55:27.0460 2512 [ A6DB3A7828B456A574243066E2E77D8C ] E100B C:\Windows\system32\DRIVERS\efe5b32e.sys
00:55:27.0476 2512 E100B - ok
00:55:27.0476 2512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:55:27.0522 2512 EapHost - ok
00:55:27.0585 2512 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:55:27.0632 2512 ebdrv - ok
00:55:27.0647 2512 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:55:27.0694 2512 EFS - ok
00:55:27.0741 2512 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:55:27.0803 2512 ehRecvr - ok
00:55:27.0803 2512 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:55:27.0834 2512 ehSched - ok
00:55:27.0881 2512 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:55:27.0897 2512 elxstor - ok
00:55:27.0928 2512 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:55:27.0944 2512 ErrDev - ok
00:55:27.0959 2512 [ D182C5A0D436C8FD8C08A5424A3448FA ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
00:55:27.0975 2512 EtronHub3 - ok
00:55:27.0990 2512 [ CAD747ACEB8E693B3D92613655602219 ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
00:55:28.0022 2512 EtronXHCI - ok
00:55:28.0037 2512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:55:28.0100 2512 EventSystem - ok
00:55:28.0115 2512 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:55:28.0146 2512 exfat - ok
00:55:28.0146 2512 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:55:28.0178 2512 fastfat - ok
00:55:28.0209 2512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:55:28.0224 2512 Fax - ok
00:55:28.0240 2512 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
00:55:28.0256 2512 fdc - ok
00:55:28.0271 2512 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:55:28.0287 2512 fdPHost - ok
00:55:28.0302 2512 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:55:28.0334 2512 FDResPub - ok
00:55:28.0365 2512 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:55:28.0380 2512 FileInfo - ok
00:55:28.0396 2512 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:55:28.0490 2512 Filetrace - ok
00:55:28.0505 2512 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
00:55:28.0521 2512 flpydisk - ok
00:55:28.0521 2512 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:55:28.0536 2512 FltMgr - ok
00:55:28.0568 2512 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
00:55:28.0599 2512 FontCache - ok
00:55:28.0630 2512 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:55:28.0646 2512 FontCache3.0.0.0 - ok
00:55:28.0661 2512 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:55:28.0677 2512 FsDepends - ok
00:55:28.0692 2512 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:55:28.0708 2512 fssfltr - ok
00:55:28.0755 2512 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:55:28.0802 2512 fsssvc - ok
00:55:28.0817 2512 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:55:28.0833 2512 Fs_Rec - ok
00:55:28.0864 2512 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:55:28.0880 2512 fvevol - ok
00:55:28.0895 2512 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:55:28.0911 2512 gagp30kx - ok
00:55:28.0973 2512 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:55:28.0973 2512 GEARAspiWDM - ok
00:55:29.0004 2512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:55:29.0051 2512 gpsvc - ok
00:55:29.0114 2512 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:55:29.0145 2512 gupdate - ok
00:55:29.0145 2512 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:55:29.0145 2512 gupdatem - ok
00:55:29.0176 2512 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:55:29.0192 2512 hcw85cir - ok
00:55:29.0207 2512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:55:29.0223 2512 HDAudBus - ok
00:55:29.0238 2512 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
00:55:29.0254 2512 HidBatt - ok
00:55:29.0270 2512 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:55:29.0285 2512 HidBth - ok
00:55:29.0301 2512 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
00:55:29.0316 2512 HidIr - ok
00:55:29.0316 2512 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:55:29.0348 2512 hidserv - ok
00:55:29.0363 2512 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:55:29.0379 2512 HidUsb - ok
00:55:29.0394 2512 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:55:29.0426 2512 hkmsvc - ok
00:55:29.0441 2512 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:55:29.0457 2512 HomeGroupListener - ok
00:55:29.0472 2512 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:55:29.0504 2512 HomeGroupProvider - ok
00:55:29.0535 2512 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:55:29.0550 2512 HpSAMD - ok
00:55:29.0582 2512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:55:29.0644 2512 HTTP - ok
00:55:29.0660 2512 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:55:29.0675 2512 hwpolicy - ok
00:55:29.0691 2512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:55:29.0691 2512 i8042prt - ok
00:55:29.0706 2512 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:55:29.0722 2512 iaStorV - ok
00:55:29.0753 2512 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:55:29.0784 2512 idsvc - ok
00:55:29.0800 2512 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:55:29.0800 2512 iirsp - ok
00:55:29.0831 2512 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:55:29.0878 2512 IKEEXT - ok
00:55:29.0894 2512 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:55:29.0909 2512 intelide - ok
00:55:29.0925 2512 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
00:55:29.0940 2512 intelppm - ok
00:55:29.0956 2512 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:55:30.0003 2512 IPBusEnum - ok
00:55:30.0003 2512 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:55:30.0034 2512 IpFilterDriver - ok
00:55:30.0065 2512 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:55:30.0112 2512 iphlpsvc - ok
00:55:30.0128 2512 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:55:30.0143 2512 IPMIDRV - ok
00:55:30.0159 2512 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:55:30.0206 2512 IPNAT - ok
00:55:30.0252 2512 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:55:30.0268 2512 iPod Service - ok
00:55:30.0284 2512 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:55:30.0299 2512 IRENUM - ok
00:55:30.0315 2512 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:55:30.0330 2512 isapnp - ok
00:55:30.0346 2512 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:55:30.0362 2512 iScsiPrt - ok
00:55:30.0377 2512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:55:30.0377 2512 kbdclass - ok
00:55:30.0408 2512 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:55:30.0424 2512 kbdhid - ok
00:55:30.0424 2512 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:55:30.0440 2512 KeyIso - ok
00:55:30.0486 2512 [ 549F9D454E9E6697B108F16C569B505A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
00:55:30.0502 2512 KL1 - ok
00:55:30.0533 2512 [ 08DF1B7A82837B92096EC7597C00889A ] KLIF C:\Windows\system32\DRIVERS\klif.sys
00:55:30.0549 2512 KLIF - ok
00:55:30.0564 2512 [ A7DFA9A2554143667E830E8ABE452D70 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
00:55:30.0580 2512 KLIM6 - ok
00:55:30.0580 2512 [ E6FAA395058F7BAF0F3529CDBA9B7133 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
00:55:30.0596 2512 klkbdflt - ok
00:55:30.0596 2512 [ D398DABD44FDDDBED305442BB7BCDB29 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
00:55:30.0611 2512 klmouflt - ok
00:55:30.0611 2512 [ B9B2AEEE5E17B2CEBC034FF2748577A0 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
00:55:30.0627 2512 kltdi - ok
00:55:30.0627 2512 [ 8E880E08D7453DB58DAC36C2C48FFD45 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
00:55:30.0642 2512 kneps - ok
00:55:30.0658 2512 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:55:30.0674 2512 KSecDD - ok
00:55:30.0689 2512 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:55:30.0705 2512 KSecPkg - ok
00:55:30.0720 2512 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:55:30.0767 2512 ksthunk - ok
00:55:30.0783 2512 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:55:30.0814 2512 KtmRm - ok
00:55:30.0845 2512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:55:30.0892 2512 LanmanServer - ok
00:55:30.0892 2512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:55:30.0939 2512 LanmanWorkstation - ok
00:55:30.0970 2512 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
00:55:31.0001 2512 LGBusEnum - ok
00:55:31.0032 2512 [ 14179E7B64F8A17AEA464D4E2D271FAA ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
00:55:31.0032 2512 LGSHidFilt - ok
00:55:31.0079 2512 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
00:55:31.0095 2512 LGVirHid - ok
00:55:31.0110 2512 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:55:31.0173 2512 lltdio - ok
00:55:31.0204 2512 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:55:31.0235 2512 lltdsvc - ok
00:55:31.0251 2512 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:55:31.0282 2512 lmhosts - ok
00:55:31.0313 2512 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:55:31.0329 2512 LSI_FC - ok
00:55:31.0329 2512 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:55:31.0344 2512 LSI_SAS - ok
00:55:31.0360 2512 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:55:31.0376 2512 LSI_SAS2 - ok
00:55:31.0391 2512 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:55:31.0407 2512 LSI_SCSI - ok
00:55:31.0422 2512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:55:31.0454 2512 luafv - ok
00:55:31.0485 2512 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] Magic Tune C:\Windows\system32\Drivers\MtiCtwl.sys
00:55:31.0500 2512 Magic Tune - ok
00:55:31.0516 2512 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune C:\Windows\system32\drivers\MTiCtwl.sys
00:55:31.0532 2512 MagicTune - ok
00:55:31.0547 2512 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:55:31.0578 2512 Mcx2Svc - ok
00:55:31.0578 2512 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
00:55:31.0594 2512 megasas - ok
00:55:31.0625 2512 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
00:55:31.0641 2512 MegaSR - ok
00:55:31.0656 2512 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:55:31.0703 2512 MMCSS - ok
00:55:31.0703 2512 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:55:31.0750 2512 Modem - ok
00:55:31.0766 2512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:55:31.0781 2512 monitor - ok
00:55:31.0797 2512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:55:31.0812 2512 mouclass - ok
00:55:31.0828 2512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:55:31.0828 2512 mouhid - ok
00:55:31.0844 2512 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:55:31.0859 2512 mountmgr - ok
00:55:31.0890 2512 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:55:31.0922 2512 MozillaMaintenance - ok
00:55:31.0937 2512 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:55:31.0953 2512 mpio - ok
00:55:31.0953 2512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:55:31.0984 2512 mpsdrv - ok
00:55:32.0015 2512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:55:32.0046 2512 MpsSvc - ok
00:55:32.0062 2512 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:55:32.0078 2512 MRxDAV - ok
00:55:32.0093 2512 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:55:32.0109 2512 mrxsmb - ok
00:55:32.0124 2512 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:55:32.0156 2512 mrxsmb10 - ok
00:55:32.0171 2512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:55:32.0187 2512 mrxsmb20 - ok
00:55:32.0187 2512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:55:32.0202 2512 msahci - ok
00:55:32.0218 2512 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:55:32.0218 2512 msdsm - ok
00:55:32.0234 2512 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:55:32.0249 2512 MSDTC - ok
00:55:32.0280 2512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:55:32.0312 2512 Msfs - ok
00:55:32.0327 2512 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:55:32.0374 2512 mshidkmdf - ok
00:55:32.0374 2512 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:55:32.0390 2512 msisadrv - ok
00:55:32.0405 2512 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:55:32.0436 2512 MSiSCSI - ok
00:55:32.0436 2512 msiserver - ok
00:55:32.0452 2512 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:55:32.0499 2512 MSKSSRV - ok
00:55:32.0499 2512 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:55:32.0530 2512 MSPCLOCK - ok
00:55:32.0546 2512 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:55:32.0577 2512 MSPQM - ok
00:55:32.0592 2512 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:55:32.0608 2512 MsRPC - ok
00:55:32.0624 2512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:55:32.0624 2512 mssmbios - ok
00:55:32.0639 2512 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:55:32.0670 2512 MSTEE - ok
00:55:32.0670 2512 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
00:55:32.0686 2512 MTConfig - ok
00:55:32.0702 2512 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:55:32.0702 2512 Mup - ok
00:55:32.0733 2512 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:55:32.0780 2512 napagent - ok
00:55:32.0780 2512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:55:32.0811 2512 NativeWifiP - ok
00:55:32.0842 2512 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:55:32.0873 2512 NDIS - ok
00:55:32.0889 2512 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:55:32.0920 2512 NdisCap - ok
00:55:32.0936 2512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:55:32.0967 2512 NdisTapi - ok
00:55:32.0967 2512 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:55:32.0998 2512 Ndisuio - ok
00:55:33.0014 2512 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:55:33.0045 2512 NdisWan - ok
00:55:33.0060 2512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:55:33.0092 2512 NDProxy - ok
00:55:33.0107 2512 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:55:33.0138 2512 NetBIOS - ok
00:55:33.0154 2512 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:55:33.0185 2512 NetBT - ok
00:55:33.0201 2512 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:55:33.0201 2512 Netlogon - ok
00:55:33.0232 2512 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:55:33.0263 2512 Netman - ok
00:55:33.0294 2512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:55:33.0310 2512 NetMsmqActivator - ok
00:55:33.0310 2512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:55:33.0326 2512 NetPipeActivator - ok
00:55:33.0341 2512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:55:33.0388 2512 netprofm - ok
00:55:33.0388 2512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:55:33.0388 2512 NetTcpActivator - ok
00:55:33.0404 2512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:55:33.0404 2512 NetTcpPortSharing - ok
00:55:33.0419 2512 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:55:33.0435 2512 nfrd960 - ok
00:55:33.0450 2512 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:55:33.0466 2512 NlaSvc - ok
00:55:33.0482 2512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:55:33.0513 2512 Npfs - ok
00:55:33.0513 2512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:55:33.0560 2512 nsi - ok
00:55:33.0575 2512 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:55:33.0606 2512 nsiproxy - ok
00:55:33.0669 2512 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:55:33.0716 2512 Ntfs - ok
00:55:33.0731 2512 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:55:33.0762 2512 Null - ok
00:55:33.0778 2512 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:55:33.0794 2512 nvraid - ok
00:55:33.0809 2512 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:55:33.0825 2512 nvstor - ok
00:55:33.0856 2512 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:55:33.0887 2512 nv_agp - ok
00:55:33.0903 2512 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:55:33.0934 2512 ohci1394 - ok
00:55:33.0950 2512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:55:33.0965 2512 p2pimsvc - ok
00:55:33.0996 2512 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:55:34.0012 2512 p2psvc - ok
00:55:34.0028 2512 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
00:55:34.0028 2512 Parport - ok
00:55:34.0043 2512 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:55:34.0059 2512 partmgr - ok
00:55:34.0074 2512 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:55:34.0090 2512 PcaSvc - ok
00:55:34.0106 2512 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:55:34.0106 2512 pci - ok
00:55:34.0121 2512 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:55:34.0121 2512 pciide - ok
00:55:34.0137 2512 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:55:34.0152 2512 pcmcia - ok
00:55:34.0168 2512 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:55:34.0184 2512 pcw - ok
00:55:34.0199 2512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:55:34.0246 2512 PEAUTH - ok
00:55:34.0293 2512 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:55:34.0324 2512 PerfHost - ok
00:55:34.0371 2512 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:55:34.0418 2512 pla - ok
00:55:34.0449 2512 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:55:34.0464 2512 PlugPlay - ok
00:55:34.0480 2512 PnkBstrA - ok
00:55:34.0496 2512 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:55:34.0527 2512 PNRPAutoReg - ok
00:55:34.0527 2512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:55:34.0542 2512 PNRPsvc - ok
00:55:34.0574 2512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:55:34.0605 2512 PolicyAgent - ok
00:55:34.0620 2512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:55:34.0667 2512 Power - ok
00:55:34.0683 2512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:55:34.0730 2512 PptpMiniport - ok
00:55:34.0730 2512 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
00:55:34.0745 2512 Processor - ok
00:55:34.0761 2512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:55:34.0792 2512 ProfSvc - ok
00:55:34.0792 2512 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:55:34.0808 2512 ProtectedStorage - ok
00:55:34.0823 2512 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:55:34.0854 2512 Psched - ok
00:55:34.0901 2512 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:55:34.0932 2512 ql2300 - ok
00:55:34.0948 2512 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:55:34.0964 2512 ql40xx - ok
00:55:34.0979 2512 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:55:34.0995 2512 QWAVE - ok
00:55:35.0010 2512 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:55:35.0042 2512 QWAVEdrv - ok
00:55:35.0042 2512 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:55:35.0073 2512 RasAcd - ok
00:55:35.0104 2512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:55:35.0135 2512 RasAgileVpn - ok
00:55:35.0135 2512 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:55:35.0182 2512 RasAuto - ok
00:55:35.0198 2512 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:55:35.0229 2512 Rasl2tp - ok
00:55:35.0244 2512 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:55:35.0276 2512 RasMan - ok
00:55:35.0291 2512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:55:35.0322 2512 RasPppoe - ok
00:55:35.0338 2512 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:55:35.0369 2512 RasSstp - ok
00:55:35.0385 2512 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:55:35.0416 2512 rdbss - ok
00:55:35.0432 2512 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
00:55:35.0447 2512 rdpbus - ok
00:55:35.0463 2512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:55:35.0494 2512 RDPCDD - ok
00:55:35.0510 2512 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:55:35.0556 2512 RDPENCDD - ok
00:55:35.0556 2512 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:55:35.0588 2512 RDPREFMP - ok
00:55:35.0634 2512 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:55:35.0666 2512 RdpVideoMiniport - ok
00:55:35.0697 2512 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:55:35.0744 2512 RDPWD - ok
00:55:35.0759 2512 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:55:35.0790 2512 rdyboost - ok
00:55:35.0806 2512 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:55:35.0837 2512 RemoteAccess - ok
00:55:35.0853 2512 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:55:35.0884 2512 RemoteRegistry - ok
00:55:35.0900 2512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:55:35.0931 2512 RpcEptMapper - ok
00:55:35.0946 2512 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:55:35.0962 2512 RpcLocator - ok
00:55:35.0978 2512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:55:36.0009 2512 RpcSs - ok
00:55:36.0024 2512 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:55:36.0056 2512 rspndr - ok
00:55:36.0087 2512 [ 2E7D1CA91D62501713C9D6E6704395C6 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
00:55:36.0102 2512 RTHDMIAzAudService - ok
00:55:36.0118 2512 [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:55:36.0134 2512 RTL8167 - ok
00:55:36.0134 2512 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:55:36.0149 2512 SamSs - ok
00:55:36.0165 2512 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:55:36.0180 2512 sbp2port - ok
00:55:36.0196 2512 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:55:36.0243 2512 SCardSvr - ok
00:55:36.0258 2512 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:55:36.0290 2512 scfilter - ok
00:55:36.0321 2512 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:55:36.0368 2512 Schedule - ok
00:55:36.0383 2512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:55:36.0414 2512 SCPolicySvc - ok
00:55:36.0414 2512 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:55:36.0430 2512 SDRSVC - ok
00:55:36.0446 2512 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:55:36.0477 2512 secdrv - ok
00:55:36.0492 2512 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:55:36.0524 2512 seclogon - ok
00:55:36.0539 2512 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:55:36.0570 2512 SENS - ok
00:55:36.0586 2512 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:55:36.0602 2512 SensrSvc - ok
00:55:36.0617 2512 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
00:55:36.0633 2512 Serenum - ok
00:55:36.0664 2512 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
00:55:36.0695 2512 Serial - ok
00:55:36.0711 2512 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:55:36.0726 2512 sermouse - ok
00:55:36.0758 2512 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:55:36.0789 2512 SessionEnv - ok
00:55:36.0804 2512 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:55:36.0820 2512 sffdisk - ok
00:55:36.0820 2512 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:55:36.0836 2512 sffp_mmc - ok
00:55:36.0851 2512 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:55:36.0882 2512 sffp_sd - ok
00:55:36.0898 2512 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:55:36.0914 2512 sfloppy - ok
00:55:36.0929 2512 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:55:36.0976 2512 SharedAccess - ok
00:55:36.0992 2512 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:55:37.0023 2512 ShellHWDetection - ok
00:55:37.0054 2512 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:55:37.0054 2512 SiSRaid2 - ok
00:55:37.0085 2512 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:55:37.0085 2512 SiSRaid4 - ok
00:55:37.0163 2512 [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:55:37.0179 2512 SkypeUpdate - ok
00:55:37.0210 2512 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:55:37.0241 2512 Smb - ok
00:55:37.0257 2512 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:55:37.0272 2512 SNMPTRAP - ok
00:55:37.0288 2512 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:55:37.0288 2512 spldr - ok
00:55:37.0319 2512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:55:37.0335 2512 Spooler - ok
00:55:37.0382 2512 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:55:37.0444 2512 sppsvc - ok
00:55:37.0460 2512 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:55:37.0491 2512 sppuinotify - ok
00:55:37.0506 2512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:55:37.0522 2512 srv - ok
00:55:37.0538 2512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:55:37.0569 2512 srv2 - ok
00:55:37.0569 2512 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:55:37.0584 2512 srvnet - ok
00:55:37.0600 2512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:55:37.0631 2512 SSDPSRV - ok
00:55:37.0647 2512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:55:37.0678 2512 SstpSvc - ok
00:55:37.0709 2512 Steam Client Service - ok
00:55:37.0725 2512 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:55:37.0740 2512 stexstor - ok
00:55:37.0756 2512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:55:37.0787 2512 stisvc - ok
00:55:37.0803 2512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:55:37.0818 2512 swenum - ok
00:55:37.0834 2512 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:55:37.0881 2512 swprv - ok
00:55:37.0896 2512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:55:37.0943 2512 SysMain - ok
00:55:37.0943 2512 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:55:37.0974 2512 TabletInputService - ok
00:55:38.0006 2512 [ 796FFF20E497A65EF8C0DE94E5B0F70F ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
00:55:38.0021 2512 taphss6 - ok
00:55:38.0052 2512 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:55:38.0084 2512 TapiSrv - ok
00:55:38.0099 2512 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:55:38.0130 2512 TBS - ok
00:55:38.0177 2512 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:55:38.0224 2512 Tcpip - ok
00:55:38.0255 2512 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:55:38.0286 2512 TCPIP6 - ok
00:55:38.0318 2512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:55:38.0333 2512 tcpipreg - ok
00:55:38.0349 2512 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:55:38.0364 2512 TDPIPE - ok
00:55:38.0380 2512 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:55:38.0396 2512 TDTCP - ok
00:55:38.0411 2512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:55:38.0442 2512 tdx - ok
00:55:38.0458 2512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:55:38.0458 2512 TermDD - ok
00:55:38.0474 2512 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:55:38.0520 2512 TermService - ok
00:55:38.0536 2512 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:55:38.0567 2512 Themes - ok
00:55:38.0567 2512 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:55:38.0598 2512 THREADORDER - ok
00:55:38.0598 2512 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
00:55:38.0630 2512 TPM - ok
00:55:38.0645 2512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:55:38.0676 2512 TrkWks - ok
00:55:38.0723 2512 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:55:38.0770 2512 TrustedInstaller - ok
00:55:38.0770 2512 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:55:38.0801 2512 tssecsrv - ok
00:55:38.0848 2512 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:55:38.0879 2512 TsUsbFlt - ok
00:55:38.0910 2512 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
00:55:38.0926 2512 TsUsbGD - ok
00:55:38.0942 2512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:55:38.0973 2512 tunnel - ok
00:55:39.0004 2512 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:55:39.0004 2512 uagp35 - ok
00:55:39.0020 2512 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:55:39.0066 2512 udfs - ok
00:55:39.0098 2512 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:55:39.0113 2512 UI0Detect - ok
00:55:39.0129 2512 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:55:39.0144 2512 uliagpkx - ok
00:55:39.0176 2512 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:55:39.0191 2512 umbus - ok
00:55:39.0207 2512 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
00:55:39.0222 2512 UmPass - ok
00:55:39.0238 2512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:55:39.0285 2512 upnphost - ok
00:55:39.0316 2512 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:55:39.0332 2512 USBAAPL64 - ok
00:55:39.0378 2512 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:55:39.0425 2512 usbaudio - ok
00:55:39.0441 2512 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:55:39.0456 2512 usbccgp - ok
00:55:39.0472 2512 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:55:39.0488 2512 usbcir - ok
00:55:39.0503 2512 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:55:39.0519 2512 usbehci - ok
00:55:39.0534 2512 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
00:55:39.0566 2512 usbhub - ok
00:55:39.0581 2512 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:55:39.0597 2512 usbohci - ok
00:55:39.0597 2512 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:55:39.0612 2512 usbprint - ok
00:55:39.0628 2512 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:55:39.0644 2512 USBSTOR - ok
00:55:39.0659 2512 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:55:39.0675 2512 usbuhci - ok
00:55:39.0690 2512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:55:39.0722 2512 UxSms - ok
00:55:39.0722 2512 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:55:39.0737 2512 VaultSvc - ok
00:55:39.0737 2512 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:55:39.0753 2512 vdrvroot - ok
00:55:39.0768 2512 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:55:39.0815 2512 vds - ok
00:55:39.0815 2512 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:55:39.0831 2512 vga - ok
00:55:39.0831 2512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:55:39.0862 2512 VgaSave - ok
00:55:39.0893 2512 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:55:39.0909 2512 vhdmp - ok
00:55:39.0940 2512 [ 9DA8850BB123912C79D87564536B52A0 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
00:55:39.0987 2512 VIAHdAudAddService - ok
00:55:40.0002 2512 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:55:40.0002 2512 viaide - ok
00:55:40.0018 2512 [ 9C43B87FED8CF5A9BA2BF209429DF853 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
00:55:40.0018 2512 VIAKaraokeService - ok
00:55:40.0049 2512 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:55:40.0049 2512 volmgr - ok
00:55:40.0065 2512 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:55:40.0080 2512 volmgrx - ok
00:55:40.0080 2512 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:55:40.0096 2512 volsnap - ok
00:55:40.0127 2512 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:55:40.0127 2512 vsmraid - ok
00:55:40.0174 2512 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:55:40.0221 2512 VSS - ok
00:55:40.0252 2512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:55:40.0268 2512 vwifibus - ok
00:55:40.0283 2512 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:55:40.0314 2512 W32Time - ok
00:55:40.0330 2512 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:55:40.0346 2512 WacomPen - ok
00:55:40.0361 2512 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:55:40.0408 2512 WANARP - ok
00:55:40.0408 2512 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:55:40.0439 2512 Wanarpv6 - ok
00:55:40.0470 2512 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:55:40.0502 2512 wbengine - ok
00:55:40.0517 2512 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:55:40.0533 2512 WbioSrvc - ok
00:55:40.0548 2512 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:55:40.0580 2512 wcncsvc - ok
00:55:40.0595 2512 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:55:40.0611 2512 WcsPlugInService - ok
00:55:40.0626 2512 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
00:55:40.0642 2512 Wd - ok
00:55:40.0673 2512 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:55:40.0689 2512 Wdf01000 - ok
00:55:40.0704 2512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:55:40.0751 2512 WdiServiceHost - ok
00:55:40.0751 2512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:55:40.0767 2512 WdiSystemHost - ok
00:55:40.0782 2512 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:55:40.0798 2512 WebClient - ok
00:55:40.0829 2512 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:55:40.0860 2512 Wecsvc - ok
00:55:40.0876 2512 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:55:40.0923 2512 wercplsupport - ok
00:55:41.0001 2512 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:55:41.0063 2512 WerSvc - ok
00:55:41.0079 2512 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:55:41.0110 2512 WfpLwf - ok
00:55:41.0126 2512 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:55:41.0126 2512 WIMMount - ok
00:55:41.0141 2512 WinDefend - ok
00:55:41.0157 2512 WinHttpAutoProxySvc - ok
00:55:41.0188 2512 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:55:41.0235 2512 Winmgmt - ok
00:55:41.0266 2512 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:55:41.0328 2512 WinRM - ok
00:55:41.0375 2512 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:55:41.0406 2512 WinUsb - ok
00:55:41.0438 2512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:55:41.0469 2512 Wlansvc - ok
00:55:41.0562 2512 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:55:41.0609 2512 wlidsvc - ok
00:55:41.0625 2512 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:55:41.0640 2512 WmiAcpi - ok
00:55:41.0656 2512 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:55:41.0672 2512 wmiApSrv - ok
00:55:41.0703 2512 WMPNetworkSvc - ok
00:55:41.0718 2512 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:55:41.0734 2512 WPCSvc - ok
00:55:41.0734 2512 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:55:41.0750 2512 WPDBusEnum - ok
00:55:41.0765 2512 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:55:41.0781 2512 ws2ifsl - ok
00:55:41.0796 2512 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:55:41.0812 2512 wscsvc - ok
00:55:41.0828 2512 WSearch - ok
00:55:41.0859 2512 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:55:41.0906 2512 wuauserv - ok
00:55:41.0937 2512 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:55:41.0952 2512 WudfPf - ok
00:55:41.0968 2512 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:55:41.0984 2512 WUDFRd - ok
00:55:41.0999 2512 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:55:42.0015 2512 wudfsvc - ok
00:55:42.0030 2512 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:55:42.0046 2512 WwanSvc - ok
00:55:42.0062 2512 ================ Scan global ===============================
00:55:42.0077 2512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:55:42.0108 2512 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:55:42.0108 2512 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:55:42.0140 2512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:55:42.0155 2512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:55:42.0155 2512 [Global] - ok
00:55:42.0171 2512 ================ Scan MBR ==================================
00:55:42.0171 2512 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:55:42.0436 2512 \Device\Harddisk0\DR0 - ok
00:55:42.0436 2512 ================ Scan VBR ==================================
00:55:42.0452 2512 [ 348FF9067F36FE5DC4048ACAF957C355 ] \Device\Harddisk0\DR0\Partition1
00:55:42.0452 2512 \Device\Harddisk0\DR0\Partition1 - ok
00:55:42.0483 2512 [ 6AF750FB0FFACCC1E0C5D707EAE58279 ] \Device\Harddisk0\DR0\Partition2
00:55:42.0483 2512 \Device\Harddisk0\DR0\Partition2 - ok
00:55:42.0483 2512 ============================================================
00:55:42.0483 2512 Scan finished
00:55:42.0483 2512 ============================================================
00:55:42.0498 4148 Detected object count: 0
00:55:42.0498 4148 Actual detected object count: 0
|
|
23.04.2013, 09:04
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Schädlichen Link angeklickt. Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
muss so etwas sein? 
:strin:
Linear-Darstellung
