| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Coin Miner,msdcsc entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.06.2013, 19:50
| #1 |
 |  Coin Miner,msdcsc entfernen Hallo habe schon ein passendes Thema gefunden allerdings wurde es nicht beendet bzw keine Lösung gefunden. Mein Problem ist das auf meinem Pc Coin Miner und msdcsc.exe sind. Habe schon MBAM scanen gelassen und OTL hat auch schon gescannt hier die Auswertung von OTL.txt : Code:
ATTFilter OTL logfile created on: 08.06.2013 20:18:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fabian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,78% Memory free 15,83 Gb Paging File | 12,99 Gb Available in Paging File | 82,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 108,95 Gb Free Space | 23,40% Space Free | Partition Type: NTFS Computer Name: FABIAN-PC | User Name: Fabian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Fabian\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe (Adobe Systems Incorporated) PRC - C:\Users\Fabian\AppData\Local\Temp\82267msdcsc.exe () PRC - C:\Users\Fabian\AppData\Local\Temp\32992msdcsc.exe () PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe (Blabbers Communications Ltd) PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe () PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () PRC - C:\Users\Fabian\AppData\Roaming\BrowserCompanion\tbhcn.exe () PRC - C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Users\Fabian\AppData\Local\Temp\82267msdcsc.exe () MOD - C:\Users\Fabian\AppData\Local\Temp\32992msdcsc.exe () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MOD - C:\Users\Fabian\AppData\Roaming\BrowserCompanion\tbhcn.exe () MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll () MOD - C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe () MOD - C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll () MOD - C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll () MOD - C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll () MOD - C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll () ========== Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (BsUpdate) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) SRV - (RzOvlMon) -- C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe (Razer) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Web Assistant) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe () SRV - (BsFire) -- c:\Programme\BullGuard Ltd\BullGuard\BsFire.dll (BullGuard Ltd.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (BsMain) -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.) SRV - (BsScanner) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.) SRV - (BsBhvScan) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.) SRV - (BsFileScan) -- c:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll (BullGuard Ltd.) SRV - (BsMailProxy) -- c:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll (BullGuard Ltd.) SRV - (BsBackup) -- C:\Programme\BullGuard Ltd\BullGuard\BsBackup.dll (BullGuard Ltd.) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (OfficeSvc) -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (cFosSpeedS) -- C:\Programme\ASRock\XFast LAN\spd.exe (cFos Software GmbH) SRV - (nlsvc) -- C:\Programme\NetLimiter 3\nlsvc.exe (Locktime Software) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc) DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc) DRV:64bit: - (RzDxgk) -- C:\Windows\SysNative\drivers\RzDxgk.sys (Razer USA Ltd) DRV:64bit: - (RzFilter) -- C:\Windows\SysNative\drivers\RzFilter.sys (Razer USA Ltd) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (AFW) -- C:\Windows\SysNative\drivers\afw.sys (Agnitum Ltd.) DRV:64bit: - (afwcore) -- C:\Windows\SysNative\drivers\afwcore.sys (Agnitum Ltd.) DRV:64bit: - (BdNet) -- C:\Windows\SysNative\drivers\BdNet.sys (BullGuard Ltd.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (BdSpy) -- C:\Windows\SysNative\drivers\BdSpy.sys (BullGuard Ltd.) DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.) DRV:64bit: - (NovaShieldFilterDriver) -- C:\Windows\SysNative\drivers\NSKernel.sys (NovaShield, Inc.) DRV:64bit: - (NovaShieldTDIDriver) -- C:\Windows\SysNative\drivers\NSNetmon.sys (NovaShield, Inc.) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (FNETTBOH_305) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS (FNet Co., Ltd.) DRV:64bit: - (FNETURPX) -- C:\Windows\SysNative\drivers\FNETURPX.SYS (FNet Co., Ltd.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (VirtuWDDM) -- C:\Windows\SysNative\drivers\VirtuWDDM.sys (Lucidlogix Inc.) DRV:64bit: - (cFosSpeed) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech) DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech) DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software) DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech) DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech) DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (Arctosa) -- C:\Windows\SysNative\drivers\Arctosa.sys (Razer USA Ltd.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.) DRV - (nltdi) -- C:\Programme\NetLimiter 3\nltdi.sys (Locktime Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (tandpl) -- C:\Windows\SysWOW64\drivers\tandpl.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_3312_6&babsrc=HP_ss&mntrId=50877b67000000000000bc5ff41a74a3 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/go/x0m [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=122304&tt=gc_&babsrc=HP_ss&mntrId=5087BC5FF41A74A3 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 46 A7 B4 BC 44 CD 01 [binary data] IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=122304&tt=gc_&babsrc=SP_ss&mntrId=5087BC5FF41A74A3 IE - HKCU\..\SearchScopes\{32D25FF0-DED2-4F55-8808-D75183262EC7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=6E7F53E6-DA4D-4DD5-BECC-02892B368336&apn_sauid=B69CFF74-9B41-4718-BB59-06F8B6687D05 IE - HKCU\..\SearchScopes\{407B02DB-A303-4e4a-BCAA-D1DE53A58BFE}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb203?a=6OyWybSbU9&search={searchTerms}&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;<local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10 FF - prefs.js..browser.startup.homepage: FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Fabian\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Fabian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Fabian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013.03.04 18:35:40 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013.03.04 18:35:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013.03.04 18:35:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2012.10.28 00:59:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox [2013.03.04 18:35:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.15 18:03:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\files32\backup\thunderbirdbkplugin [2012.11.15 20:50:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2012.11.15 20:50:18 | 000,000,000 | ---D | M] [2012.08.13 18:07:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Extensions [2013.06.08 18:29:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions [2013.03.15 15:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2013.02.23 16:27:07 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions\bbrs_002@blabbers.com [2013.03.17 14:07:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions\ffxtlbr@babylon.com [2013.03.17 14:08:50 | 000,000,000 | ---D | M] (Pagealicious) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions\Pagealicious [2013.02.20 22:05:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\a7zvye9k.default\extensions\staged [2012.10.27 21:41:39 | 000,002,515 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\ask-search.xml [2012.11.10 23:15:25 | 000,002,308 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\askcom.xml [2013.05.30 01:21:47 | 000,006,503 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\babylon.xml [2012.08.14 19:30:50 | 000,002,227 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\BabylonMngr.xml [2013.05.01 22:04:45 | 000,006,481 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\BrowserProtect.xml [2013.03.17 14:07:33 | 000,001,300 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\claro.xml [2013.05.30 01:22:09 | 000,001,294 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\delta.xml [2013.06.08 18:25:14 | 000,002,120 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\MyStart Search.xml [2013.02.20 22:06:28 | 000,002,060 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\a7zvye9k.default\searchplugins\softonic.xml [2012.08.13 18:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- C:\USERS\FABIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A7ZVYE9K.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.17 14:07:18 | 000,006,478 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.delta-search.com/?affID=122304&tt=gc_&babsrc=HP_ss&mntrId=5087BC5FF41A74A3 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Fabian\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Fabian\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Fabian\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - Extension: YouTube = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Ginyas Browser Companion = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\ CHR - Extension: Google-Suche = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Web Assistant = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.573_0\ CHR - Extension: Logitech-Gerteerkennung = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\ CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fclefogcenncfmmekelnpgpehiglcjln\1.2.1_0\ CHR - Extension: Stylish = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.1_0\ CHR - Extension: AdBlock = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\ CHR - Extension: Gravity Duck = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.3.0_0\ CHR - Extension: Vid-Saver = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.23.102_0\crossrider CHR - Extension: Vid-Saver = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.23.102_0\ CHR - Extension: Google Mail = C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found. O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation) O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Arctosa] C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.) O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKCU..\Run: [32992msdcsc.exe] C:\Users\Fabian\AppData\Local\Temp\32992msdcsc.exe () O4 - HKCU..\Run: [82267msdcsc.exe] C:\Users\Fabian\AppData\Local\Temp\82267msdcsc.exe () O4 - HKCU..\Run: [AcroRd32] C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe () O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [rundll32] C:\Users\Fabian\AppData\Local\Temp\MSDCSC\msdcsc.exe () O4 - HKCU..\Run: [Spotify Web Helper] "C:\Users\Fabian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" File not found O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk = File not found O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Fabian\AppData\Roaming\BrowserCompanion\tbhcn.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.) O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B21C34B-3B2A-4FD8-BF09-539620025832}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC905FBF-6003-4722-9B68-D197B46315A4}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll BgGamingMonitor.dll) - C:\Programme\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\progra~1\bullgu~1\bullgu~1\files32\bgagent.dll) - c:\Programme\BullGuard Ltd\BullGuard\Files32\BgAgent.dll (BullGuard Ltd.) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0e11c6f2-6d3c-11e2-809e-bc5ff41a74a3}\Shell - "" = AutoRun O33 - MountPoints2\{0e11c6f2-6d3c-11e2-809e-bc5ff41a74a3}\Shell\AutoRun\command - "" = E:\pushinst.exe O33 - MountPoints2\{66af8288-db46-11e1-89e2-bc5ff41a74a3}\Shell - "" = AutoRun O33 - MountPoints2\{66af8288-db46-11e1-89e2-bc5ff41a74a3}\Shell\AutoRun\command - "" = E:\pushinst.exe O33 - MountPoints2\{975e702c-a59b-11e1-8394-bc5ff41a74a3}\Shell - "" = AutoRun O33 - MountPoints2\{975e702c-a59b-11e1-8394-bc5ff41a74a3}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.08 20:09:03 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\dclogs [2013.06.08 19:31:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fabian\Desktop\OTL.exe [2013.06.08 19:11:05 | 000,000,000 | -HSD | C] -- C:\Users\Fabian\AppData\Roaming\msnmsg [2013.06.08 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\Fabian\Documents\Simply Super Software [2013.06.08 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\Simply Super Software [2013.06.08 19:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2013.06.08 19:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2013.06.08 19:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2013.06.08 19:05:18 | 001,169,224 | -HS- | C] (Microsoft Corporation) -- C:\Users\Fabian\AppData\Roaming\M5Q9IL20WA.exe [2013.06.08 19:03:39 | 012,311,184 | ---- | C] (Simply Super Software ) -- C:\Users\Fabian\Desktop\trjsetup685.exe [2013.06.08 18:50:38 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\Malwarebytes [2013.06.08 18:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.08 18:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.08 18:50:32 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.06.08 18:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.08 18:50:08 | 000,000,000 | -HSD | C] -- C:\Users\Fabian\AppData\Roaming\Acrobat [2013.06.08 18:47:56 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Fabian\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.08 18:19:00 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.06.08 18:18:58 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.06.08 18:18:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.06.08 18:18:58 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.06.08 18:18:58 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.06.08 18:18:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.06.08 18:18:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.06.08 18:18:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.06.08 18:18:55 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.06.08 18:18:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.06.08 18:18:54 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.06.08 18:02:39 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Local\DriverTuner [2013.06.08 14:09:06 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\GetRightToGo [2013.06.08 13:30:03 | 000,031,232 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys [2013.06.08 11:58:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.06.08 11:58:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.06.08 11:58:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.06.08 11:58:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.06.08 11:58:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.06.08 11:58:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.06.08 11:58:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.06.08 11:58:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.06.08 11:58:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.06.08 11:58:24 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.06.08 11:58:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.06.08 11:58:24 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.06.08 11:58:24 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.06.08 11:58:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.06.08 11:58:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.06.08 11:50:36 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.06.08 11:50:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.06.08 11:50:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.06.08 11:50:36 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.06.08 11:49:55 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.06.08 11:49:55 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.06.08 11:49:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.06.08 11:49:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.06.08 11:49:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.06.08 11:49:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.06.08 11:49:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.06.08 11:48:35 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.06.08 11:48:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.06.08 11:48:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.06.08 11:46:30 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.06.08 11:46:29 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.06.08 11:46:29 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.06.08 11:46:29 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.06.08 11:46:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.06.08 11:46:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.06.08 10:42:53 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\WindowsLogon [2013.06.07 23:09:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Realtek0 [2013.06.05 15:59:19 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\Awesomium [2013.06.05 15:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2013.06.05 15:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios [2013.06.05 15:58:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios [2013.06.03 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Local\NVIDIA [2013.06.03 15:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013.06.03 15:01:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013.06.03 15:00:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2013.06.03 15:00:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2013.06.03 14:59:21 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.06.03 14:59:21 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.06.03 14:59:21 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.06.03 14:59:21 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013.06.03 14:59:21 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013.06.03 14:59:21 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.06.03 14:59:21 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.06.03 14:59:21 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.06.03 14:59:21 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.06.03 14:59:21 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.06.03 14:59:21 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.06.03 14:59:21 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.06.03 14:59:21 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.06.03 14:59:21 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432018.dll [2013.06.03 14:59:21 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432018.dll [2013.06.03 14:59:21 | 000,925,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.06.03 14:59:21 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.06.03 14:59:21 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.06.03 14:59:21 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.06.03 14:59:21 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.06.03 14:59:21 | 000,266,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.06.03 14:59:21 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.06.03 14:59:21 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.06.03 14:59:21 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013.06.03 14:59:21 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.06.03 14:59:21 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013.06.03 14:01:30 | 000,000,000 | ---D | C] -- C:\Users\Fabian\Documents\Remedy [2013.05.31 11:47:12 | 000,000,000 | ---D | C] -- C:\Users\Fabian\Documents\Telltale Games [2013.05.30 01:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect [2013.05.30 01:21:31 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\ExpressFiles [2013.05.30 01:19:15 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Local\iLivid [2013.05.17 05:17:30 | 000,126,464 | ---- | C] (Razer Inc) -- C:\Windows\SysNative\drivers\rzudd.sys [2013.05.17 05:17:28 | 000,031,232 | ---- | C] (Razer Inc) -- C:\Windows\SysNative\drivers\rzendpt.sys [2013.05.17 05:14:34 | 000,154,112 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rztouchdll.dll [2013.05.17 05:14:34 | 000,056,832 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdevinfo.dll [2013.05.17 05:14:30 | 000,766,976 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdevicedll.dll [2013.05.17 05:14:30 | 000,117,248 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdisplaydll.dll [2013.05.17 05:14:28 | 000,296,448 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzaudiodll.dll [2013.05.14 21:43:25 | 009,195,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2013.05.12 15:43:36 | 000,566,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.05.11 14:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.11 14:01:35 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.05.11 14:01:31 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.11 14:01:31 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.05.11 14:01:31 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.05.10 20:04:50 | 000,000,000 | ---D | C] -- C:\tmp [2013.05.10 19:42:16 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\Blender Foundation [2013.05.09 21:53:47 | 000,000,000 | ---D | C] -- C:\Users\Fabian\.thumbnails [2013.05.09 21:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation [2013.05.09 21:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation [2013.05.09 21:06:09 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\Google [2013.05.09 21:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2013.05.09 21:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 8 [2013.05.09 21:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.08 20:15:38 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 20:15:38 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 20:15:05 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job [2013.06.08 20:09:23 | 000,000,032 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\Local [2013.06.08 20:08:28 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job [2013.06.08 20:08:25 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job [2013.06.08 20:08:08 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Runner.job [2013.06.08 20:08:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job [2013.06.08 20:07:52 | 000,000,480 | ---- | M] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD [2013.06.08 20:07:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.08 20:07:35 | 2078,801,919 | -HS- | M] () -- C:\hiberfil.sys [2013.06.08 19:55:03 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3485898032-1890299033-1484769855-1000UA.job [2013.06.08 19:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.08 19:31:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fabian\Desktop\OTL.exe [2013.06.08 19:11:27 | 000,000,056 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\mbam.context.scan [2013.06.08 19:05:55 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2013.06.08 19:05:38 | 012,311,184 | ---- | M] (Simply Super Software ) -- C:\Users\Fabian\Desktop\trjsetup685.exe [2013.06.08 18:50:33 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.08 18:49:25 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Fabian\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.08 18:25:49 | 000,001,086 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk [2013.06.08 18:15:09 | 000,000,916 | ---- | M] () -- C:\Users\Fabian\AppData\Roaming\EasyToolz.ini [2013.06.08 13:00:18 | 000,487,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.06.08 12:55:45 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3485898032-1890299033-1484769855-1000Core.job [2013.06.08 12:12:16 | 001,633,540 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.08 12:12:16 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.08 12:12:16 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.08 12:12:16 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.08 12:12:16 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.06 13:19:49 | 000,282,512 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.06.06 13:19:47 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.06.04 13:25:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf [2013.06.04 13:25:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf [2013.05.17 05:17:30 | 000,126,464 | ---- | M] (Razer Inc) -- C:\Windows\SysNative\drivers\rzudd.sys [2013.05.17 05:17:28 | 000,031,232 | ---- | M] (Razer Inc) -- C:\Windows\SysNative\drivers\rzendpt.sys [2013.05.17 05:14:34 | 000,154,112 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rztouchdll.dll [2013.05.17 05:14:34 | 000,056,832 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdevinfo.dll [2013.05.17 05:14:30 | 000,766,976 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdevicedll.dll [2013.05.17 05:14:30 | 000,117,248 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdisplaydll.dll [2013.05.17 05:14:28 | 000,296,448 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzaudiodll.dll [2013.05.14 21:43:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.14 21:43:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.14 21:43:25 | 009,195,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2013.05.12 23:42:27 | 027,775,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.05.12 23:42:27 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.05.12 23:42:27 | 021,096,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.05.12 23:42:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.05.12 23:42:27 | 015,910,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013.05.12 23:42:27 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013.05.12 23:42:27 | 013,403,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013.05.12 23:42:27 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013.05.12 23:42:27 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.05.12 23:42:27 | 007,682,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.05.12 23:42:27 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.05.12 23:42:27 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.05.12 23:42:27 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.05.12 23:42:27 | 002,935,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013.05.12 23:42:27 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.05.12 23:42:27 | 002,597,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013.05.12 23:42:27 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.05.12 23:42:27 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.05.12 23:42:27 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432018.dll [2013.05.12 23:42:27 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432018.dll [2013.05.12 23:42:27 | 001,059,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013.05.12 23:42:27 | 000,925,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.05.12 23:42:27 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.05.12 23:42:27 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.05.12 23:42:27 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.05.12 23:42:27 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.05.12 23:42:27 | 000,266,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.05.12 23:42:27 | 000,218,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.05.12 23:42:27 | 000,214,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.05.12 23:42:27 | 000,181,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.05.12 23:42:27 | 000,020,536 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013.05.12 22:34:14 | 006,491,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013.05.12 22:34:14 | 003,514,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013.05.12 22:34:12 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013.05.12 22:34:12 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013.05.12 22:34:11 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013.05.12 15:43:36 | 000,566,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.05.11 14:01:24 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.05.11 14:01:23 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.05.11 14:01:23 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.05.11 14:01:23 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.05.11 14:01:23 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.11 14:01:23 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.08 20:09:23 | 000,000,032 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\Local [2013.06.08 20:07:52 | 000,000,480 | ---- | C] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD [2013.06.08 19:11:27 | 000,000,056 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\mbam.context.scan [2013.06.08 19:05:55 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2013.06.08 18:50:33 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.08 18:12:46 | 000,000,916 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\EasyToolz.ini [2013.06.08 10:43:01 | 000,001,086 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk [2013.06.04 13:25:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf [2013.06.04 13:25:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf [2013.05.01 11:19:22 | 000,034,816 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\RZR_00208e6943aabcb45c048e5a9758.db [2013.04.07 20:39:04 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013.03.15 15:30:46 | 000,000,288 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\.backup.dm [2013.03.14 20:36:53 | 000,000,600 | ---- | C] () -- C:\Users\Fabian\PUTTY.RND [2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.11.21 21:27:55 | 000,007,597 | ---- | C] () -- C:\Users\Fabian\AppData\Local\Resmon.ResmonCfg [2012.11.13 14:53:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.11.08 20:16:32 | 000,583,306 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\technic-launcher.jar.bak [2012.11.08 20:16:32 | 000,581,168 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\technic-launcher.jar [2012.10.25 13:40:44 | 000,282,512 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.10.25 13:40:42 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.09.25 15:34:00 | 001,145,382 | ---- | C] () -- C:\Users\Fabian\AppData\Local\Tempmusic.ogg [2012.08.13 16:32:24 | 000,001,441 | ---- | C] () -- C:\Windows\chhm-pdd48.ini [2012.08.13 16:26:51 | 000,000,856 | ---- | C] () -- C:\Users\Fabian\AppData\Local\recently-used.xbel [2012.08.05 22:21:53 | 000,007,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\enodpl.sys [2012.08.05 22:21:52 | 000,004,736 | ---- | C] () -- C:\Windows\SysWow64\drivers\tandpl.sys [2012.07.01 19:19:01 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.06.19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012.05.30 18:43:47 | 000,017,408 | ---- | C] () -- C:\Users\Fabian\AppData\Local\WebpageIcons.db [2012.05.24 19:41:55 | 000,000,412 | ---- | C] () -- C:\Users\Fabian\AppData\Roaming\All CPU Meter_Settings.ini [2012.05.24 14:21:14 | 000,001,424 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini [2012.05.24 14:21:14 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini [2012.05.24 14:21:14 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini [2012.05.24 14:21:12 | 000,190,464 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.05.24 14:21:12 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2012.05.24 14:18:38 | 000,000,003 | ---- | C] () -- C:\Users\Fabian\AppData\Local\user_data.ini [2012.05.24 14:12:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.05.24 14:12:01 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.05.24 14:12:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.11.08 12:39:38 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll [2011.08.11 04:06:32 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.29 15:59:12 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\.minecraft [2012.10.01 13:18:36 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\.Nitrous [2012.12.05 21:54:28 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\.techniclauncher [2012.07.26 00:35:00 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\.terasology [2013.06.08 18:50:08 | 000,000,000 | -HSD | M] -- C:\Users\Fabian\AppData\Roaming\Acrobat [2012.05.28 16:58:28 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Alle meine Passworte [2013.04.17 19:01:35 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\AtomZombieData [2013.06.05 15:59:19 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Awesomium [2013.02.01 01:26:30 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Babylon [2013.05.10 19:42:16 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Blender Foundation [2013.06.08 20:18:53 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\BrowserCompanion [2012.12.13 21:08:50 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\BullGuard [2012.12.09 15:13:30 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Carbon [2013.06.08 20:09:03 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\dclogs [2013.02.26 22:10:08 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\de.3m5.wendel.flcd.FLCDB.FC622282278C06838B5CD08883589F2C8AB9EEDC.1 [2012.05.31 19:25:08 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\DeviceVm [2013.02.11 02:29:18 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Downloaded Installations [2013.06.08 18:30:51 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\DVDVideoSoft [2012.11.22 19:26:25 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Easy Thumbnails [2013.03.15 15:30:31 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\eBayDesktopShortcut [2013.01.12 20:22:50 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Engelmann Media [2013.05.30 01:21:40 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\ExpressFiles [2013.06.07 23:10:03 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\FileZilla [2013.06.08 14:09:19 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\GetRightToGo [2012.11.22 19:55:52 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Hobbyist Software [2013.02.22 19:41:26 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\iFunbox_UserCache [2012.09.19 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\IrfanView [2012.05.24 12:43:05 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Leadertech [2012.12.05 21:54:22 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\logs [2012.07.03 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\LolClient [2012.06.02 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\LolClient2 [2013.06.08 19:11:05 | 000,000,000 | -HSD | M] -- C:\Users\Fabian\AppData\Roaming\msnmsg [2012.10.06 00:15:13 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Nokia [2012.11.22 20:10:39 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\OpenCandy [2013.03.14 20:41:21 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\OpenOffice.org [2012.12.08 21:21:12 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Origin [2012.06.23 10:49:18 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\PC Suite [2013.02.01 01:41:51 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\PerformerSoft [2013.03.06 15:18:52 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\raidcall [2013.02.10 12:49:13 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Razer [2013.04.08 17:07:01 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\SanDisk [2013.03.16 19:55:52 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\SanDisk SecureAccess [2012.12.15 14:19:30 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Screaming Bee [2012.10.28 00:04:50 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\SecondLife [2013.06.08 19:06:01 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Simply Super Software [2012.06.24 13:36:40 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\six-zsync [2013.05.09 11:58:02 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Sony Online Entertainment [2012.08.13 17:25:49 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Spirited Machine [2012.06.07 20:09:07 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\SPORE [2013.06.08 16:38:36 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Spotify [2012.07.01 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Stardock [2012.06.20 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Teeworlds [2012.10.03 17:07:48 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\thriXXX [2012.07.03 16:29:04 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\TrueCrypt [2012.11.05 16:29:46 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\TS3Client [2012.11.22 20:15:19 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\TuneUp Software [2013.06.08 19:21:18 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\WindowsLogon ========== Purity Check ========== ========== Files - Unicode (All) ========== [2013.01.19 16:44:38 | 000,001,024 | ---- | M] ()(C:\Users\Fabian\AppData\Local\PMB Fik?s) -- C:\Users\Fabian\AppData\Local\PMB Fik聥s [2013.01.19 16:44:38 | 000,001,024 | ---- | C] ()(C:\Users\Fabian\AppData\Local\PMB Fik?s) -- C:\Users\Fabian\AppData\Local\PMB Fik聥s ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:CB0AACC9 < End of report > |
|
08.06.2013, 19:52
| #2 |
| /// Malware-holic   | Coin Miner,msdcsc entfernen Hi,
__________________otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKCU..\Run: [rundll32] C:\Users\Fabian\AppData\Local\Temp\MSDCSC\msdcsc.exe ()
O4 - HKCU..\Run: [AcroRd32] C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AcroRd32] C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AcroRd32] C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [82267msdcsc.exe] C:\Users\Fabian\AppData\Local\Temp\82267msdcsc.exe ()
O4 - HKCU..\Run: [32992msdcsc.exe] C:\Users\Fabian\AppData\Local\Temp\32992msdcsc.exe ()
[2013.06.08 20:09:03 | 000,000,000 | ---D | C] -- C:\Users\Fabian\AppData\Roaming\dclogs
[2013.06.08 19:05:18 | 001,169,224 | -HS- | C] (Microsoft Corporation) -- C:\Users\Fabian\AppData\Roaming\M5Q9IL20WA.exe
:files
C:\Users\Fabian\AppData\Local\Temp\MSDCSC
C:\Users\Fabian\AppData\Roaming\Acrobat
C:\Users\Fabian\AppData\Roaming\Acrobat
:Commands
[emptytemp]
Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
08.06.2013, 19:52
| #3 |
| | Coin Miner,msdcsc entfernen Extras.txt:
__________________Code:
ATTFilter OTL Extras logfile created on: 08.06.2013 20:18:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fabian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,78% Memory free
15,83 Gb Paging File | 12,99 Gb Available in Paging File | 82,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 108,95 Gb Free Space | 23,40% Space Free | Partition Type: NTFS
Computer Name: FABIAN-PC | User Name: Fabian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C0475E-7B72-46E1-A586-E9B6E39E3A6E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0FF4C4DF-D55A-40D5-8699-708EB3DBA8F1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FF6A0B9-07B2-46D3-91B3-5A7A8E8D565D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{43E29356-22F0-47AD-A491-2E8414F1BFAB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A0EF280-F752-410B-8762-ACD3123B98FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63A7DC8B-F722-4D07-96B9-24F55F0ED05B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6566CC95-643D-456E-8CE5-9FF155E53A0E}" = lport=138 | protocol=17 | dir=in | app=system |
"{688E1440-4E1D-40F9-A6AA-4ED61F9BE9D5}" = rport=139 | protocol=6 | dir=out | app=system |
"{74A4D958-350E-48DA-AE61-DE41DDBBB31A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78460461-0F97-4C13-8EC6-07175ADFFCF9}" = lport=139 | protocol=6 | dir=in | app=system |
"{7EEA1AC2-B620-4748-964A-F24834AC83EE}" = lport=445 | protocol=6 | dir=in | app=system |
"{8C81D55C-283C-4FA8-9CBA-D959A5487B36}" = lport=10243 | protocol=6 | dir=in | app=system |
"{98FEC081-7B3F-4047-A795-3FAF0A5E42CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A34259D4-1C13-40D0-9162-62EE88CB9D4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABEBF008-AE30-4000-A085-7F2FC0B82973}" = rport=137 | protocol=17 | dir=out | app=system |
"{B22C4422-F339-4DD7-BEAD-85F9A0FF7882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B525976E-E44C-457D-9024-B50B1D3BBA8B}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC8BA62A-823A-48C4-9E2E-2C8F5443D266}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C09AB0F4-74F6-4FA6-95CB-CFFD7D607D9A}" = rport=138 | protocol=17 | dir=out | app=system |
"{DDA8F6F9-B0E1-478C-B5F2-38AD99ABC64A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E32F35A0-BC7B-4BA7-B229-B6FCE839BC88}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E43C00BE-D819-40A1-9258-7F65F75F1D5E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{E58AA575-8AA4-44E9-81BD-36F59AFB33A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0BD6E67-FB76-4DED-A87B-FE6D86B70EE9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C7A906-5DEA-46C5-B8CC-A5478C9FFD25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep1\wallacegromit101.exe |
"{04FEF248-A67A-40CA-8CCF-892D4A71BE83}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{059CAC44-0D4E-438E-8296-AC2A277CA1F4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{0D9D2A1C-426D-4185-91C5-EC466B27AA4E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{0DC1C999-E0F4-41C8-A1B7-E29CAFBAEBB9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{0E2E214B-0718-4076-9F6E-7681BF5B6B75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E720C65-B6F8-4311-AF43-178923C9E42F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{12D79C5D-8351-43D9-9E56-6BFFC1666B0D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{1318D643-6F20-4498-9469-83D8EE36858B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13842B8E-E457-4B28-BFD3-E459E0BD8EF9}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc streamer\mdnsresponder.exe |
"{16F8A8B5-CD6E-48C4-8A3F-F89EA7A7C105}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep4\wallacegromit104.exe |
"{17F1B815-2EFB-4142-9469-35FD5454CCB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{191468C4-15D1-4F33-A833-A5F8F9B3B8C9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{197E7431-AE17-40D0-8E0F-76B1F59B9EFB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1A91988E-77F5-4B52-A8A7-990C4DA72909}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{1E56F566-D28A-4B00-A2C7-1641DC660D57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airforte\data\airforte.exe |
"{1E837585-652F-42ED-B663-F45FD5F2CC67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep3\wallacegromit103.exe |
"{1F632E48-1399-47BC-99AF-9EC9F83F34AA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F8E9433-03A6-4DD1-A83C-C1BEB2FD7577}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{266855C2-81D6-418D-987B-1618A80DAF58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{2A161A71-C6CF-4B6F-832A-EC2C26175F3C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{2A183B9B-4DD6-4999-A861-C8FBFA0C18F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{2A4CA343-E987-41C4-9432-0D85E77B4666}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{2A7BFC67-C1EA-41FC-A399-A64A5914A724}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{2C0C2835-3D6F-4D08-B73A-F8D12559675D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F4DD163-A1F0-4173-9F5F-FA8A10553583}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{31A722C5-3EE5-4846-B19D-54B9B27F7CB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airforte\data\airforte.exe |
"{334DBB40-3726-4FB2-B7BB-7E4AF2D1B560}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{342B08BC-A7E5-4A8C-921B-956B9A163B78}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{34F45429-DE7B-4DB1-8C95-C7DC02157165}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{380B3662-469A-40B3-8176-912F38C925E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{39473C15-BB15-4F24-BBFA-F5C0A5DE1CBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{3AEDE667-AF92-4612-95FC-7134F11D542C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3E669EBB-EAF3-4F8E-9077-9A6EA694C163}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{3F3B53DC-64AC-49E9-8C08-7FF299B9901E}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{3F7432B1-C752-49EC-AA40-F0E8AAC04164}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{3F7D76BB-4782-4D85-B62A-0C08E8AFDA5E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\medal of honor warfighter\mohw.exe |
"{444D55CA-717B-4ED4-8712-324E27577E92}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{45B7FBB7-D359-433A-81F7-EC0D9471821B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{48AF3327-832D-42B3-ABD2-04FF05529419}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{4A8D5575-28ED-4BC1-AA5C-571A03700B39}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep1\wallacegromit101.exe |
"{4B1B028E-3C68-4C75-A1D1-C09A9A93F9E7}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher1.exe |
"{4B9241C0-5F4D-4273-BAC1-420F6B11F9C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep2\wallacegromit102.exe |
"{4CBB2B00-6425-4674-A7E8-FAA908C3C4E5}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher1.exe |
"{4D419B23-FD40-4397-8E90-4D191D8746CD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D4F65E6-7499-419D-8826-D17CE8918597}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4D76262C-274A-4C99-A85B-FCECC77FBB2A}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{55D36B7C-3386-463B-95D5-7F31628D51F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5972CF0D-CDC4-4B29-A1AE-D5FE14CD5DD1}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5AA567B4-12CF-4FB5-9C1B-F93B6FE216E9}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{5B0C844D-A709-41E0-9AAD-5CDBBFD2F22F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{5C2296BE-0AAA-4F87-B168-2182537930ED}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{5E9846D7-6F17-4FB5-9C4D-23A4CAC11D30}" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\akamai\netsession_win.exe |
"{5E9BB59B-5616-413B-973F-FC255A4053B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{61C7BDCD-71A2-4DAF-BA64-D0980C512561}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6226E14A-F1C8-4E93-9EA0-9985E83C3D82}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{623190EE-2DF2-4BDC-AC05-8B604E2AE3FF}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{6481526C-E24E-4E2A-A562-8E84EF969DB5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{6A76578F-F31C-4A3A-9240-9C8AAB069629}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{70B045DC-5F70-475F-84C8-73753620C031}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71CB00D2-DF1B-48F8-8FE7-606A45C82136}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{749EE999-FB3A-40DD-9A2C-43B0D74D0795}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{752A4FB0-1F43-4F7D-A884-5A64CA323BE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{78F69B4B-CE06-49D0-BCF6-48B80999C42C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{79FB0048-FD4B-489E-8D95-FAFDE7801169}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7B79A55E-7515-48F5-8052-5178C2455B8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{7CCC1726-9CFA-41AF-BFF7-70AFDC41EE49}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{804257B4-F946-4CCD-ADB1-AB4698DF4F69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8145BB86-5DD9-4305-97DD-BF17679F0F6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{821E8E77-35E5-4384-9DE1-3336F4194EE2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{857ABEFB-634B-4160-B9DB-43F1707550C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85B6F6E8-A090-4E80-BE76-36E87E0E8C9E}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{8945C972-931C-48EE-AB09-E2AD8D745E8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8A3A25A8-01D9-47C5-84BB-C216AE34895C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8AC2F353-41A8-403E-ACF0-83CB68983143}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{8CD01BDF-6A52-4766-9776-9E841E7608A0}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{8D3EF20A-1E7C-44BD-8828-7A5CB9B0E91B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{8E1C8DED-7D93-423F-AD04-2E488B089516}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector episode 1\hector101.exe |
"{8EBA13AE-49B4-4529-BDE8-725E3AE37267}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8F493007-59F8-4CB8-AA35-196E8FC60B58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep3\wallacegromit103.exe |
"{9137EFF0-BD81-4B70-B713-2BDEA989F65E}" = protocol=6 | dir=in | name=mc tdp |
"{914A4A5A-467C-479F-BC61-A6BD57451A2D}" = protocol=17 | dir=in | name=mc udp |
"{91B4A46D-6D96-4DC3-AF56-C744AB24B07B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{9558687C-D557-48B4-A81B-DE7CA83955D6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{9748E8B0-46D9-4580-984C-A94C735730AA}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{99C02B56-FFCB-469E-94C1-1A149A84BF34}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B2DEA81-A08A-4FF0-8B84-015132368EB4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9B533948-9651-4839-A23A-4D565250A817}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9CEFBB2C-2267-4A25-8D32-31E07B48B60C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{9D0F81EE-BA97-43A7-AB49-A8F109F91C5F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9D82BC2E-FF58-4BD0-84DE-9BEA56A4256B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{A3F07ADD-B6B6-47ED-B147-0229A33A1110}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc streamer\vlc streamer configuration.exe |
"{A852E488-445A-4985-AD29-04EB1AF8AE4E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A88B51C9-4605-4E18-B24E-09DD22D04501}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{AA85C98F-4D56-42C7-A4D0-818CB698395D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{AAD901E8-9CFE-4035-B0A5-45210181264C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{AE449C63-5478-41D0-9D63-B865C216BDE5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AFA64A5C-B12A-4856-84C5-B18E1DDEE084}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\medal of honor warfighter\mohw.exe |
"{B4E3AC02-C625-4ADC-96FE-C804D30B1624}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{B887A15C-D822-40D6-A318-50A0E0CBCAC2}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{BB939239-55C8-4898-B7A2-C6FC3F0488AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C1C45D48-C72D-465F-9ABB-F6FF83E8E8E4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C642549D-C181-428E-9265-63A838AE901A}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{C7F96920-243A-416C-92E2-390284ADE3F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CD5AE668-C43A-4F83-9B88-1BB8F6D65EF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector episode 1\hector101.exe |
"{CD95B12F-41D4-4C65-AE0D-279C21846063}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{D02F437D-4A17-42F0-9A22-20D94A62D1C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1B66B5E-CE2E-4C18-AB95-6D8BE4047EE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D3C1330D-7DD2-4FAC-8C39-C428B46E175A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{D52519AB-D77A-4970-91C9-ABB93C06333F}" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\akamai\netsession_win.exe |
"{D6961109-95A8-4BB3-BB39-CB2AADC6C0C5}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{D874E4E0-B2F2-4359-9A3A-1CF19446D22E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep4\wallacegromit104.exe |
"{D91147B2-4F61-4321-BFF4-9AB594B74668}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{DE255ABA-2A9E-4473-9488-AC59F59BEF75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep2\wallacegromit102.exe |
"{E19EE700-6BD8-41CE-A5B5-A59D960E6E8F}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{E2FBF41B-127F-4418-BA09-95457A8B5CC4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{E6378F91-0C7E-4AD8-830F-EF66538A3401}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{E9476A17-336D-4A40-BDC4-0D84F3AED99E}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E984455C-31C7-42D9-9178-1CC9C57DC148}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{E9CADF4E-FDBC-4E49-A6DE-88F6B631648F}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\devicesetup.exe |
"{E9F4F016-1FDE-48A6-8753-D744C1198C55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EA43A660-DECF-425F-89B6-49C0AF89E7B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{EBDB6826-DEF2-4E6C-8630-D3B4E89CFC63}" = protocol=6 | dir=out | app=system |
"{EC53F5A0-9EE8-47BC-906C-E44DC4DBA8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{ED23419A-EB4D-4739-B2CB-A28211A6A587}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFE16EDF-B789-434A-8CE9-550F3F6460DA}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\hpnetworkcommunicator.exe |
"{F16AC757-5516-4EE0-A430-50C634AB0D1E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{F4CE2DB0-F99E-407F-B475-4B7A11E4FC6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FDAD265F-3C95-4449-8C2D-4A03E46A34C5}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{FDF23DF5-5546-49C6-91DC-D195F61710E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{FEA2EAD0-2CD7-41D3-94AC-CC7A4F711D70}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"TCP Query User{0136348C-BF9B-4A32-BF5F-30609B6D8121}C:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe |
"TCP Query User{083FBD11-C329-42FE-9388-36ACA6D62B6A}C:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe |
"TCP Query User{097A1033-2CC6-4F7B-9523-2859F9A3C9B9}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{0A819CD6-6F70-4EDA-94D5-7F65B26B82BD}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"TCP Query User{1D2E8A30-6F60-4758-94E6-10FCBEBBC244}C:\users\fabian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\akamai\netsession_win.exe |
"TCP Query User{2A42BF2F-D85D-4311-B431-8A64A18A50B7}C:\users\fabian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\roaming\spotify\spotify.exe |
"TCP Query User{2F275784-B2A3-4C04-91A9-0A8A1CCEAEA3}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{2FA25496-A70F-4C0D-BCF1-BD8C9595C7EE}C:\program files (x86)\ubisoft\xiii\system\xiii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\xiii\system\xiii.exe |
"TCP Query User{3B4F8B9F-8C97-4529-AB3E-D56CC8BEF0DC}C:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe |
"TCP Query User{3C1C3D80-C17F-4597-8107-0F5A7AB98684}C:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmunitedforever\tmforever.exe |
"TCP Query User{3DAEEF68-A04C-4C1C-B386-1A8953D7A970}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"TCP Query User{45E0DC29-F7DC-47E8-AC12-737947A9CFB6}C:\program files (x86)\team17\worms 2\frontend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\team17\worms 2\frontend.exe |
"TCP Query User{4C1B3D2B-8C20-4C57-A46E-25D1D4D78F77}C:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe |
"TCP Query User{53702275-C954-449D-8D23-D01EFAA0DC29}C:\users\fabian\desktop\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\guild wars 2\gw2.exe |
"TCP Query User{54363B56-3D1B-4470-9A3A-295BAEBFE264}C:\users\fabian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\roaming\spotify\spotify.exe |
"TCP Query User{66CBB960-DA6B-49AA-BCDE-88F4C57F8111}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"TCP Query User{6C4775B1-9B18-49D9-90FE-BBE1E506208F}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{71394FF0-85AA-47F3-9EAC-69B10ABE38DC}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{99D1B461-EE0B-4C34-BE36-BA43730FC2D8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{A4065F8B-B496-4B91-AE4D-75FB6AF8AD50}C:\users\fabian\desktop\spiele\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\fabian\desktop\spiele\guild wars 2\gw2.exe |
"TCP Query User{AEECB13C-FC77-402D-851D-58741CA4C6BE}C:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmunitedforever\tmforever.exe |
"TCP Query User{BD2FDC44-8E32-4250-AA23-B9629FECE508}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"TCP Query User{BFB83684-7F3C-4E1F-8650-5A95501E4727}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{DC472359-E342-4787-B26E-2BB20D15D8C4}C:\users\fabian\appdata\local\temp\rar$exa0.170\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\temp\rar$exa0.170\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe |
"TCP Query User{DCC9958F-05A1-4DDB-92AE-B9193A64E35D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{E4657D13-07EE-4819-A85A-F8F00D7DC3FC}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{F9852E57-4454-4314-A1A2-E1F992CED39A}C:\users\fabian\appdata\local\temp\rar$exa0.027\survivers_beta_3.exe" = protocol=6 | dir=in | app=c:\users\fabian\appdata\local\temp\rar$exa0.027\survivers_beta_3.exe |
"UDP Query User{16B8B3D8-FD5D-49D2-9DBE-2605D9CC7DD1}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{18190CA8-01C6-4358-BEB0-7332F9AC9473}C:\users\fabian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1C3CBF17-FEF4-4D39-ACCF-BC3F5B7BC449}C:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmunitedforever\tmforever.exe |
"UDP Query User{1F706D98-3D04-4FAA-80D5-FF981028DEF1}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{2820604F-E23D-4FEB-AA11-A67B4B1E9BCF}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"UDP Query User{3FDE79BF-F3B1-4F60-B0A4-1BD9717FA6B8}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{48D13E88-3674-4A97-9205-5C3A0A1EA0F7}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"UDP Query User{4A0666B2-5077-4C7A-99E5-E8F52EE28298}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"UDP Query User{621E30B8-DEAD-4449-BDF3-0EFA5FB2FAA6}C:\users\fabian\desktop\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\guild wars 2\gw2.exe |
"UDP Query User{6309E64D-471B-41B6-BF75-52E57F85F4AB}C:\users\fabian\appdata\local\temp\rar$exa0.170\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\temp\rar$exa0.170\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe |
"UDP Query User{672D3A9F-F456-4D18-A68D-AE8F5EE5DB6C}C:\users\fabian\desktop\spiele\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\spiele\guild wars 2\gw2.exe |
"UDP Query User{73E13BFE-A6B7-4FD4-A0DA-F50AB9E28480}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{7BA1E02B-7E71-4169-A361-78B68119EE6C}C:\users\fabian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{7BD0B291-E974-4666-91AC-5782CCB70C96}C:\program files (x86)\team17\worms 2\frontend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\team17\worms 2\frontend.exe |
"UDP Query User{8C0231FE-C5FC-4D77-9041-6B7A53B35E66}C:\users\fabian\appdata\local\temp\rar$exa0.027\survivers_beta_3.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\local\temp\rar$exa0.027\survivers_beta_3.exe |
"UDP Query User{9E82D9AF-29C2-48F8-B597-CD5684236B0D}C:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe |
"UDP Query User{AC0E9B34-232F-4F18-82C0-BB066C2ACF36}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"UDP Query User{B458A061-24A1-4BF4-B693-47EB73FED130}C:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\*\spiele\guild wars 2\gw2.exe |
"UDP Query User{BF20FDED-86ED-4D49-B42B-D198418174BA}C:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe |
"UDP Query User{C152BE24-41C9-45DF-8D9F-7DC5E87FF24F}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{D4AC6DB3-14D8-4D78-9246-C978E346D5C7}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D8C47059-6AD9-4F0A-A849-B143F334DEA2}C:\program files (x86)\ubisoft\xiii\system\xiii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\xiii\system\xiii.exe |
"UDP Query User{E5F6991C-AFC5-4D87-9EB1-6AA08659DBA0}C:\users\fabian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\fabian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F2342B56-FBFB-41EF-9EF0-2B096A9443D3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{F6D3DF2E-D0B8-4CAA-891D-0A64F9D3C17D}C:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\fabian\desktop\*\spiele\sonstige\guild wars 2\gw2.exe |
"UDP Query User{FA61BDBE-BB3A-43C6-B378-6BFDECF2CB59}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{FD6F3950-A90C-492B-A9FE-C829CE2163E6}C:\program files (x86)\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmunitedforever\tmforever.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{50150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6B44AEB-3F57-45D7-9A89-5020135CBF90}" = Studie zur Verbesserung von HP Officejet 6600 Produkten
"{C768E610-4DFB-4A60-A59B-71549EB7BF75}" = HP Officejet 6600 - Grundlegende Software für das Gerät
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"Blender" = Blender
"BullGuard" = BullGuard
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Office Professional 15 (Technical Preview) - en-us" = Microsoft Office 365 Home Premium Preview - en-us
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VIRTU_is1" = VIRTU 1.2.106
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
"XFast LAN" = XFast LAN v6.61
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}" = Razer Arctosa
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{42BC0474-6E50-464A-8183-5E3D32E41B1B}" = XIII
"{48379835-BF2E-4487-9CB1-D5E654502B53}" = Medal of Honor™ Warfighter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}" = System Requirements Lab for Intel
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{72376EB6-0189-45B3-A4F6-823F549697C3}" = MOUSE Editor
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}" = Zoo Tycoon 2 - Ultimate Collection
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFB907F5-C0E6-4753-8284-DE955EF86AC2}" = THX TruStudio
"{B8F4A45C-581C-4707-8EF2-2B9E6722270C}" = SketchUp 8
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C818BA3A-226F-4ED0-9CEF-96A0DF300211}" = HP Officejet 6600 Hilfe
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F30787F6-EA4F-4BC8-0001-398BDCC33E1E}" = MovieSaver*3.0
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCD3BA7F-0DFA-2679-44D2-0EC11238AF9D}" = Fragen-Lern-CD 4.3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AJCompressCopy" = AJScreensaver
"Akamai" = Akamai NetSession Interface
"AllemeinePassworte" = Alle meine Passworte 3.20
"aTube Catcher" = aTube Catcher
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"de.3m5.wendel.flcd.FLCDB.FC622282278C06838B5CD08883589F2C8AB9EEDC.1" = Fragen-Lern-CD 4.3
"Downloader" = Downloader
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.6.0
"GinyasBrowserCompanion" = GinyasBrowserCompanion
"Guild Wars" = GUILD WARS
"HP Photo Creations" = HP Photo Creations
"iFunbox_is1" = iFunbox (v2.1.2228.731), iFunbox DevTeam
"InstallShield_{72376EB6-0189-45B3-A4F6-823F549697C3}" = Mouse Editor
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MySSID_is1" = EXPERTool 7.21
"nfsDigitalPaintClockWhite New Free Screensaver_is1" = NewFreeScreensaver nfsDigitalPaintClockWhite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RaidCall" = RaidCall
"Razer Core" = Razer Core
"Steam App 107100" = Bastion
"Steam App 108710" = Alan Wake
"Steam App 113200" = The Binding of Isaac
"Steam App 205790" = Dota 2 Test
"Steam App 206500" = AirMech
"Steam App 207610" = The Walking Dead
"Steam App 31100" = Wallace & Gromit Ep 1: Fright of the Bumblebees
"Steam App 31110" = Wallace & Gromit Ep 2: The Last Resort
"Steam App 31120" = Wallace & Gromit Ep 3: Muzzled!
"Steam App 31130" = Wallace & Gromit Ep 4: The Bogey Man
"Steam App 43110" = Metro 2033
"Steam App 4570" = Warhammer 40,000: Dawn of War - Game of the Year Edition
"Steam App 49520" = Borderlands 2
"Steam App 55000" = Flotilla
"Steam App 55020" = Air Forte
"Steam App 55040" = Atom Zombie Smasher
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 65800" = Dungeon Defenders
"Steam App 72000" = Closure
"Steam App 94600" = Hector: Ep 1
"Steam App 94610" = Hector: Ep 2
"Steam App 94620" = Hector: Ep 3
"TmNationsForever_is1" = TmNationsForever
"TmUnitedForever_is1" = TmUnitedForever
"Trojan Remover_is1" = Trojan Remover 6.8.6
"TrueCrypt" = TrueCrypt
"Uplay" = Uplay
"WNLT" = IB Updater Service
"XFastUsb" = XFastUsb
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"SOE-C:/Users/Fabian/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2" = gamelauncher-ps2-live
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.06.2013 07:01:36 | Computer Name = Fabian-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2013 08:49:30 | Computer Name = Fabian-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fabian\Desktop\*\SoftonicDownloader_fuer_winds-pro.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 08.06.2013 08:50:56 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: rads_user_kernel.exe, Version:
0.0.0.0, Zeitstempel: 0x4e65c1ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b8554
ID
des fehlerhaften Prozesses: 0x15f0 Startzeit der fehlerhaften Anwendung: 0x01ce6446d136036e
Pfad
der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichtskennung:
0f627e36-d03a-11e2-9ce7-bc5ff41a74a3
Error - 08.06.2013 09:28:38 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel:
0x5121f458 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e41b ID des fehlerhaften Prozesses:
0x13d8 Startzeit der fehlerhaften Anwendung: 0x01ce644bdb886771 Pfad der fehlerhaften
Anwendung: C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 539603ef-d03f-11e2-9ce7-bc5ff41a74a3
Error - 08.06.2013 10:40:21 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PinkVisual-141.002.exe, Version:
0.0.0.0, Zeitstempel: 0x5166aec4 Name des fehlerhaften Moduls: ThriXXX-010278-SYS.dll,
Version: 0.0.0.0, Zeitstempel: 0x5166ae4c Ausnahmecode: 0xc0000005 Fehleroffset:
0x000aa3e4 ID des fehlerhaften Prozesses: 0x950c Startzeit der fehlerhaften Anwendung:
0x01ce6455a6a3cc62 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\thriXXX\PinkVisual\Binaries\PinkVisual-141.002.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\thriXXX\PinkVisual\Binaries\ThriXXX-010278-SYS.dll
Berichtskennung:
581ac0c4-d049-11e2-9ce7-bc5ff41a74a3
Error - 08.06.2013 12:25:30 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel:
0x5121f458 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e3be ID des fehlerhaften Prozesses:
0x96c Startzeit der fehlerhaften Anwendung: 0x01ce6464be7fe46b Pfad der fehlerhaften
Anwendung: C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 088f1838-d058-11e2-8b42-bc5ff41a74a3
Error - 08.06.2013 12:26:21 | Computer Name = Fabian-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2013 12:28:50 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: shell.exe, Version: 7.0.13060.0,
Zeitstempel: 0x51ae3b03 Name des fehlerhaften Moduls: MSVCRT.dll, Version: 7.0.7601.17744,
Zeitstempel: 0x4eeaf722 Ausnahmecode: 0x40000015 Fehleroffset: 0x0005620a ID des fehlerhaften
Prozesses: 0x14a0 Startzeit der fehlerhaften Anwendung: 0x01ce6464d6aaabb2 Pfad der
fehlerhaften Anwendung: C:\Users\Fabian\AppData\Roaming\WindowsLogon\shell.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\MSVCRT.dll Berichtskennung: 7fe2dfbe-d058-11e2-8b42-bc5ff41a74a3
Error - 08.06.2013 12:31:12 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: shell.exe, Version: 7.0.13060.0,
Zeitstempel: 0x51ae3b03 Name des fehlerhaften Moduls: MSVCRT.dll, Version: 7.0.7601.17744,
Zeitstempel: 0x4eeaf722 Ausnahmecode: 0x40000015 Fehleroffset: 0x0005620a ID des fehlerhaften
Prozesses: 0x11e0 Startzeit der fehlerhaften Anwendung: 0x01ce64654daa6a14 Pfad der
fehlerhaften Anwendung: C:\Users\Fabian\AppData\Roaming\WindowsLogon\shell.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\MSVCRT.dll Berichtskennung: d451ba2c-d058-11e2-8b42-bc5ff41a74a3
Error - 08.06.2013 14:08:26 | Computer Name = Fabian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel:
0x5121f458 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e3be ID des fehlerhaften Prozesses:
0x970 Startzeit der fehlerhaften Anwendung: 0x01ce64732197af9c Pfad der fehlerhaften
Anwendung: C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 69d1f453-d066-11e2-895e-bc5ff41a74a3
Error - 08.06.2013 14:09:25 | Computer Name = Fabian-PC | Source = WinMgmt | ID = 10
Description =
[ NetLimiter 3 Events ]
Error - 24.04.2013 15:12:26 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 25.04.2013 08:55:36 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 26.04.2013 08:52:42 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 27.04.2013 05:25:36 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 28.04.2013 09:41:28 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 29.04.2013 12:39:12 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 30.04.2013 10:58:01 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 30.04.2013 15:49:56 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 01.05.2013 05:10:05 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 02.05.2013 09:32:53 | Computer Name = Fabian-PC | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
[ System Events ]
Error - 05.12.2012 10:26:20 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 06.12.2012 10:45:53 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 06.12.2012 10:45:55 | Computer Name = Fabian-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.12.2012 10:47:27 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "BullGuard e-mail monitoring service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 06.12.2012 10:48:49 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 06.12.2012 10:48:49 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 06.12.2012 15:22:22 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 06.12.2012 15:22:23 | Computer Name = Fabian-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.12.2012 15:24:33 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 06.12.2012 15:24:33 | Computer Name = Fabian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
MFG Fabian Neises |
|
08.06.2013, 19:57
| #4 |
| /// Malware-holic | Coin Miner,msdcsc entfernen siehe post2b
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 20:18
| #5 |
| | Coin Miner,msdcsc entfernen Habe Zip Datei erfolgreich hochgeladen Hier die .txt Datei: Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\rundll32 not found.
C:\Users\Fabian\AppData\Local\Temp\MSDCSC\msdcsc.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AcroRd32 not found.
C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AcroRd32 not found.
File C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AcroRd32 not found.
File C:\Users\Fabian\AppData\Roaming\Acrobat\AcroRd32.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\82267msdcsc.exe not found.
C:\Users\Fabian\AppData\Local\Temp\82267msdcsc.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\32992msdcsc.exe not found.
C:\Users\Fabian\AppData\Local\Temp\32992msdcsc.exe moved successfully.
C:\Users\Fabian\AppData\Roaming\dclogs folder moved successfully.
C:\Users\Fabian\AppData\Roaming\M5Q9IL20WA.exe moved successfully.
========== FILES ==========
C:\Users\Fabian\AppData\Local\Temp\MSDCSC\Uhv1HAwUyC9F\Uhv1HAwUyC9F folder moved successfully.
C:\Users\Fabian\AppData\Local\Temp\MSDCSC\Uhv1HAwUyC9F folder moved successfully.
C:\Users\Fabian\AppData\Local\Temp\MSDCSC folder moved successfully.
C:\Users\Fabian\AppData\Roaming\Acrobat folder moved successfully.
File\Folder C:\Users\Fabian\AppData\Roaming\Acrobat not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Fabian
->Temp folder emptied: 1809006455 bytes
->Temporary Internet Files folder emptied: 691987468 bytes
->Java cache emptied: 1327619 bytes
->FireFox cache emptied: 21118946 bytes
->Google Chrome cache emptied: 359719187 bytes
->Flash cache emptied: 97157 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 542121148 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 51845885 bytes
RecycleBin emptied: 1563672 bytes
Total Files Cleaned = 3.318,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06082013_210319
Files\Folders moved on Reboot...
C:\Users\Fabian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\_avast_\unp4319538.tmp not found!
File\Folder C:\Windows\temp\_avast_\unp75567540.tmp not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\_asw_aisI.tm~a06012\setup.lok not found!
File move failed. C:\Windows\temp\avast_ash\iTunes (64 Bit)\BIT53BD.tmp scheduled to be moved on reboot.
C:\Windows\temp\FireFly(20130608203252BC4).log moved successfully.
C:\Windows\temp\integratedoffice.exe_c2rdll(20130608203252BC4).log moved successfully.
C:\Windows\temp\integratedoffice.exe_c2ruidll(20130608203252BC4).log moved successfully.
C:\Windows\temp\integratedoffice.exe_streamserver(20130608203252BC4).log moved successfully.
File move failed. C:\Windows\temp\ood_stream.x86.en-us.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\ood_stream.x86.x-none.dat scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
08.06.2013, 20:22
| #6 |
| /// Malware-holic | Coin Miner,msdcsc entfernen Danke fürs hochladen Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Coin Miner,msdcsc entfernen |
|
08.06.2013, 20:31
| #7 |
| | Coin Miner,msdcsc entfernen .txt aus TDSSKiller: Code:
ATTFilter 21:24:32.0511 4640 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:24:33.0411 4640 ============================================================
21:24:33.0411 4640 Current date / time: 2013/06/08 21:24:33.0411
21:24:33.0411 4640 SystemInfo:
21:24:33.0411 4640
21:24:33.0411 4640 OS Version: 6.1.7601 ServicePack: 1.0
21:24:33.0411 4640 Product type: Workstation
21:24:33.0411 4640 ComputerName: FABIAN-PC
21:24:33.0411 4640 UserName: Fabian
21:24:33.0411 4640 Windows directory: C:\Windows
21:24:33.0411 4640 System windows directory: C:\Windows
21:24:33.0411 4640 Running under WOW64
21:24:33.0411 4640 Processor architecture: Intel x64
21:24:33.0411 4640 Number of processors: 4
21:24:33.0411 4640 Page size: 0x1000
21:24:33.0411 4640 Boot type: Normal boot
21:24:33.0411 4640 ============================================================
21:24:34.0246 4640 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:24:34.0251 4640 ============================================================
21:24:34.0251 4640 \Device\Harddisk0\DR0:
21:24:34.0252 4640 MBR partitions:
21:24:34.0252 4640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:24:34.0252 4640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:24:34.0252 4640 ============================================================
21:24:34.0269 4640 C: <-> \Device\Harddisk0\DR0\Partition2
21:24:34.0269 4640 ============================================================
21:24:34.0269 4640 Initialize success
21:24:34.0269 4640 ============================================================
21:25:11.0173 0188 ============================================================
21:25:11.0174 0188 Scan started
21:25:11.0174 0188 Mode: Manual; SigCheck; TDLFS;
21:25:11.0174 0188 ============================================================
21:25:11.0645 0188 ================ Scan system memory ========================
21:25:11.0645 0188 System memory - ok
21:25:11.0646 0188 ================ Scan services =============================
21:25:11.0760 0188 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:25:11.0852 0188 1394ohci - ok
21:25:11.0875 0188 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:25:11.0887 0188 ACPI - ok
21:25:11.0898 0188 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:25:11.0927 0188 AcpiPmi - ok
21:25:12.0114 0188 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:25:12.0124 0188 AdobeFlashPlayerUpdateSvc - ok
21:25:12.0154 0188 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:25:12.0169 0188 adp94xx - ok
21:25:12.0186 0188 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:25:12.0199 0188 adpahci - ok
21:25:12.0211 0188 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:25:12.0222 0188 adpu320 - ok
21:25:12.0246 0188 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:25:12.0299 0188 AeLookupSvc - ok
21:25:12.0357 0188 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:25:12.0399 0188 AFD - ok
21:25:12.0459 0188 [ A12CC7EA6448C7BADC8677593C2AC55D ] AFW C:\Windows\system32\DRIVERS\afw.sys
21:25:12.0481 0188 AFW - ok
21:25:12.0524 0188 [ 6BE9AC4EDB62252BA7AA13AF0CA907B8 ] afwcore C:\Windows\system32\DRIVERS\afwcore.sys
21:25:12.0541 0188 afwcore - ok
21:25:12.0570 0188 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:25:12.0583 0188 agp440 - ok
21:25:12.0946 0188 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
21:25:12.0946 0188 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
21:25:12.0952 0188 Akamai ( HiddenFile.Multi.Generic ) - warning
21:25:12.0952 0188 Akamai - detected HiddenFile.Multi.Generic (1)
21:25:12.0982 0188 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:25:13.0014 0188 ALG - ok
21:25:13.0040 0188 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:25:13.0056 0188 aliide - ok
21:25:13.0119 0188 ALSysIO - ok
21:25:13.0130 0188 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:25:13.0146 0188 amdide - ok
21:25:13.0173 0188 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:25:13.0204 0188 AmdK8 - ok
21:25:13.0215 0188 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:25:13.0238 0188 AmdPPM - ok
21:25:13.0266 0188 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:25:13.0278 0188 amdsata - ok
21:25:13.0294 0188 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:25:13.0308 0188 amdsbs - ok
21:25:13.0345 0188 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:25:13.0360 0188 amdxata - ok
21:25:13.0388 0188 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:25:13.0440 0188 AppID - ok
21:25:13.0471 0188 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:25:13.0505 0188 AppIDSvc - ok
21:25:13.0538 0188 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:25:13.0573 0188 Appinfo - ok
21:25:13.0662 0188 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:25:13.0674 0188 Apple Mobile Device - ok
21:25:13.0693 0188 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:25:13.0703 0188 arc - ok
21:25:13.0714 0188 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:25:13.0724 0188 arcsas - ok
21:25:13.0765 0188 [ 2B0E02250A4FF9EF8C68020A7315D27B ] Arctosa C:\Windows\system32\drivers\Arctosa.sys
21:25:13.0793 0188 Arctosa - ok
21:25:13.0897 0188 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:25:13.0912 0188 aspnet_state - ok
21:25:13.0950 0188 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:25:13.0964 0188 aswFsBlk - ok
21:25:14.0026 0188 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:25:14.0041 0188 aswMonFlt - ok
21:25:14.0077 0188 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:25:14.0092 0188 aswRdr - ok
21:25:14.0096 0188 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:25:14.0111 0188 aswRvrt - ok
21:25:14.0147 0188 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:25:14.0166 0188 aswSnx - ok
21:25:14.0210 0188 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:25:14.0230 0188 aswSP - ok
21:25:14.0268 0188 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:25:14.0283 0188 aswTdi - ok
21:25:14.0297 0188 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:25:14.0309 0188 aswVmm - ok
21:25:14.0347 0188 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:25:14.0397 0188 AsyncMac - ok
21:25:14.0405 0188 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:25:14.0412 0188 atapi - ok
21:25:14.0473 0188 [ 788914C42AD8318F1DD7A565EAFFB049 ] athrusb C:\Windows\system32\DRIVERS\athrxusb.sys
21:25:14.0536 0188 athrusb - ok
21:25:14.0661 0188 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:25:14.0728 0188 AudioEndpointBuilder - ok
21:25:14.0743 0188 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:25:14.0773 0188 AudioSrv - ok
21:25:14.0875 0188 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:25:14.0890 0188 avast! Antivirus - ok
21:25:14.0957 0188 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:25:14.0990 0188 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:25:14.0990 0188 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:25:15.0039 0188 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:25:15.0053 0188 avmeject - ok
21:25:15.0091 0188 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:25:15.0130 0188 AxInstSV - ok
21:25:15.0163 0188 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:25:15.0185 0188 b06bdrv - ok
21:25:15.0198 0188 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:25:15.0219 0188 b57nd60a - ok
21:25:15.0242 0188 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:25:15.0263 0188 BDESVC - ok
21:25:15.0329 0188 [ 760D877A396EC5061BF1B7B19502A9E2 ] BdNet C:\Windows\system32\drivers\BdNet.sys
21:25:15.0347 0188 BdNet - ok
21:25:15.0391 0188 [ AB0B1730E4CAA2A2A3CC8B93EE09C848 ] BdSpy C:\Windows\system32\drivers\BdSpy.sys
21:25:15.0407 0188 BdSpy - ok
21:25:15.0431 0188 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:25:15.0476 0188 Beep - ok
21:25:15.0513 0188 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:25:15.0551 0188 BFE - ok
21:25:15.0580 0188 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:25:15.0622 0188 BITS - ok
21:25:15.0635 0188 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:25:15.0661 0188 blbdrive - ok
21:25:15.0703 0188 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:25:15.0729 0188 bowser - ok
21:25:15.0756 0188 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:25:15.0785 0188 BrFiltLo - ok
21:25:15.0798 0188 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:25:15.0809 0188 BrFiltUp - ok
21:25:15.0858 0188 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:25:15.0877 0188 Browser - ok
21:25:15.0892 0188 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:25:15.0932 0188 Brserid - ok
21:25:15.0939 0188 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:25:15.0966 0188 BrSerWdm - ok
21:25:15.0988 0188 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:25:16.0008 0188 BrUsbMdm - ok
21:25:16.0021 0188 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:25:16.0043 0188 BrUsbSer - ok
21:25:16.0151 0188 [ C3A932C880EC42513886C51D8F4F51DD ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
21:25:16.0175 0188 BsBackup - ok
21:25:16.0234 0188 [ F9A5AF83BC2140D718E9FEF476F5DA21 ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
21:25:16.0253 0188 BsBhvScan - ok
21:25:16.0318 0188 [ C1CE309436758FF23E1BE085953FB6A2 ] BsFileScan c:\program files\bullguard ltd\bullguard\BsFileScan.dll
21:25:16.0339 0188 BsFileScan - ok
21:25:16.0397 0188 [ 5934BBAF56D6A05E2CB9D21AD337D3E7 ] BsFire c:\program files\bullguard ltd\bullguard\BsFire.dll
21:25:16.0422 0188 BsFire - ok
21:25:16.0497 0188 [ DE5C89DA99E9EB81E4AA7570DB8A6B7E ] BsMailProxy c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll
21:25:16.0521 0188 BsMailProxy - ok
21:25:16.0582 0188 [ 8FEF16C9A5AA314B1A2EDCFAD5853402 ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
21:25:16.0602 0188 BsMain - ok
21:25:16.0621 0188 [ A23B77B41103147CF8969DCADFF3555D ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
21:25:16.0631 0188 BsScanner - ok
21:25:16.0695 0188 [ C809A537FA2396CFD7D07BF6518F1010 ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
21:25:16.0716 0188 BsUpdate - ok
21:25:16.0737 0188 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:25:16.0766 0188 BTHMODEM - ok
21:25:16.0797 0188 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:25:16.0844 0188 bthserv - ok
21:25:16.0870 0188 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:25:16.0919 0188 cdfs - ok
21:25:16.0934 0188 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:25:16.0944 0188 cdrom - ok
21:25:16.0967 0188 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:25:17.0002 0188 CertPropSvc - ok
21:25:17.0063 0188 [ 33B82CF69E41B38A2EC0C3CABDE80D6E ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
21:25:17.0100 0188 cFosSpeed - ok
21:25:17.0174 0188 [ 760085908644D2988F1B504C3FCA6959 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
21:25:17.0195 0188 cFosSpeedS - ok
21:25:17.0221 0188 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:25:17.0241 0188 circlass - ok
21:25:17.0277 0188 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:25:17.0301 0188 CLFS - ok
21:25:17.0359 0188 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:17.0374 0188 clr_optimization_v2.0.50727_32 - ok
21:25:17.0400 0188 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:25:17.0414 0188 clr_optimization_v2.0.50727_64 - ok
21:25:17.0483 0188 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:17.0498 0188 clr_optimization_v4.0.30319_32 - ok
21:25:17.0505 0188 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:25:17.0516 0188 clr_optimization_v4.0.30319_64 - ok
21:25:17.0541 0188 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:25:17.0569 0188 CmBatt - ok
21:25:17.0579 0188 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:25:17.0588 0188 cmdide - ok
21:25:17.0629 0188 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:25:17.0662 0188 CNG - ok
21:25:17.0674 0188 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:25:17.0682 0188 Compbatt - ok
21:25:17.0697 0188 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:25:17.0717 0188 CompositeBus - ok
21:25:17.0726 0188 COMSysApp - ok
21:25:17.0809 0188 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:25:17.0822 0188 cphs - ok
21:25:17.0842 0188 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:25:17.0850 0188 crcdisk - ok
21:25:17.0898 0188 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:25:18.0004 0188 CryptSvc - ok
21:25:18.0132 0188 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:25:18.0195 0188 DcomLaunch - ok
21:25:18.0240 0188 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:25:18.0290 0188 defragsvc - ok
21:25:18.0310 0188 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:25:18.0343 0188 DfsC - ok
21:25:18.0376 0188 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:25:18.0410 0188 Dhcp - ok
21:25:18.0418 0188 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:25:18.0476 0188 discache - ok
21:25:18.0513 0188 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:25:18.0522 0188 Disk - ok
21:25:18.0556 0188 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:25:18.0584 0188 Dnscache - ok
21:25:18.0602 0188 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:25:18.0638 0188 dot3svc - ok
21:25:18.0652 0188 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:25:18.0687 0188 DPS - ok
21:25:18.0713 0188 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:25:18.0729 0188 drmkaud - ok
21:25:18.0777 0188 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:25:18.0794 0188 DXGKrnl - ok
21:25:18.0819 0188 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:25:18.0854 0188 EapHost - ok
21:25:18.0920 0188 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:25:19.0011 0188 ebdrv - ok
21:25:19.0061 0188 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:25:19.0071 0188 EFS - ok
21:25:19.0117 0188 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:25:19.0161 0188 ehRecvr - ok
21:25:19.0201 0188 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:25:19.0231 0188 ehSched - ok
21:25:19.0263 0188 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:25:19.0278 0188 elxstor - ok
21:25:19.0298 0188 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:25:19.0322 0188 ErrDev - ok
21:25:19.0333 0188 EtronHub3 - ok
21:25:19.0337 0188 EtronXHCI - ok
21:25:19.0365 0188 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:25:19.0415 0188 EventSystem - ok
21:25:19.0437 0188 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:25:19.0502 0188 exfat - ok
21:25:19.0525 0188 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:25:19.0559 0188 fastfat - ok
21:25:19.0616 0188 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:25:19.0684 0188 Fax - ok
21:25:19.0691 0188 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:25:19.0716 0188 fdc - ok
21:25:19.0727 0188 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:25:19.0757 0188 fdPHost - ok
21:25:19.0768 0188 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:25:19.0809 0188 FDResPub - ok
21:25:19.0843 0188 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:25:19.0851 0188 FileInfo - ok
21:25:19.0867 0188 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:25:19.0921 0188 Filetrace - ok
21:25:19.0932 0188 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:25:19.0942 0188 flpydisk - ok
21:25:19.0955 0188 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:25:19.0967 0188 FltMgr - ok
21:25:20.0008 0188 [ FE95AE537B41A7E2F4CFE353064DC4AF ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
21:25:20.0022 0188 FNETTBOH_305 - ok
21:25:20.0084 0188 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
21:25:20.0096 0188 FNETURPX - ok
21:25:20.0149 0188 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:25:20.0209 0188 FontCache - ok
21:25:20.0242 0188 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:25:20.0256 0188 FontCache3.0.0.0 - ok
21:25:20.0266 0188 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:25:20.0277 0188 FsDepends - ok
21:25:20.0327 0188 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:25:20.0339 0188 Fs_Rec - ok
21:25:20.0370 0188 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:25:20.0388 0188 fvevol - ok
21:25:20.0444 0188 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
21:25:20.0478 0188 FWLANUSB - ok
21:25:20.0520 0188 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:25:20.0537 0188 gagp30kx - ok
21:25:20.0590 0188 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:25:20.0603 0188 GEARAspiWDM - ok
21:25:20.0639 0188 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:25:20.0698 0188 gpsvc - ok
21:25:20.0769 0188 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:20.0783 0188 gupdate - ok
21:25:20.0787 0188 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:20.0801 0188 gupdatem - ok
21:25:20.0863 0188 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:25:20.0873 0188 hamachi - ok
21:25:20.0887 0188 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:25:20.0908 0188 hcw85cir - ok
21:25:20.0938 0188 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:25:20.0967 0188 HdAudAddService - ok
21:25:20.0980 0188 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:25:20.0997 0188 HDAudBus - ok
21:25:21.0007 0188 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:25:21.0029 0188 HidBatt - ok
21:25:21.0040 0188 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:25:21.0068 0188 HidBth - ok
21:25:21.0094 0188 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:25:21.0110 0188 HidIr - ok
21:25:21.0134 0188 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:25:21.0170 0188 hidserv - ok
21:25:21.0187 0188 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:25:21.0197 0188 HidUsb - ok
21:25:21.0280 0188 [ 9D2C35E06CE117355ABADCEEE1558D21 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:25:21.0298 0188 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
21:25:21.0298 0188 HiPatchService - detected UnsignedFile.Multi.Generic (1)
21:25:21.0327 0188 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:25:21.0387 0188 hkmsvc - ok
21:25:21.0400 0188 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:25:21.0422 0188 HomeGroupListener - ok
21:25:21.0446 0188 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:25:21.0479 0188 HomeGroupProvider - ok
21:25:21.0516 0188 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:25:21.0533 0188 HpSAMD - ok
21:25:21.0564 0188 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:25:21.0623 0188 HTTP - ok
21:25:21.0638 0188 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:25:21.0645 0188 hwpolicy - ok
21:25:21.0673 0188 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:25:21.0683 0188 i8042prt - ok
21:25:21.0734 0188 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:25:21.0748 0188 iaStorV - ok
21:25:21.0817 0188 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:25:21.0834 0188 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:25:21.0834 0188 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:25:21.0873 0188 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:25:21.0892 0188 idsvc - ok
21:25:21.0999 0188 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:25:22.0136 0188 igfx - ok
21:25:22.0154 0188 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:25:22.0162 0188 iirsp - ok
21:25:22.0188 0188 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:25:22.0230 0188 IKEEXT - ok
21:25:22.0329 0188 [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:25:22.0369 0188 IntcAzAudAddService - ok
21:25:22.0376 0188 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:25:22.0384 0188 intelide - ok
21:25:22.0396 0188 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:25:22.0413 0188 intelppm - ok
21:25:22.0434 0188 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:25:22.0468 0188 IPBusEnum - ok
21:25:22.0477 0188 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:25:22.0501 0188 IpFilterDriver - ok
21:25:22.0588 0188 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:25:22.0635 0188 iphlpsvc - ok
21:25:22.0693 0188 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:25:22.0723 0188 IPMIDRV - ok
21:25:22.0736 0188 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:25:22.0796 0188 IPNAT - ok
21:25:22.0880 0188 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:25:22.0911 0188 iPod Service - ok
21:25:22.0932 0188 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:25:22.0958 0188 IRENUM - ok
21:25:22.0971 0188 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:25:22.0979 0188 isapnp - ok
21:25:22.0995 0188 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:25:23.0007 0188 iScsiPrt - ok
21:25:23.0033 0188 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:25:23.0041 0188 kbdclass - ok
21:25:23.0052 0188 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:25:23.0068 0188 kbdhid - ok
21:25:23.0085 0188 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:25:23.0095 0188 KeyIso - ok
21:25:23.0128 0188 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:25:23.0138 0188 KSecDD - ok
21:25:23.0183 0188 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:25:23.0202 0188 KSecPkg - ok
21:25:23.0212 0188 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:25:23.0247 0188 ksthunk - ok
21:25:23.0268 0188 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:25:23.0308 0188 KtmRm - ok
21:25:23.0356 0188 [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
21:25:23.0367 0188 LADF_CaptureOnly - ok
21:25:23.0404 0188 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
21:25:23.0411 0188 LADF_DHP2 - ok
21:25:23.0456 0188 [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
21:25:23.0475 0188 LADF_RenderOnly - ok
21:25:23.0491 0188 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
21:25:23.0505 0188 LADF_SBVM - ok
21:25:23.0532 0188 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:25:23.0576 0188 LanmanServer - ok
21:25:23.0600 0188 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:25:23.0643 0188 LanmanWorkstation - ok
21:25:23.0688 0188 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:25:23.0699 0188 LGBusEnum - ok
21:25:23.0727 0188 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:25:23.0740 0188 LGVirHid - ok
21:25:23.0763 0188 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:25:23.0816 0188 lltdio - ok
21:25:23.0839 0188 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:25:23.0873 0188 lltdsvc - ok
21:25:23.0898 0188 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:25:23.0937 0188 lmhosts - ok
21:25:24.0001 0188 [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:25:24.0020 0188 LMS - ok
21:25:24.0044 0188 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:25:24.0062 0188 LSI_FC - ok
21:25:24.0070 0188 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:25:24.0084 0188 LSI_SAS - ok
21:25:24.0091 0188 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:25:24.0100 0188 LSI_SAS2 - ok
21:25:24.0109 0188 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:25:24.0118 0188 LSI_SCSI - ok
21:25:24.0129 0188 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:25:24.0172 0188 luafv - ok
21:25:24.0215 0188 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:25:24.0230 0188 MBAMProtector - ok
21:25:24.0317 0188 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:25:24.0337 0188 MBAMScheduler - ok
21:25:24.0403 0188 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:25:24.0422 0188 MBAMService - ok
21:25:24.0474 0188 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:25:24.0487 0188 MBfilt - ok
21:25:24.0515 0188 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:25:24.0545 0188 Mcx2Svc - ok
21:25:24.0554 0188 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:25:24.0566 0188 megasas - ok
21:25:24.0599 0188 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:25:24.0612 0188 MegaSR - ok
21:25:24.0648 0188 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:25:24.0659 0188 MEIx64 - ok
21:25:24.0690 0188 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:25:24.0741 0188 MMCSS - ok
21:25:24.0758 0188 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:25:24.0807 0188 Modem - ok
21:25:24.0817 0188 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:25:24.0837 0188 monitor - ok
21:25:24.0847 0188 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:25:24.0854 0188 mouclass - ok
21:25:24.0870 0188 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:25:24.0894 0188 mouhid - ok
21:25:24.0916 0188 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:25:24.0925 0188 mountmgr - ok
21:25:24.0979 0188 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:25:24.0993 0188 MozillaMaintenance - ok
21:25:25.0007 0188 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:25:25.0020 0188 mpio - ok
21:25:25.0028 0188 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:25:25.0059 0188 mpsdrv - ok
21:25:25.0085 0188 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:25:25.0117 0188 MpsSvc - ok
21:25:25.0131 0188 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:25:25.0173 0188 MRxDAV - ok
21:25:25.0207 0188 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:25:25.0228 0188 mrxsmb - ok
21:25:25.0272 0188 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:25:25.0295 0188 mrxsmb10 - ok
21:25:25.0431 0188 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:25:25.0446 0188 mrxsmb20 - ok
21:25:25.0455 0188 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:25:25.0468 0188 msahci - ok
21:25:25.0479 0188 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:25:25.0493 0188 msdsm - ok
21:25:25.0506 0188 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:25:25.0531 0188 MSDTC - ok
21:25:25.0552 0188 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:25:25.0598 0188 Msfs - ok
21:25:25.0630 0188 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:25:25.0657 0188 mshidkmdf - ok
21:25:25.0672 0188 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:25:25.0680 0188 msisadrv - ok
21:25:25.0695 0188 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:25:25.0731 0188 MSiSCSI - ok
21:25:25.0733 0188 msiserver - ok
21:25:25.0757 0188 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:25:25.0798 0188 MSKSSRV - ok
21:25:25.0810 0188 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:25:25.0845 0188 MSPCLOCK - ok
21:25:25.0855 0188 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:25:25.0894 0188 MSPQM - ok
21:25:25.0909 0188 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:25:25.0922 0188 MsRPC - ok
21:25:25.0931 0188 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:25:25.0939 0188 mssmbios - ok
21:25:25.0948 0188 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:25:25.0982 0188 MSTEE - ok
21:25:25.0987 0188 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:25:25.0996 0188 MTConfig - ok
21:25:26.0007 0188 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:25:26.0015 0188 Mup - ok
21:25:26.0038 0188 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:25:26.0084 0188 napagent - ok
21:25:26.0112 0188 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:25:26.0137 0188 NativeWifiP - ok
21:25:26.0196 0188 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:25:26.0236 0188 NDIS - ok
21:25:26.0245 0188 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:25:26.0283 0188 NdisCap - ok
21:25:26.0298 0188 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:25:26.0323 0188 NdisTapi - ok
21:25:26.0334 0188 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:25:26.0377 0188 Ndisuio - ok
21:25:26.0385 0188 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:25:26.0421 0188 NdisWan - ok
21:25:26.0431 0188 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:25:26.0461 0188 NDProxy - ok
21:25:26.0475 0188 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:25:26.0517 0188 NetBIOS - ok
21:25:26.0527 0188 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:25:26.0553 0188 NetBT - ok
21:25:26.0568 0188 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:25:26.0578 0188 Netlogon - ok
21:25:26.0610 0188 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:25:26.0656 0188 Netman - ok
21:25:26.0728 0188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:26.0745 0188 NetMsmqActivator - ok
21:25:26.0757 0188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:26.0768 0188 NetPipeActivator - ok
21:25:26.0783 0188 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:25:26.0836 0188 netprofm - ok
21:25:26.0848 0188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:26.0855 0188 NetTcpActivator - ok
21:25:26.0857 0188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:26.0865 0188 NetTcpPortSharing - ok
21:25:26.0891 0188 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:25:26.0899 0188 nfrd960 - ok
21:25:26.0945 0188 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:25:26.0977 0188 NlaSvc - ok
21:25:27.0038 0188 [ AD42FB061166AF0643806800304BD76F ] NLNdisMP C:\Windows\system32\DRIVERS\nlndis.sys
21:25:27.0053 0188 NLNdisMP - ok
21:25:27.0068 0188 [ AD42FB061166AF0643806800304BD76F ] NLNdisPT C:\Windows\system32\DRIVERS\nlndis.sys
21:25:27.0082 0188 NLNdisPT - ok
21:25:27.0155 0188 [ 6988373E38223438B09F0C27D7E67393 ] nlsvc C:\Program Files\NetLimiter 3\nlsvc.exe
21:25:27.0180 0188 nlsvc ( UnsignedFile.Multi.Generic ) - warning
21:25:27.0180 0188 nlsvc - detected UnsignedFile.Multi.Generic (1)
21:25:27.0195 0188 [ 75E6581DE9A0B155EDAB6807E668BE06 ] nltdi C:\Program Files\NetLimiter 3\nltdi.sys
21:25:27.0202 0188 nltdi - ok
21:25:27.0242 0188 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
21:25:27.0285 0188 nmwcd - ok
21:25:27.0364 0188 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
21:25:27.0406 0188 nmwcdc - ok
21:25:27.0484 0188 [ 510755C17F4AA13605412961F58884B5 ] NovaShieldFilterDriver C:\Windows\system32\DRIVERS\NSKernel.sys
21:25:27.0499 0188 NovaShieldFilterDriver - ok
21:25:27.0549 0188 [ 440469E8505744CCAA3BA294306258AE ] NovaShieldTDIDriver C:\Windows\system32\DRIVERS\NSNetmon.sys
21:25:27.0562 0188 NovaShieldTDIDriver - ok
21:25:27.0582 0188 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:25:27.0611 0188 Npfs - ok
21:25:27.0624 0188 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:25:27.0649 0188 nsi - ok
21:25:27.0659 0188 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:25:27.0716 0188 nsiproxy - ok
21:25:27.0770 0188 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:25:27.0814 0188 Ntfs - ok
21:25:27.0834 0188 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:25:27.0870 0188 Null - ok
21:25:27.0923 0188 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:25:27.0941 0188 NVHDA - ok
21:25:28.0160 0188 [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:25:28.0284 0188 nvlddmkm - ok
21:25:28.0359 0188 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:25:28.0378 0188 nvraid - ok
21:25:28.0413 0188 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:25:28.0432 0188 nvstor - ok
21:25:28.0483 0188 [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:25:28.0513 0188 nvsvc - ok
21:25:28.0630 0188 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:25:28.0663 0188 nvUpdatusService - ok
21:25:28.0684 0188 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:25:28.0695 0188 nv_agp - ok
21:25:28.0847 0188 [ 71C97F97A909A990C7F60C77908BAFF9 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
21:25:28.0887 0188 OfficeSvc - ok
21:25:28.0898 0188 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:25:28.0917 0188 ohci1394 - ok
21:25:28.0988 0188 [ FF93D67903FDEABCD4470CD82F44ACFA ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:25:29.0006 0188 ose - ok
21:25:29.0181 0188 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:25:29.0236 0188 osppsvc - ok
21:25:29.0263 0188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:25:29.0282 0188 p2pimsvc - ok
21:25:29.0314 0188 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:25:29.0330 0188 p2psvc - ok
21:25:29.0348 0188 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:25:29.0365 0188 Parport - ok
21:25:29.0400 0188 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:25:29.0417 0188 partmgr - ok
21:25:29.0432 0188 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:25:29.0463 0188 PcaSvc - ok
21:25:29.0508 0188 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:25:29.0533 0188 pccsmcfd - ok
21:25:29.0549 0188 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:25:29.0561 0188 pci - ok
21:25:29.0599 0188 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:25:29.0614 0188 pciide - ok
21:25:29.0632 0188 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:25:29.0654 0188 pcmcia - ok
21:25:29.0667 0188 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:25:29.0675 0188 pcw - ok
21:25:29.0682 0188 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:25:29.0718 0188 PEAUTH - ok
21:25:29.0889 0188 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:25:29.0915 0188 PerfHost - ok
21:25:29.0966 0188 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:25:30.0038 0188 pla - ok
21:25:30.0090 0188 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:25:30.0111 0188 PlugPlay - ok
21:25:30.0133 0188 PnkBstrA - ok
21:25:30.0147 0188 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:25:30.0157 0188 PNRPAutoReg - ok
21:25:30.0171 0188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:25:30.0183 0188 PNRPsvc - ok
21:25:30.0210 0188 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:25:30.0251 0188 PolicyAgent - ok
21:25:30.0268 0188 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:25:30.0303 0188 Power - ok
21:25:30.0334 0188 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:25:30.0385 0188 PptpMiniport - ok
21:25:30.0395 0188 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:25:30.0409 0188 Processor - ok
21:25:30.0444 0188 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:25:30.0479 0188 ProfSvc - ok
21:25:30.0494 0188 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:25:30.0515 0188 ProtectedStorage - ok
21:25:30.0523 0188 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:25:30.0563 0188 Psched - ok
21:25:30.0608 0188 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:25:30.0653 0188 ql2300 - ok
21:25:30.0666 0188 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:25:30.0675 0188 ql40xx - ok
21:25:30.0696 0188 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:25:30.0735 0188 QWAVE - ok
21:25:30.0768 0188 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:25:30.0803 0188 QWAVEdrv - ok
21:25:30.0813 0188 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:25:30.0848 0188 RasAcd - ok
21:25:30.0874 0188 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:25:30.0898 0188 RasAgileVpn - ok
21:25:30.0910 0188 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:25:30.0946 0188 RasAuto - ok
21:25:30.0955 0188 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:25:30.0994 0188 Rasl2tp - ok
21:25:31.0100 0188 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:25:31.0151 0188 RasMan - ok
21:25:31.0164 0188 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:25:31.0195 0188 RasPppoe - ok
21:25:31.0217 0188 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:25:31.0257 0188 RasSstp - ok
21:25:31.0266 0188 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:25:31.0311 0188 rdbss - ok
21:25:31.0317 0188 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:25:31.0328 0188 rdpbus - ok
21:25:31.0341 0188 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:25:31.0364 0188 RDPCDD - ok
21:25:31.0369 0188 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:25:31.0408 0188 RDPENCDD - ok
21:25:31.0422 0188 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:25:31.0446 0188 RDPREFMP - ok
21:25:31.0481 0188 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:25:31.0500 0188 RDPWD - ok
21:25:31.0526 0188 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:25:31.0535 0188 rdyboost - ok
21:25:31.0567 0188 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:25:31.0594 0188 RemoteAccess - ok
21:25:31.0632 0188 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:25:31.0671 0188 RemoteRegistry - ok
21:25:31.0685 0188 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:25:31.0725 0188 RpcEptMapper - ok
21:25:31.0741 0188 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:25:31.0771 0188 RpcLocator - ok
21:25:31.0792 0188 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:25:31.0834 0188 RpcSs - ok
21:25:31.0854 0188 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:25:31.0878 0188 rspndr - ok
21:25:31.0929 0188 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:25:31.0952 0188 RTL8167 - ok
21:25:32.0013 0188 [ 4FACBCF427B0BB87D5E2FD2F986A7B85 ] RzDxgk C:\Windows\system32\drivers\RzDxgk.sys
21:25:32.0029 0188 RzDxgk - ok
21:25:32.0076 0188 [ DD29B38DC8FD862EBED0EB56F7698826 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
21:25:32.0094 0188 rzendpt - ok
21:25:32.0131 0188 [ 3DCDA3B114E50EFC17AEDBFBF494F02E ] RzFilter C:\Windows\system32\drivers\RzFilter.sys
21:25:32.0145 0188 RzFilter - ok
21:25:32.0207 0188 [ 0CF9CCB076FDF47385AC9CD8DE02B766 ] RzOvlMon C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
21:25:32.0220 0188 RzOvlMon - ok
21:25:32.0263 0188 [ 629D583C28EEADA838D586FF1E4A91BB ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
21:25:32.0297 0188 rzudd - ok
21:25:32.0311 0188 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:25:32.0330 0188 SamSs - ok
21:25:32.0355 0188 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:25:32.0371 0188 sbp2port - ok
21:25:32.0394 0188 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:25:32.0433 0188 SCardSvr - ok
21:25:32.0438 0188 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:25:32.0471 0188 scfilter - ok
21:25:32.0492 0188 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:25:32.0538 0188 Schedule - ok
21:25:32.0559 0188 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:25:32.0581 0188 SCPolicySvc - ok
21:25:32.0628 0188 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
21:25:32.0635 0188 ScreamBAudioSvc - ok
21:25:32.0650 0188 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:25:32.0661 0188 SDRSVC - ok
21:25:32.0693 0188 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:25:32.0754 0188 secdrv - ok
21:25:32.0758 0188 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:25:32.0782 0188 seclogon - ok
21:25:32.0798 0188 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:25:32.0841 0188 SENS - ok
21:25:32.0848 0188 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:25:32.0871 0188 SensrSvc - ok
21:25:32.0883 0188 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:25:32.0914 0188 Serenum - ok
21:25:32.0935 0188 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:25:32.0967 0188 Serial - ok
21:25:32.0991 0188 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:25:33.0021 0188 sermouse - ok
21:25:33.0105 0188 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:25:33.0131 0188 ServiceLayer - ok
21:25:33.0157 0188 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:25:33.0205 0188 SessionEnv - ok
21:25:33.0213 0188 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:25:33.0223 0188 sffdisk - ok
21:25:33.0227 0188 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:25:33.0252 0188 sffp_mmc - ok
21:25:33.0263 0188 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:25:33.0283 0188 sffp_sd - ok
21:25:33.0294 0188 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:25:33.0308 0188 sfloppy - ok
21:25:33.0333 0188 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:25:33.0369 0188 SharedAccess - ok
21:25:33.0399 0188 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:25:33.0508 0188 ShellHWDetection - ok
21:25:33.0633 0188 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:25:33.0645 0188 SiSRaid2 - ok
21:25:33.0659 0188 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:25:33.0668 0188 SiSRaid4 - ok
21:25:33.0720 0188 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:25:33.0734 0188 SkypeUpdate - ok
21:25:33.0755 0188 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:25:33.0808 0188 Smb - ok
21:25:33.0837 0188 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:25:33.0873 0188 SNMPTRAP - ok
21:25:33.0884 0188 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:25:33.0898 0188 spldr - ok
21:25:33.0949 0188 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:25:33.0979 0188 Spooler - ok
21:25:34.0032 0188 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:25:34.0127 0188 sppsvc - ok
21:25:34.0143 0188 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:25:34.0168 0188 sppuinotify - ok
21:25:34.0208 0188 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:25:34.0237 0188 srv - ok
21:25:34.0256 0188 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:25:34.0284 0188 srv2 - ok
21:25:34.0324 0188 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:25:34.0343 0188 srvnet - ok
21:25:34.0372 0188 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:25:34.0413 0188 SSDPSRV - ok
21:25:34.0422 0188 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:25:34.0448 0188 SstpSvc - ok
21:25:34.0480 0188 Steam Client Service - ok
21:25:34.0587 0188 [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:25:34.0608 0188 Stereo Service - ok
21:25:34.0637 0188 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:25:34.0652 0188 stexstor - ok
21:25:34.0701 0188 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:25:34.0752 0188 stisvc - ok
21:25:34.0764 0188 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:25:34.0778 0188 swenum - ok
21:25:34.0802 0188 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:25:34.0842 0188 swprv - ok
21:25:34.0872 0188 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:25:34.0924 0188 SysMain - ok
21:25:34.0934 0188 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:25:34.0952 0188 TabletInputService - ok
21:25:34.0969 0188 tandpl - ok
21:25:35.0009 0188 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:25:35.0043 0188 tap0901 - ok
21:25:35.0064 0188 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:25:35.0121 0188 TapiSrv - ok
21:25:35.0153 0188 TBPanel - ok
21:25:35.0166 0188 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:25:35.0204 0188 TBS - ok
21:25:35.0290 0188 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:25:35.0361 0188 Tcpip - ok
21:25:35.0407 0188 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:25:35.0439 0188 TCPIP6 - ok
21:25:35.0484 0188 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:25:35.0501 0188 tcpipreg - ok
21:25:35.0520 0188 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:25:35.0536 0188 TDPIPE - ok
21:25:35.0570 0188 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:25:35.0595 0188 TDTCP - ok
21:25:35.0610 0188 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:25:35.0647 0188 tdx - ok
21:25:35.0662 0188 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:25:35.0674 0188 TermDD - ok
21:25:35.0703 0188 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:25:35.0749 0188 TermService - ok
21:25:35.0757 0188 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:25:35.0771 0188 Themes - ok
21:25:35.0798 0188 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:25:35.0823 0188 THREADORDER - ok
21:25:35.0831 0188 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:25:35.0865 0188 TrkWks - ok
21:25:35.0916 0188 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
21:25:35.0934 0188 truecrypt - ok
21:25:35.0994 0188 [ D5F502C6B2E4FA6B125C01448E7A01AB ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
21:25:36.0011 0188 Trufos - ok
21:25:36.0053 0188 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:25:36.0090 0188 TrustedInstaller - ok
21:25:36.0101 0188 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:25:36.0132 0188 tssecsrv - ok
21:25:36.0149 0188 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:25:36.0167 0188 TsUsbFlt - ok
21:25:36.0176 0188 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:25:36.0185 0188 TsUsbGD - ok
21:25:36.0202 0188 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:25:36.0239 0188 tunnel - ok
21:25:36.0247 0188 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:25:36.0254 0188 uagp35 - ok
21:25:36.0266 0188 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:25:36.0303 0188 udfs - ok
21:25:36.0334 0188 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:25:36.0360 0188 UI0Detect - ok
21:25:36.0382 0188 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:25:36.0390 0188 uliagpkx - ok
21:25:36.0414 0188 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:25:36.0434 0188 umbus - ok
21:25:36.0447 0188 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:25:36.0465 0188 UmPass - ok
21:25:36.0571 0188 [ CD114CE02A10FA79C229770788106842 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:25:36.0613 0188 UNS - ok
21:25:36.0644 0188 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:25:36.0686 0188 upnphost - ok
21:25:36.0738 0188 [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
21:25:36.0755 0188 upperdev - ok
21:25:36.0806 0188 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:25:36.0832 0188 USBAAPL64 - ok
21:25:36.0872 0188 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:25:36.0892 0188 usbaudio - ok
21:25:36.0929 0188 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:25:36.0947 0188 usbccgp - ok
21:25:36.0971 0188 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:25:36.0984 0188 usbcir - ok
21:25:37.0022 0188 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:25:37.0042 0188 usbehci - ok
21:25:37.0059 0188 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:25:37.0087 0188 usbhub - ok
21:25:37.0148 0188 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:25:37.0171 0188 usbohci - ok
21:25:37.0181 0188 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:25:37.0250 0188 usbprint - ok
21:25:37.0293 0188 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:25:37.0314 0188 usbscan - ok
21:25:37.0355 0188 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
21:25:37.0364 0188 usbser - ok
21:25:37.0400 0188 [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
21:25:37.0438 0188 UsbserFilt - ok
21:25:37.0459 0188 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:25:37.0485 0188 USBSTOR - ok
21:25:37.0529 0188 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:25:37.0552 0188 usbuhci - ok
21:25:37.0585 0188 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:25:37.0646 0188 UxSms - ok
21:25:37.0660 0188 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:25:37.0669 0188 VaultSvc - ok
21:25:37.0704 0188 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
21:25:37.0736 0188 VClone - ok
21:25:37.0761 0188 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:25:37.0774 0188 vdrvroot - ok
21:25:37.0798 0188 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:25:37.0857 0188 vds - ok
21:25:37.0863 0188 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:25:37.0873 0188 vga - ok
21:25:37.0886 0188 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:25:37.0923 0188 VgaSave - ok
21:25:37.0934 0188 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:25:37.0945 0188 vhdmp - ok
21:25:37.0961 0188 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:25:37.0968 0188 viaide - ok
21:25:38.0015 0188 [ 684A755DDFCB35FD52C3FC62A00A8399 ] VirtuWDDM C:\Windows\system32\DRIVERS\VirtuWDDM.sys
21:25:38.0022 0188 VirtuWDDM - ok
21:25:38.0043 0188 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:25:38.0051 0188 volmgr - ok
21:25:38.0068 0188 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:25:38.0080 0188 volmgrx - ok
21:25:38.0084 0188 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:25:38.0096 0188 volsnap - ok
21:25:38.0125 0188 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:25:38.0135 0188 vsmraid - ok
21:25:38.0177 0188 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:25:38.0242 0188 VSS - ok
21:25:38.0253 0188 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:25:38.0273 0188 vwifibus - ok
21:25:38.0296 0188 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:25:38.0325 0188 W32Time - ok
21:25:38.0347 0188 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:25:38.0366 0188 WacomPen - ok
21:25:38.0396 0188 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:25:38.0433 0188 WANARP - ok
21:25:38.0440 0188 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:25:38.0464 0188 Wanarpv6 - ok
21:25:38.0491 0188 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:25:38.0539 0188 wbengine - ok
21:25:38.0562 0188 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:25:38.0579 0188 WbioSrvc - ok
21:25:38.0605 0188 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:25:38.0632 0188 wcncsvc - ok
21:25:38.0693 0188 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:25:38.0760 0188 WcsPlugInService - ok
21:25:38.0833 0188 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:25:38.0887 0188 Wd - ok
21:25:38.0949 0188 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:25:38.0988 0188 Wdf01000 - ok
21:25:38.0998 0188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:25:39.0022 0188 WdiServiceHost - ok
21:25:39.0024 0188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:25:39.0038 0188 WdiSystemHost - ok
21:25:39.0130 0188 [ D75398987C968DCBABC411E08029E387 ] Web Assistant C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
21:25:39.0140 0188 Web Assistant - ok
21:25:39.0157 0188 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:25:39.0188 0188 WebClient - ok
21:25:39.0204 0188 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:25:39.0257 0188 Wecsvc - ok
21:25:39.0275 0188 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:25:39.0301 0188 wercplsupport - ok
21:25:39.0323 0188 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:25:39.0349 0188 WerSvc - ok
21:25:39.0369 0188 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:25:39.0392 0188 WfpLwf - ok
21:25:39.0405 0188 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:25:39.0412 0188 WIMMount - ok
21:25:39.0419 0188 WinDefend - ok
21:25:39.0422 0188 WinHttpAutoProxySvc - ok
21:25:39.0481 0188 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:25:39.0521 0188 Winmgmt - ok
21:25:39.0569 0188 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:25:39.0632 0188 WinRM - ok
21:25:39.0685 0188 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:25:39.0713 0188 WinUsb - ok
21:25:39.0748 0188 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:25:39.0806 0188 Wlansvc - ok
21:25:39.0815 0188 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:25:39.0826 0188 WmiAcpi - ok
21:25:39.0850 0188 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:25:39.0871 0188 wmiApSrv - ok
21:25:39.0892 0188 WMPNetworkSvc - ok
21:25:39.0920 0188 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:25:39.0940 0188 WPCSvc - ok
21:25:39.0952 0188 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:25:39.0976 0188 WPDBusEnum - ok
21:25:39.0998 0188 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:25:40.0021 0188 ws2ifsl - ok
21:25:40.0035 0188 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:25:40.0055 0188 wscsvc - ok
21:25:40.0057 0188 WSearch - ok
21:25:40.0131 0188 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:25:40.0207 0188 wuauserv - ok
21:25:40.0239 0188 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:25:40.0259 0188 WudfPf - ok
21:25:40.0282 0188 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:25:40.0302 0188 WUDFRd - ok
21:25:40.0340 0188 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:25:40.0358 0188 wudfsvc - ok
21:25:40.0392 0188 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:25:40.0405 0188 WwanSvc - ok
21:25:40.0573 0188 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
21:25:40.0618 0188 xnacc - ok
21:25:40.0632 0188 ================ Scan global ===============================
21:25:40.0654 0188 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:25:40.0697 0188 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:25:40.0707 0188 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:25:40.0732 0188 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:25:40.0756 0188 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:25:40.0762 0188 [Global] - ok
21:25:40.0763 0188 ================ Scan MBR ==================================
21:25:40.0769 0188 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:25:41.0018 0188 \Device\Harddisk0\DR0 - ok
21:25:41.0018 0188 ================ Scan VBR ==================================
21:25:41.0020 0188 [ D59523B41D162162F170324F4AA4B596 ] \Device\Harddisk0\DR0\Partition1
21:25:41.0022 0188 \Device\Harddisk0\DR0\Partition1 - ok
21:25:41.0050 0188 [ A6CD0B3FDB12D2FF6954E306296C52F0 ] \Device\Harddisk0\DR0\Partition2
21:25:41.0051 0188 \Device\Harddisk0\DR0\Partition2 - ok
21:25:41.0052 0188 ============================================================
21:25:41.0052 0188 Scan finished
21:25:41.0052 0188 ============================================================
21:25:41.0061 5992 Detected object count: 5
21:25:41.0061 5992 Actual detected object count: 5
21:25:55.0094 5992 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:25:55.0094 5992 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
21:25:55.0095 5992 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:55.0096 5992 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:55.0097 5992 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:55.0097 5992 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:55.0098 5992 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:55.0098 5992 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:25:55.0099 5992 nlsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:25:55.0099 5992 nlsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.06.2013, 20:32
| #8 |
| /// Malware-holic | Coin Miner,msdcsc entfernen Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 20:45
| #9 |
| | Coin Miner,msdcsc entfernen Combofix.txt Code:
ATTFilter ComboFix 13-06-08.01 - Fabian 08.06.2013 21:36:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8105.5861 [GMT 2:00]
ausgeführt von:: c:\users\Fabian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: BullGuard Antivirus *Disabled/Updated* {C3CCAC61-52F7-A056-1860-6406566E2578}
FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Vid-Saver
c:\program files (x86)\Vid-Saver\Vid-Saver.ico
c:\program files (x86)\Vid-Saver\Vid-Saver.ini
c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe
c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log
c:\programdata\ntuser.dat
c:\users\Fabian\AppData\Local\Vid-Saver
c:\users\Fabian\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\users\Fabian\AppData\Roaming\local
c:\users\Fabian\AppData\Roaming\technic-launcher.jar
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-08 bis 2013-06-08 ))))))))))))))))))))))))))))))
.
.
2013-06-08 19:41 . 2013-06-08 19:41 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-08 19:41 . 2013-06-08 19:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-08 19:03 . 2013-06-08 19:12 -------- d-----w- C:\_OTL
2013-06-08 18:55 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-08 18:55 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-08 18:55 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-06-08 18:55 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-08 18:55 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-08 18:55 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-08 18:55 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-08 18:55 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-08 18:54 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-08 18:54 . 2013-06-08 18:54 -------- d-----w- c:\program files\AVAST Software
2013-06-08 18:53 . 2013-06-08 18:54 -------- d-----w- c:\programdata\AVAST Software
2013-06-08 17:11 . 2013-06-08 17:11 -------- d-sh--w- c:\users\Fabian\AppData\Roaming\msnmsg
2013-06-08 17:06 . 2013-06-08 17:06 -------- d-----w- c:\users\Fabian\AppData\Roaming\Simply Super Software
2013-06-08 17:05 . 2013-06-08 17:07 -------- d-----w- c:\program files (x86)\Trojan Remover
2013-06-08 17:05 . 2013-06-08 17:05 -------- d-----w- c:\programdata\Simply Super Software
2013-06-08 16:50 . 2013-06-08 16:50 -------- d-----w- c:\users\Fabian\AppData\Roaming\Malwarebytes
2013-06-08 16:50 . 2013-06-08 16:50 -------- d-----w- c:\programdata\Malwarebytes
2013-06-08 16:50 . 2013-06-08 16:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-08 16:50 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-08 16:19 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-06-08 16:18 . 2013-01-13 20:35 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-08 16:18 . 2013-01-13 20:35 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-08 16:18 . 2013-01-13 19:51 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-06-08 16:18 . 2013-01-13 18:09 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-06-08 16:18 . 2013-01-13 20:31 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-08 16:18 . 2013-01-13 20:31 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-08 16:18 . 2013-01-13 20:31 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-08 16:18 . 2013-01-13 19:59 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-06-08 16:18 . 2013-01-13 19:38 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-06-08 16:18 . 2013-01-13 19:10 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-06-08 16:04 . 2013-05-13 23:48 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{558E57EF-BB27-437B-A1A6-062C1D6394DE}\mpengine.dll
2013-06-08 16:02 . 2013-06-08 16:02 -------- d-----w- c:\users\Fabian\AppData\Local\DriverTuner
2013-06-08 12:09 . 2013-06-08 12:09 -------- d-----w- c:\users\Fabian\AppData\Roaming\GetRightToGo
2013-06-08 11:30 . 2011-12-15 18:29 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-06-08 09:59 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-06-08 09:59 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-08 09:59 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-08 09:50 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-06-08 09:50 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-06-08 09:50 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-06-08 09:50 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-06-08 09:50 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-06-08 09:50 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-06-08 09:49 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-06-08 09:49 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-06-08 09:49 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-06-08 09:49 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-06-08 09:49 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-06-08 09:49 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-06-08 09:49 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-06-08 09:48 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-06-08 09:48 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-08 09:48 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-06-08 09:48 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-06-08 09:48 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-06-08 09:48 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-06-08 09:48 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-06-08 09:46 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-06-08 09:46 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-08 09:46 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-06-08 09:46 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-06-08 09:46 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-06-08 09:46 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-06-08 09:46 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-06-08 08:42 . 2013-06-08 17:21 -------- d-----w- c:\users\Fabian\AppData\Roaming\WindowsLogon
2013-06-07 21:09 . 2013-06-08 18:08 -------- d-sh--w- c:\programdata\Realtek0
2013-06-05 13:59 . 2013-06-05 13:59 -------- d-----w- c:\users\Fabian\AppData\Roaming\Awesomium
2013-06-05 13:58 . 2013-06-05 13:58 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-06-05 13:58 . 2013-06-05 13:58 -------- d-----w- c:\program files (x86)\Hi-Rez Studios
2013-06-03 13:04 . 2013-06-03 13:04 -------- d-----w- c:\users\Fabian\AppData\Local\NVIDIA
2013-06-03 13:01 . 2013-06-03 13:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-06-03 13:00 . 2013-06-08 16:24 -------- d-----w- c:\windows\SysWow64\NV
2013-06-03 13:00 . 2013-06-08 16:24 -------- d-----w- c:\windows\system32\NV
2013-05-29 23:22 . 2013-05-29 23:22 -------- d-----w- c:\programdata\BrowserProtect
2013-05-29 23:21 . 2013-05-29 23:21 -------- d-----w- c:\users\Fabian\AppData\Roaming\ExpressFiles
2013-05-29 23:19 . 2013-05-29 23:19 -------- d-----w- c:\users\Fabian\AppData\Local\iLivid
2013-05-17 03:17 . 2013-05-17 03:17 126464 ----a-w- c:\windows\system32\drivers\rzudd.sys
2013-05-17 03:17 . 2013-05-17 03:17 31232 ----a-w- c:\windows\system32\drivers\rzendpt.sys
2013-05-17 03:14 . 2013-05-17 03:14 56832 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2013-05-17 03:14 . 2013-05-17 03:14 154112 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2013-05-17 03:14 . 2013-05-17 03:14 766976 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2013-05-17 03:14 . 2013-05-17 03:14 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2013-05-17 03:14 . 2013-05-17 03:14 296448 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2013-05-14 19:43 . 2013-05-14 19:43 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-12 13:43 . 2013-05-12 13:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-05-11 12:01 . 2013-05-11 12:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-11 12:01 . 2013-05-11 12:01 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-10 18:04 . 2013-05-10 18:05 -------- d-----w- C:\tmp
2013-05-10 17:42 . 2013-05-10 17:42 -------- d-----w- c:\users\Fabian\AppData\Roaming\Blender Foundation
2013-05-09 19:53 . 2013-05-09 19:53 -------- d-----w- c:\users\Fabian\.thumbnails
2013-05-09 19:53 . 2013-05-09 19:53 -------- d-----w- c:\program files\Blender Foundation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-06 11:19 . 2012-10-25 11:40 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-06-06 11:19 . 2012-10-25 11:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-05-14 19:43 . 2012-05-28 18:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 19:43 . 2012-05-28 18:50 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-12 21:42 . 2012-10-10 20:22 2597344 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2012-10-10 20:22 12426216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2012-05-24 18:11 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2012-05-24 18:11 27775776 ----a-w- c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2012-05-24 18:11 15910736 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2012-05-24 18:11 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-05-12 20:34 . 2012-05-24 18:12 6491936 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2012-05-24 18:12 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2012-05-24 18:12 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2012-05-24 18:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2012-05-24 18:12 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2012-05-24 18:12 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-11 12:01 . 2012-05-24 17:42 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-11 12:01 . 2012-05-24 17:42 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-09 08:58 . 2012-06-20 15:55 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-08 14:13 . 2012-05-24 18:12 3165737 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-03 14:15 . 2012-05-24 19:04 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 13:28 . 2013-04-30 19:46 73944 ----a-w- c:\windows\system32\drivers\RzFilter.sys
2013-04-18 13:28 . 2013-04-30 19:46 128728 ----a-w- c:\windows\system32\drivers\RzDxgk.sys
2013-04-13 05:49 . 2013-06-08 09:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-06-08 09:49 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-06-08 09:49 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-06-08 09:49 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-06-08 09:49 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-06-08 09:49 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-07 18:39 . 2013-04-07 18:39 53248 ----a-w- c:\windows\SysWow64\unrar.dll
2013-04-07 08:54 . 2012-09-07 16:32 1455408 ----a-w- c:\windows\system32\dmwu.exe
2013-04-07 08:53 . 2012-09-07 16:32 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2013-01-29 13:28 170840 ----a-w- c:\program files\Web Assistant\Extension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-01-26 13:39 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-01-26 13:39 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-01-26 13:39 2042528 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2012-02-22 3325952]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-17 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Arctosa"="c:\program files (x86)\Razer\Arctosa\razerhid.exe" [2009-08-19 232960]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-05-21 609640]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2013-06-08 1648400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
tbhcn.lnk - c:\users\Fabian\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-7-2 695448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Fabian\AppData\Local\Temp\ALSysIO64.sys;c:\users\Fabian\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Arctosa;Arctosa Keyboard;c:\windows\system32\drivers\Arctosa.sys;c:\windows\SYSNATIVE\drivers\Arctosa.sys [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys;c:\windows\SYSNATIVE\DRIVERS\athrxusb.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys;c:\windows\SYSNATIVE\DRIVERS\VirtuWDDM.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys;c:\windows\SYSNATIVE\DRIVERS\afw.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys;c:\windows\SYSNATIVE\drivers\BdSpy.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x]
S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys;c:\windows\SYSNATIVE\DRIVERS\NSKernel.sys [x]
S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys;c:\windows\SYSNATIVE\DRIVERS\NSNetmon.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [x]
S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 RzOvlMon;Razer Overlay Subsystem Emergency Service;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Web Assistant;Web Assistant;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys;c:\windows\SYSNATIVE\DRIVERS\afwcore.sys [x]
S3 BdNet;BdNet;c:\windows\system32\drivers\BdNet.sys;c:\windows\SYSNATIVE\drivers\BdNet.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RzDxgk;RzDxgk;c:\windows\system32\drivers\RzDxgk.sys;c:\windows\SYSNATIVE\drivers\RzDxgk.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 11392173
*NewlyCreated* - ASWRVRT
*Deregistered* - 11392173
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-28 19:43]
.
2013-06-08 c:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:49]
.
2013-06-08 c:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:49]
.
2013-06-08 c:\windows\Tasks\GinyasBrowserCompanion Runner.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:49]
.
2013-06-08 c:\windows\Tasks\GinyasBrowserCompanion Stats Report.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:49]
.
2013-06-08 c:\windows\Tasks\GinyasBrowserCompanion Update Checker.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-02-18 10:49]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08 18:55]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08 18:55]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3485898032-1890299033-1484769855-1000Core.job
- c:\users\Fabian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 16:37]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3485898032-1890299033-1484769855-1000UA.job
- c:\users\Fabian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 16:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-01-26 14:02 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-01-26 14:02 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-01-26 14:02 2860192 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" [2012-12-13 2536288]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~1\LUCIDL~1\VIRTU\appinit_dll.dll c:\progra~1\BULLGU~1\BULLGU~1\BgAgent.dll c:\windows\System32\BgGamingMonitor.dll c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=122304&tt=gc_&babsrc=HP_ss&mntrId=5087BC5FF41A74A3
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local;<local>
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\a7zvye9k.default\
FF - prefs.js: browser.startup.homepage -
FF - user.js: security.csp.enable - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819&tt=120812_bandext_3312_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 50877b67000000000000bc5ff41a74a3
FF - user.js: extensions.BabylonToolbar.instlDay - 15566
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.619:24
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 50877b67000000000000bc5ff41a74a3
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 15756
FF - user.js: extensions.Softonic.vrsn - 1.8.8.11
FF - user.js: extensions.Softonic.vrsni - 1.8.8.11
FF - user.js: extensions.Softonic_i.vrsnTs - 1.8.8.1121:06
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - MOY00009
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic_i.excTlbr - false
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - true
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - 50877b67000000000000bc5ff41a74a3
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15781
FF - user.js: extensions.claro.vrsn - 1.8.8.5
FF - user.js: extensions.claro.vrsni - 1.8.8.5
FF - user.js: extensions.claro_i.vrsnTs - 1.8.8.513:07
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - uninst
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro_i.excTlbr - false
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
FF - user.js: extensions.claro.autoRvrt - false
FF - user.js: extensions.claro.rvrt - false
FF - user.js: extensions.claro_i.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 50877b67000000000000bc5ff41a74a3
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15854
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.51:22
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=122304&tt=gc_
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-Spotify Web Helper - c:\users\Fabian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-BattlEye A2 Free - c:\program files (x86)\steam\steamapps\common\arma 2 freeBattlEye\UnInstallBE.exe
AddRemove-GinyasBrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-{10CD364B-FFCC-48BE-B469-B9622A033075} - c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a8,1c,50,ec,0c,00,ce,01
.
[HKEY_USERS\S-1-5-21-3485898032-1890299033-1484769855-1000\Software\SecuROM\License information*]
"datasecu"=hex:29,d5,1a,a4,37,7a,90,c5,1a,2d,c1,f2,98,f1,59,78,87,b4,49,6b,c7,
64,c1,9a,b6,6c,53,90,2d,8b,d8,b6,89,b0,bb,99,06,06,14,0d,95,03,a5,36,33,e8,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-08 21:42:15
ComboFix-quarantined-files.txt 2013-06-08 19:42
.
Vor Suchlauf: 16 Verzeichnis(se), 118.735.650.816 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 118.474.653.696 Bytes frei
.
- - End Of File - - 0E3E121BB85D03CF0B447158AD2C8C0B
|
|
08.06.2013, 21:01
| #10 |
| /// Malware-holic | Coin Miner,msdcsc entfernen hi öffnest du mal bitte Computer, c: qoobox rechtsklick quarantain, packen und im Uploadchannel hochladen, melden bitte, wenn fertig.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 21:04
| #11 |
| | Coin Miner,msdcsc entfernen Fertig hochgeladen. |
|
08.06.2013, 21:06
| #12 |
| /// Malware-holic | Coin Miner,msdcsc entfernen danke dir. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 22:33
| #13 |
| | Coin Miner,msdcsc entfernen Sooo ich melde mich Zurück Wurden keine Infizierten Dateien gefunden  Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Fabian :: FABIAN-PC [Administrator] Schutz: Aktiviert 08.06.2013 22:14:25 mbam-log-2013-06-08 (22-14-25).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 488587 Laufzeit: 1 Stunde(n), 18 Minute(n), 8 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
09.06.2013, 18:36
| #14 |
| /// Malware-holic | Coin Miner,msdcsc entfernen Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.06.2013, 19:04
| #15 |
| | Coin Miner,msdcsc entfernen Auftrag erledigt. Code:
ATTFilter Acrobat.com Adobe Systems Incorporated 24.05.2012 1.1.377 Unbekannt Adobe AIR Adobe Systems Incorporated 30.05.2013 3.7.0.1860 Unbekannt Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 14.05.2013 6,00MB 11.7.700.202 Notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 14.05.2013 6,00MB 11.7.700.202 Notwendig Adobe Reader 9.5.5 - Deutsch Adobe Systems Incorporated 09.06.2013 123MB 9.5.5 Unbekannt Adobe Shockwave Player 12.0 Adobe Systems, Inc. 09.05.2013 12.0.2.122 Notwenig Air Forte 13.04.2013 unnötig AirMech 09.12.2012 Unnötig AJScreensaver 20.02.2013 Unnötig Akamai NetSession Interface 20.06.2012 Unbekannt Akamai NetSession Interface Akamai Technologies, Inc 18.03.2013 Unbekannt Alan Wake Remedy Entertainment 31.05.2013 Notwendig Alle meine Passworte 3.20 28.05.2012 Notwendig Apple Application Support Apple Inc. 09.06.2013 64,7MB 2.3.4 Notwendig Apple Mobile Device Support Apple Inc. 13.09.2012 23,7MB 6.0.0.59 Notwendig Apple Software Update Apple Inc. 12.09.2012 2,38MB 2.1.3.127 Notwendig applicationupdater Sony Online Entertainment 29.11.2012 Unnötig Assassin's Creed III 1.01 Ubisoft 23.11.2012 1.01 Notwendig Atom Zombie Smasher 13.04.2013 Unnötig aTube Catcher DsNET Corp 27.10.2012 2.9.1347 Unnötig avast! Internet Security AVAST Software 09.06.2013 8.0.1489.0 Notwendig AVM FRITZ!WLAN AVM Berlin 02.02.2013 Notwendig Bastion Supergiant Games 20.03.2013 Notwendig Battlefield 3™ Electronic Arts 13.12.2012 1.0.0.0 Notwendig Battlelog Web Plugins EA Digital Illusions CE AB 13.12.2012 2.1.2 Notwendig BattlEye (A2Free) Uninstall 21.06.2012 Notwendig BattlEye for OA Uninstall 21.10.2012 Notwendig Blender Blender Foundation 09.05.2013 2.67 Unnötig Borderlands 2 Gearbox Software 23.04.2013 Notwendig BullGuard BullGuard Ltd. 28.10.2012 13.0 Unnötig CCleaner Piriform 24.05.2013 4.02 Notwendig Closure 20.12.2012 Notwendig Core Temp version 0.99.7 Arthur Liberman 24.05.2012 1,75MB 0.99.7 Unnötig Cossacks - The Art Of War 07.04.2013 Notwendig Dota 2 19.08.2012 Notwendig Dota 2 Test 22.10.2012 Unnötig Downloader 16.07.2012 Unbekannt Dungeon Defenders 20.07.2012 Notwendig ESN Sonar ESN Social Software AB 13.12.2012 0.70.4 Unbekannt EVEREST Home Edition v2.20 Lavalys Inc 05.03.2013 2.20 Notwendig EXPERTool 7.21 Gainward Co., Ltd 24.05.2012 11,2MB Unbekannt Fallout 3 Bethesda Softworks 01.08.2012 1.00.0000 Unnötig Far Cry 3 Ubisoft 06.06.2013 1.05 Notwendig FileZilla Client 3.6.0 FileZilla Project 12.11.2012 17,0MB 3.6.0 Unnötig Flotilla 13.04.2013 Unnötig Fragen-Lern-CD 4.3 Wendel-Verlag GmbH 26.02.2013 4.3.5 Notwendig gamelauncher-ps2-live Sony Online Entertainment 12.01.2013 Unnötig GinyasBrowserCompanion Ginyas 23.02.2013 Unbekannt Google Drive Google, Inc. 08.06.2013 32,0MB 1.9.4536.8202 Unbekannt GUILD WARS 24.05.2012 Notwendig Hector: Ep 1 30.05.2013 Notwendig Hector: Ep 2 30.05.2013 Notwendig Hector: Ep 3 30.05.2013 Notwendig Hi-Rez Studios Authenticate and Update Service Hi-Rez Studios 05.06.2013 3.0.0.0 Notwendig HP FWUpdateEDO2 Hewlett-Packard 27.11.2012 1,53MB 1.2.0.0 Notwendig HP Officejet 6600 - Grundlegende Software für das Gerät Hewlett-Packard Co. 13.11.2012 180MB 25.0.619.0 Notwendig HP Officejet 6600 Hilfe Hewlett Packard 13.11.2012 17,6MB 140.0.2.2 Notwendig HP Photo Creations HP 27.11.2012 14,6MB 1.0.0.9572 Unbekannt HP Update Hewlett-Packard 27.11.2012 3,98MB 5.003.001.001 Unnötig I.R.I.S. OCR HP 13.11.2012 68,9MB 12.3.4.0 Unbekannt IB Updater Service 11.04.2013 3.0.4.6 Unbekannt iCloud Apple Inc. 27.09.2012 80,2MB 2.0.2.187 Unnötig iFunbox (v2.1.2228.731), iFunbox DevTeam 22.02.2013 40,6MB v2.1.2228.731 Unnötig Intel(R) Control Center Intel Corporation 24.05.2012 1.2.1.1007 Unbekannt Intel(R) Management Engine Components Intel Corporation 25.05.2012 7.0.0.1144 Notwendig Intel(R) Processor Graphics Intel Corporation 08.06.2013 9.17.10.2932 Notwendig iTunes Apple Inc. 13.09.2012 182MB 10.7.0.21 Notwendig Java 7 Update 21 Oracle 11.05.2013 129MB 7.0.210 Notwendig Java 7 Update 21 (64-bit) Oracle 09.06.2013 128MB 7.0.210 Notwendig JavaFX 2.1.0 Oracle Corporation 24.05.2012 20,8MB 2.1.0 Notwendig League of Legends Riot Games 16.06.2012 1.3 Notwendig LOLReplay www.leaguereplays.com 14.02.2013 0.8.1.4 Unnötig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 08.06.2013 19,2MB 1.75.0.1300 Notwendig Medal of Honor™ Warfighter Electronic Arts 25.10.2012 16,0GB 1.0.0.0 Notwendig Metro 2033 THQ 05.12.2012 Notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.05.2012 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.05.2012 2,93MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 01.07.2012 51,9MB 4.0.30319 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 01.08.2012 28,3MB 1.2.0241 Microsoft Office 365 Home Premium Preview - en-us Microsoft Corporation 24.01.2013 15.0.4128.1025 Microsoft Silverlight Microsoft Corporation 09.06.2013 50,6MB 5.1.20125.0 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 09.06.2013 298KB 8.0.61001 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 25.05.2012 252KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 24.05.2012 788KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 14.03.2013 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.05.2012 240KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 24.05.2012 596KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 14.03.2013 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 09.06.2013 16,9MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.06.2013 11,1MB 10.0.40219 Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 20.03.2013 7,48MB 3.1.10527.0 Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 01.07.2012 8,03MB 4.0.20823.0 Mouse Editor Ihr Firmenname 30.10.2012 53,2MB 12.02.0004 Notwendig MovieSaver*3.0 Engelmann Media GmbH 03.01.2013 4,96MB 3.0.11.1100 Unnötig Mozilla Firefox 21.0 (x86 de) Mozilla 09.06.2013 44,5MB 21.0 Notwendig Mozilla Maintenance Service Mozilla 09.06.2013 333KB 21.0 Notwendig MSXML 4.0 SP2 (KB954430) Microsoft Corporation 09.06.2012 1,27MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 09.06.2012 1,33MB 4.20.9876.0 MSXML 4.0 SP3 Parser Microsoft Corporation 09.06.2013 1,47MB 4.30.2100.0 MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 09.06.2013 1,54MB 4.30.2117.0 NetLimiter 3 Locktime Software s.r.o. 09.04.2013 9,78MB 3.0.0.11 Unnötig NewFreeScreensaver nfsDigitalPaintClockWhite 20.02.2013 1,35MB Unnötig Nokia Connectivity Cable Driver Nokia 03.11.2012 3,95MB 7.1.92.0 Unnötig NVIDIA 3D Vision Controller-Treiber 320.18 NVIDIA Corporation 03.06.2013 320.18 Notwendig NVIDIA 3D Vision Treiber 320.18 NVIDIA Corporation 03.06.2013 320.18 Notwendig NVIDIA GeForce Experience 1.5 NVIDIA Corporation 03.06.2013 1.5 Notwendig NVIDIA Grafiktreiber 320.18 NVIDIA Corporation 03.06.2013 320.18 Notwendig NVIDIA HD-Audiotreiber 1.3.24.2 NVIDIA Corporation 03.06.2013 1.3.24.2 Notwendig NVIDIA PhysX-Systemsoftware 9.12.1031 NVIDIA Corporation 03.06.2013 9.12.1031 Notwendig OpenOffice.org 3.4.1 Apache Software Foundation 14.03.2013 331MB 3.41.9593 Notwendig Origin Electronic Arts, Inc. 25.10.2012 9.0.13.2135 Notwendig Panda USB Vaccine 1.0.1.4 Panda Security 09.06.2013 Notwendig Pando Media Booster Pando Networks Inc. 17.12.2012 5,46MB 2.6.0.8 Unbekannt PC Connectivity Solution Nokia 03.11.2012 21,2MB 12.0.48.0 Unbekannt PunkBuster Services Even Balance, Inc. 06.06.2013 0.993 Notwendig QuickTime Apple Inc. 09.06.2013 74,6MB 7.74.80.86 Unnötig RaidCall raidcall.com 06.03.2013 7.1.6-1.0.4843.7 Notwendig Razer Arctosa Razer USA Ltd. 10.02.2013 1.00.0000 Unnötig Razer Core Razer USA Ltd. 30.04.2013 0.01.137 Notwendig Razer Synapse 2.0 Razer Inc. 04.06.2013 17,3MB 1.10.6 Notwendig Realtek Ethernet Controller Driver Realtek 24.05.2012 7.44.421.2011 Notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.05.2012 6.0.1.6392 Notwendig Saints Row: The Third Volition 06.06.2013 Notwendig SanDiskSecureAccess_Manager.exe Gemalto N.V. 15.03.2013 1.1.19269 Notwendig Secunia PSI (3.0.0.7009) Secunia 09.06.2013 5,65MB 3.0.0.7009 Notwendig SimCity 4 Deluxe 24.08.2012 Notwendig SimCity™ Electronic Arts 07.03.2013 283MB 1.0.0.0 Notwendig Skype™ 6.3 Skype Technologies S.A. 19.05.2013 21,1MB 6.3.107 Notwendig Smite Hi-Rez Studios 06.06.2013 0.1.1556.2 Notwendig SPORE™ Electronic Arts 07.06.2012 1.00.0000 Notwendig Spotify Spotify AB 06.05.2013 0.9.0.133.gd18ed589 Notwendig Steam Valve Corporation 29.05.2012 35,4MB 1.0.0.0 Notwendig Studie zur Verbesserung von HP Officejet 6600 Produkten Hewlett-Packard Co. 13.11.2012 8,28MB 25.0.619.0 Unnötig System Requirements Lab for Intel Husdawg, LLC 15.12.2012 1,02MB 4.5.11.0 Unbekannt TeamSpeak 3 Client TeamSpeak Systems GmbH 05.11.2012 3.0.9.2 Notwendig The Binding of Isaac 20.12.2012 Notwendig The Walking Dead 30.05.2013 Notwendig THX TruStudio Creative Technology Limited 24.05.2012 1.00.01 Notwendig TmNationsForever Nadeo 01.06.2012 Notwendig TmUnitedForever Nadeo 05.06.2012 Notwendig TrueCrypt TrueCrypt Foundation 03.07.2012 7.1a Unbekannt Uplay Ubisoft 23.11.2012 2.0 Notwendig VIRTU 1.2.106 Lucfidlogix Technologies LTD 24.05.2012 15,5MB 1.2.106 Notwendig Wallace & Gromit Ep 1: Fright of the Bumblebees Telltale Games 30.05.2013 Notwendig Wallace & Gromit Ep 2: The Last Resort Telltale Games 30.05.2013 Notwendig Wallace & Gromit Ep 3: Muzzled! Telltale Games 30.05.2013 Notwendig Wallace & Gromit Ep 4: The Bogey Man Telltale Games 30.05.2013 Notwendig Warhammer 40,000: Dawn of War - Game of the Year Edition Relic Entertainment 03.06.2013 Unnötig Web Assistant 2.0.0.573 IncrediBar 04.03.2013 2,27MB 2.0.0.573 Unnötig Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Nokia 03.11.2012 05/31/2012 7.1.2.0 Unbekannt WinRAR 4.11 (64-Bit) win.rar GmbH 28.05.2012 4.11.0 Notwendig XFast LAN v6.61 cFos Software GmbH, Bonn 24.05.2012 6.61 Notwendig XFastUsb 24.05.2012 Notwendig XIII 05.08.2012 1.00.000 Notwendig |
|
| Themen zu Coin Miner,msdcsc entfernen |
| adblock, adobe, akamai, autorun, bho, cpu, defender, downloader, entfernen, excel, explorer, firefox, flash player, format, helper, home, launch, logfile, nvidia, pdf, plug-in, problem, realtek, registry, rundll, sketchup, spotify web helper, stick, super, temp, windows |
Textbox. 
WARNUNG an die MITLESER: 
Linear-Darstellung
