| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Coin-miner zieht alle ressourcen! Processor 100%Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.06.2013, 11:14
| #16 |
| /// the machine /// TB-Ausbilder    |  Coin-miner zieht alle ressourcen! Processor 100% Das wird intressant  Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.06.2013, 11:39
| #17 |
 | Coin-miner zieht alle ressourcen! Processor 100% Danke dass du dran bleibst!
__________________Hier der erste log: Ich lass den Malewwarebites jetzt gleich laufen. Code:
ATTFilter 12:38:01.0275 5664 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:38:01.0415 5664 ============================================================
12:38:01.0415 5664 Current date / time: 2013/06/16 12:38:01.0415
12:38:01.0415 5664 SystemInfo:
12:38:01.0415 5664
12:38:01.0415 5664 OS Version: 6.2.9200 ServicePack: 0.0
12:38:01.0415 5664 Product type: Workstation
12:38:01.0415 5664 ComputerName: YPS
12:38:01.0415 5664 UserName: Santa
12:38:01.0415 5664 Windows directory: C:\WINDOWS
12:38:01.0415 5664 System windows directory: C:\WINDOWS
12:38:01.0415 5664 Running under WOW64
12:38:01.0415 5664 Processor architecture: Intel x64
12:38:01.0415 5664 Number of processors: 4
12:38:01.0415 5664 Page size: 0x1000
12:38:01.0415 5664 Boot type: Normal boot
12:38:01.0415 5664 ============================================================
12:38:01.0697 5664 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:01.0697 5664 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:01.0697 5664 ============================================================
12:38:01.0697 5664 \Device\Harddisk0\DR0:
12:38:01.0697 5664 MBR partitions:
12:38:01.0697 5664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
12:38:01.0697 5664 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x9663800
12:38:01.0697 5664 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x98BC800, BlocksNum 0x2F741000
12:38:01.0697 5664 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x38FFD800, BlocksNum 0x1388000
12:38:01.0697 5664 \Device\Harddisk1\DR1:
12:38:01.0697 5664 MBR partitions:
12:38:01.0697 5664 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:38:01.0697 5664 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
12:38:01.0697 5664 ============================================================
12:38:01.0712 5664 C: <-> \Device\Harddisk1\DR1\Partition2
12:38:01.0712 5664 E: <-> \Device\Harddisk0\DR0\Partition3
12:38:01.0712 5664 G: <-> \Device\Harddisk0\DR0\Partition2
12:38:01.0712 5664 H: <-> \Device\Harddisk0\DR0\Partition4
12:38:01.0712 5664 ============================================================
12:38:01.0712 5664 Initialize success
12:38:01.0712 5664 ============================================================
12:38:11.0653 1908 ============================================================
12:38:11.0653 1908 Scan started
12:38:11.0653 1908 Mode: Manual; SigCheck; TDLFS;
12:38:11.0653 1908 ============================================================
12:38:11.0747 1908 ================ Scan system memory ========================
12:38:11.0747 1908 System memory - ok
12:38:11.0747 1908 ================ Scan services =============================
12:38:11.0778 1908 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:38:11.0825 1908 1394ohci - ok
12:38:11.0841 1908 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:38:11.0857 1908 3ware - ok
12:38:11.0857 1908 [ 2C4D6B18A15E9DB5C8856B9F9ECD32D9 ] ACLE6Live C:\WINDOWS\system32\Drivers\ACLE1764.sys
12:38:11.0903 1908 ACLE6Live - ok
12:38:11.0919 1908 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:38:11.0950 1908 ACPI - ok
12:38:11.0950 1908 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:38:11.0966 1908 acpiex - ok
12:38:11.0966 1908 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:38:11.0982 1908 acpipagr - ok
12:38:11.0997 1908 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:38:11.0997 1908 AcpiPmi - ok
12:38:12.0013 1908 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:38:12.0028 1908 acpitime - ok
12:38:12.0044 1908 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:12.0060 1908 AdobeFlashPlayerUpdateSvc - ok
12:38:12.0075 1908 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
12:38:12.0091 1908 adp94xx - ok
12:38:12.0107 1908 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
12:38:12.0138 1908 adpahci - ok
12:38:12.0138 1908 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
12:38:12.0153 1908 adpu320 - ok
12:38:12.0169 1908 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:38:12.0185 1908 AeLookupSvc - ok
12:38:12.0200 1908 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:38:12.0216 1908 AFD - ok
12:38:12.0232 1908 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:38:12.0247 1908 agp440 - ok
12:38:12.0247 1908 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
12:38:12.0263 1908 ALG - ok
12:38:12.0278 1908 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
12:38:12.0294 1908 AllUserInstallAgent - ok
12:38:12.0294 1908 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:38:12.0310 1908 AmdK8 - ok
12:38:12.0325 1908 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:38:12.0325 1908 AmdPPM - ok
12:38:12.0341 1908 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:38:12.0357 1908 amdsata - ok
12:38:12.0357 1908 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:38:12.0388 1908 amdsbs - ok
12:38:12.0388 1908 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:38:12.0403 1908 amdxata - ok
12:38:12.0419 1908 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:38:12.0435 1908 AppID - ok
12:38:12.0450 1908 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:38:12.0466 1908 AppIDSvc - ok
12:38:12.0466 1908 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:38:12.0482 1908 Appinfo - ok
12:38:12.0497 1908 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:38:12.0497 1908 Apple Mobile Device - ok
12:38:12.0513 1908 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:38:12.0528 1908 AppMgmt - ok
12:38:12.0528 1908 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
12:38:12.0544 1908 arc - ok
12:38:12.0560 1908 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:38:12.0575 1908 arcsas - ok
12:38:12.0575 1908 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:38:12.0607 1908 AsyncMac - ok
12:38:12.0607 1908 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:38:12.0622 1908 atapi - ok
12:38:12.0622 1908 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:38:12.0653 1908 AudioEndpointBuilder - ok
12:38:12.0653 1908 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:38:12.0685 1908 Audiosrv - ok
12:38:12.0700 1908 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:38:12.0716 1908 AxInstSV - ok
12:38:12.0716 1908 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:38:12.0747 1908 b06bdrv - ok
12:38:12.0763 1908 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:38:12.0778 1908 BasicDisplay - ok
12:38:12.0778 1908 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:38:12.0794 1908 BasicRender - ok
12:38:12.0810 1908 [ 656B7660FB8FD2D3D015172486A2DB04 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
12:38:12.0810 1908 bcbtums - ok
12:38:12.0841 1908 [ 47F0FE026652F601F367ECE2DFFCFC40 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
12:38:12.0935 1908 BcmBtRSupport - ok
12:38:12.0935 1908 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:38:12.0950 1908 BDESVC - ok
12:38:12.0966 1908 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:38:12.0966 1908 Beep - ok
12:38:12.0982 1908 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
12:38:13.0013 1908 BFE - ok
12:38:13.0028 1908 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
12:38:13.0060 1908 BITS - ok
12:38:13.0075 1908 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:38:13.0091 1908 Bonjour Service - ok
12:38:13.0107 1908 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:38:13.0107 1908 bowser - ok
12:38:13.0122 1908 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:38:13.0138 1908 BrokerInfrastructure - ok
12:38:13.0138 1908 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
12:38:13.0153 1908 Browser - ok
12:38:13.0169 1908 [ 1487553CE1433AB594427B2E7DA4181C ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
12:38:13.0185 1908 BthA2DP - ok
12:38:13.0185 1908 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:38:13.0200 1908 BthAvrcpTg - ok
12:38:13.0200 1908 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
12:38:13.0216 1908 BthEnum - ok
12:38:13.0232 1908 [ E695E706C9E11DD5201605F1F6B4505C ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
12:38:13.0232 1908 BthHFAud - ok
12:38:13.0247 1908 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:38:13.0278 1908 BthHFEnum - ok
12:38:13.0294 1908 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:38:13.0294 1908 bthhfhid - ok
12:38:13.0310 1908 [ 447A41162B74E345C8E80A681867C653 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
12:38:13.0357 1908 BthHFSrv - ok
12:38:13.0357 1908 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:38:13.0404 1908 BTHMODEM - ok
12:38:13.0404 1908 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:38:13.0419 1908 BthPan - ok
12:38:13.0435 1908 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
12:38:13.0466 1908 BTHPORT - ok
12:38:13.0482 1908 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
12:38:13.0497 1908 bthserv - ok
12:38:13.0497 1908 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
12:38:13.0513 1908 BTHUSB - ok
12:38:13.0513 1908 [ 183E8A570E03F14C357F0948D2F5E2FE ] btwampfl C:\WINDOWS\system32\drivers\btwampfl.sys
12:38:13.0529 1908 btwampfl - ok
12:38:13.0544 1908 [ 187686608DF41BE0E436FBF3F88986CC ] btwaudio C:\WINDOWS\system32\drivers\btwaudio.sys
12:38:13.0544 1908 btwaudio - ok
12:38:13.0560 1908 [ B68927792C57BD730308230BB9A5D070 ] btwavdt C:\WINDOWS\System32\drivers\btwavdt.sys
12:38:13.0575 1908 btwavdt - ok
12:38:13.0591 1908 [ 848250AC2A5E0378A02708C5FFC148B6 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
12:38:13.0622 1908 btwdins - ok
12:38:13.0638 1908 [ C3C8974D99F976C927165363855690CD ] btwl2cap C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
12:38:13.0638 1908 btwl2cap - ok
12:38:13.0654 1908 [ 7BBD1461FBE22E68668C70891512E9AB ] btwrchid C:\WINDOWS\System32\drivers\btwrchid.sys
12:38:13.0654 1908 btwrchid - ok
12:38:13.0654 1908 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:38:13.0669 1908 cdfs - ok
12:38:13.0685 1908 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:38:13.0700 1908 cdrom - ok
12:38:13.0700 1908 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:38:13.0732 1908 CertPropSvc - ok
12:38:13.0732 1908 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:38:13.0763 1908 circlass - ok
12:38:13.0779 1908 [ 9BCE872B95A6AA65C5B5A0E60703F1E3 ] ClassicShellService C:\Program Files\Classic Shell\ClassicShellService.exe
12:38:13.0794 1908 ClassicShellService ( UnsignedFile.Multi.Generic ) - warning
12:38:13.0794 1908 ClassicShellService - detected UnsignedFile.Multi.Generic (1)
12:38:13.0794 1908 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:38:13.0825 1908 CLFS - ok
12:38:13.0841 1908 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:38:13.0857 1908 CmBatt - ok
12:38:13.0857 1908 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:38:13.0904 1908 CNG - ok
12:38:13.0919 1908 [ BAC2D188758596568FA72D11C3D50087 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
12:38:13.0967 1908 CnxtHdAudService - ok
12:38:13.0967 1908 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:38:14.0014 1908 CompositeBus - ok
12:38:14.0014 1908 COMSysApp - ok
12:38:14.0014 1908 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:38:14.0030 1908 condrv - ok
12:38:14.0045 1908 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:38:14.0061 1908 cphs - ok
12:38:14.0076 1908 [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:38:14.0092 1908 CryptSvc - ok
12:38:14.0092 1908 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
12:38:14.0123 1908 CSC - ok
12:38:14.0139 1908 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
12:38:14.0155 1908 CscService - ok
12:38:14.0170 1908 [ 48AED45DF009081AF3F5144F7D624674 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
12:38:14.0170 1908 CxAudMsg - ok
12:38:14.0186 1908 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
12:38:14.0201 1908 dam - ok
12:38:14.0217 1908 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:38:14.0248 1908 DcomLaunch - ok
12:38:14.0248 1908 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:38:14.0280 1908 defragsvc - ok
12:38:14.0295 1908 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:38:14.0326 1908 DeviceAssociationService - ok
12:38:14.0326 1908 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:38:14.0358 1908 DeviceInstall - ok
12:38:14.0358 1908 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:38:14.0373 1908 Dfsc - ok
12:38:14.0373 1908 [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:38:14.0389 1908 dg_ssudbus - ok
12:38:14.0389 1908 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:38:14.0420 1908 Dhcp - ok
12:38:14.0420 1908 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
12:38:14.0451 1908 discache - ok
12:38:14.0451 1908 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
12:38:14.0467 1908 disk - ok
12:38:14.0483 1908 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:38:14.0498 1908 dmvsc - ok
12:38:14.0498 1908 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:38:14.0514 1908 Dnscache - ok
12:38:14.0530 1908 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:38:14.0545 1908 dot3svc - ok
12:38:14.0561 1908 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
12:38:14.0592 1908 DPS - ok
12:38:14.0608 1908 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:38:14.0608 1908 drmkaud - ok
12:38:14.0623 1908 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:38:14.0639 1908 DsmSvc - ok
12:38:14.0670 1908 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:38:14.0733 1908 DXGKrnl - ok
12:38:14.0733 1908 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:38:14.0764 1908 Eaphost - ok
12:38:14.0795 1908 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:38:14.0920 1908 ebdrv - ok
12:38:14.0936 1908 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
12:38:14.0951 1908 EFS - ok
12:38:14.0967 1908 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
12:38:14.0983 1908 ehRecvr - ok
12:38:14.0998 1908 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched C:\WINDOWS\ehome\ehsched.exe
12:38:15.0014 1908 ehSched - ok
12:38:15.0014 1908 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:38:15.0030 1908 EhStorClass - ok
12:38:15.0045 1908 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:38:15.0061 1908 EhStorTcgDrv - ok
12:38:15.0061 1908 [ BE2902E13CA69383F449B6BF927844FB ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:38:15.0076 1908 ElbyCDIO - ok
12:38:15.0076 1908 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:38:15.0092 1908 ErrDev - ok
12:38:15.0108 1908 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
12:38:15.0123 1908 EventSystem - ok
12:38:15.0139 1908 [ 933723A47E9B7B22208F79F0F40A249A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:38:15.0155 1908 EvtEng - ok
12:38:15.0170 1908 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:38:15.0201 1908 exfat - ok
12:38:15.0201 1908 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:38:15.0233 1908 fastfat - ok
12:38:15.0233 1908 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
12:38:15.0264 1908 Fax - ok
12:38:15.0264 1908 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:38:15.0280 1908 fdc - ok
12:38:15.0280 1908 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:38:15.0311 1908 fdPHost - ok
12:38:15.0311 1908 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:38:15.0342 1908 FDResPub - ok
12:38:15.0358 1908 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:38:15.0373 1908 fhsvc - ok
12:38:15.0373 1908 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:38:15.0389 1908 FileInfo - ok
12:38:15.0389 1908 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:38:15.0420 1908 Filetrace - ok
12:38:15.0436 1908 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:38:15.0451 1908 flpydisk - ok
12:38:15.0451 1908 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:38:15.0483 1908 FltMgr - ok
12:38:15.0498 1908 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
12:38:15.0530 1908 FontCache - ok
12:38:15.0545 1908 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:15.0561 1908 FontCache3.0.0.0 - ok
12:38:15.0561 1908 [ 0DFEBEA4BB4444488E0032A48524F56A ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
12:38:15.0561 1908 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
12:38:15.0561 1908 Freemake Improver - detected UnsignedFile.Multi.Generic (1)
12:38:15.0576 1908 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:38:15.0592 1908 FsDepends - ok
12:38:15.0592 1908 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:38:15.0608 1908 Fs_Rec - ok
12:38:15.0623 1908 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:38:15.0655 1908 fvevol - ok
12:38:15.0655 1908 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:38:15.0670 1908 FxPPM - ok
12:38:15.0686 1908 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:38:15.0702 1908 gagp30kx - ok
12:38:15.0702 1908 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:38:15.0702 1908 GEARAspiWDM - ok
12:38:15.0717 1908 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:38:15.0733 1908 gencounter - ok
12:38:15.0733 1908 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:38:15.0748 1908 GPIOClx0101 - ok
12:38:15.0764 1908 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:38:15.0811 1908 gpsvc - ok
12:38:15.0827 1908 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:15.0827 1908 gupdate - ok
12:38:15.0842 1908 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:15.0842 1908 gupdatem - ok
12:38:15.0858 1908 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:38:15.0873 1908 gusvc - ok
12:38:15.0873 1908 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:38:15.0889 1908 HdAudAddService - ok
12:38:15.0905 1908 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:38:15.0920 1908 HDAudBus - ok
12:38:15.0936 1908 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:38:15.0936 1908 HidBatt - ok
12:38:15.0952 1908 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:38:15.0967 1908 HidBth - ok
12:38:15.0967 1908 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:38:15.0983 1908 hidi2c - ok
12:38:15.0983 1908 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:38:16.0030 1908 HidIr - ok
12:38:16.0030 1908 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:38:16.0045 1908 hidserv - ok
12:38:16.0061 1908 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:38:16.0077 1908 HidUsb - ok
12:38:16.0077 1908 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:38:16.0092 1908 hkmsvc - ok
12:38:16.0108 1908 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:38:16.0123 1908 HomeGroupListener - ok
12:38:16.0139 1908 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:38:16.0155 1908 HomeGroupProvider - ok
12:38:16.0155 1908 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:38:16.0170 1908 HpSAMD - ok
12:38:16.0186 1908 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:38:16.0217 1908 HTTP - ok
12:38:16.0217 1908 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:38:16.0233 1908 hwpolicy - ok
12:38:16.0248 1908 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:38:16.0264 1908 hyperkbd - ok
12:38:16.0264 1908 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:38:16.0280 1908 HyperVideo - ok
12:38:16.0280 1908 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:38:16.0295 1908 i8042prt - ok
12:38:16.0311 1908 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:38:16.0358 1908 iaStorV - ok
12:38:16.0358 1908 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
12:38:16.0373 1908 IBMPMDRV - ok
12:38:16.0373 1908 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
12:38:16.0389 1908 IBMPMSVC - ok
12:38:16.0452 1908 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:38:16.0545 1908 igfx - ok
12:38:16.0545 1908 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
12:38:16.0561 1908 iirsp - ok
12:38:16.0577 1908 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:38:16.0608 1908 IKEEXT - ok
12:38:16.0623 1908 [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:38:16.0623 1908 intaud_WaveExtensible - ok
12:38:16.0639 1908 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:38:16.0655 1908 intelide - ok
12:38:16.0655 1908 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:38:16.0670 1908 intelppm - ok
12:38:16.0670 1908 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:38:16.0702 1908 IpFilterDriver - ok
12:38:16.0717 1908 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:38:16.0733 1908 iphlpsvc - ok
12:38:16.0748 1908 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:38:16.0764 1908 IPMIDRV - ok
12:38:16.0764 1908 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:38:16.0795 1908 IPNAT - ok
12:38:16.0795 1908 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:38:16.0827 1908 iPod Service - ok
12:38:16.0842 1908 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:\WINDOWS\system32\drivers\iPodDrv.sys
12:38:16.0842 1908 iPodDrv - ok
12:38:16.0858 1908 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:38:16.0873 1908 IRENUM - ok
12:38:16.0873 1908 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:38:16.0889 1908 isapnp - ok
12:38:16.0889 1908 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:38:16.0920 1908 iScsiPrt - ok
12:38:16.0920 1908 [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
12:38:16.0936 1908 iwdbus - ok
12:38:16.0936 1908 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:38:16.0952 1908 kbdclass - ok
12:38:16.0952 1908 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:38:16.0967 1908 kbdhid - ok
12:38:16.0983 1908 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:38:16.0983 1908 kdnic - ok
12:38:16.0998 1908 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
12:38:17.0014 1908 KeyIso - ok
12:38:17.0014 1908 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:38:17.0030 1908 KSecDD - ok
12:38:17.0045 1908 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:38:17.0061 1908 KSecPkg - ok
12:38:17.0061 1908 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:38:17.0077 1908 ksthunk - ok
12:38:17.0092 1908 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:38:17.0108 1908 KtmRm - ok
12:38:17.0123 1908 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:38:17.0139 1908 LanmanServer - ok
12:38:17.0155 1908 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:38:17.0170 1908 LanmanWorkstation - ok
12:38:17.0186 1908 [ 7CFE36AF06E9C0984021796EDC8AC207 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
12:38:17.0186 1908 LENOVO.MICMUTE - ok
12:38:17.0202 1908 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:38:17.0217 1908 lltdio - ok
12:38:17.0233 1908 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:38:17.0248 1908 lltdsvc - ok
12:38:17.0264 1908 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:38:17.0280 1908 lmhosts - ok
12:38:17.0280 1908 [ F28E88AFA2EE1E5A7E4FCAB4D1578C36 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:17.0295 1908 LMS - ok
12:38:17.0311 1908 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:38:17.0327 1908 LSI_SAS - ok
12:38:17.0327 1908 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:38:17.0342 1908 LSI_SAS2 - ok
12:38:17.0358 1908 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
12:38:17.0373 1908 LSI_SCSI - ok
12:38:17.0373 1908 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:38:17.0389 1908 LSI_SSS - ok
12:38:17.0405 1908 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll
12:38:17.0452 1908 LSM - ok
12:38:17.0452 1908 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:38:17.0483 1908 luafv - ok
12:38:17.0483 1908 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
12:38:17.0498 1908 Mcx2Svc - ok
12:38:17.0514 1908 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:38:17.0530 1908 megasas - ok
12:38:17.0530 1908 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
12:38:17.0561 1908 MegaSR - ok
12:38:17.0561 1908 [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:38:17.0577 1908 MEIx64 - ok
12:38:17.0577 1908 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:38:17.0592 1908 MMCSS - ok
12:38:17.0592 1908 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:38:17.0623 1908 Modem - ok
12:38:17.0623 1908 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:38:17.0639 1908 monitor - ok
12:38:17.0639 1908 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:38:17.0655 1908 mouclass - ok
12:38:17.0670 1908 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:38:17.0670 1908 mouhid - ok
12:38:17.0686 1908 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:38:17.0702 1908 mountmgr - ok
12:38:17.0702 1908 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:17.0717 1908 MozillaMaintenance - ok
12:38:17.0717 1908 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:38:17.0733 1908 mpsdrv - ok
12:38:17.0748 1908 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:38:17.0780 1908 MpsSvc - ok
12:38:17.0795 1908 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:38:17.0811 1908 MRxDAV - ok
12:38:17.0827 1908 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:38:17.0842 1908 mrxsmb - ok
12:38:17.0842 1908 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:38:17.0873 1908 mrxsmb10 - ok
12:38:17.0873 1908 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:38:17.0889 1908 mrxsmb20 - ok
12:38:17.0905 1908 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:38:17.0920 1908 MsBridge - ok
12:38:17.0920 1908 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:38:17.0952 1908 MSDTC - ok
12:38:17.0952 1908 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:38:17.0967 1908 Msfs - ok
12:38:17.0983 1908 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:38:17.0998 1908 msgpiowin32 - ok
12:38:17.0998 1908 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:38:18.0014 1908 mshidkmdf - ok
12:38:18.0014 1908 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:38:18.0030 1908 mshidumdf - ok
12:38:18.0030 1908 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:38:18.0045 1908 msisadrv - ok
12:38:18.0061 1908 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:38:18.0077 1908 MSiSCSI - ok
12:38:18.0077 1908 msiserver - ok
12:38:18.0077 1908 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:38:18.0092 1908 MSKSSRV - ok
12:38:18.0108 1908 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:38:18.0124 1908 MsLldp - ok
12:38:18.0124 1908 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:38:18.0139 1908 MSPCLOCK - ok
12:38:18.0139 1908 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:38:18.0155 1908 MSPQM - ok
12:38:18.0170 1908 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:38:18.0186 1908 MsRPC - ok
12:38:18.0202 1908 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:38:18.0217 1908 mssmbios - ok
12:38:18.0217 1908 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:38:18.0233 1908 MSTEE - ok
12:38:18.0233 1908 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:38:18.0249 1908 MTConfig - ok
12:38:18.0249 1908 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:38:18.0264 1908 Mup - ok
12:38:18.0280 1908 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:38:18.0295 1908 mvumis - ok
12:38:18.0295 1908 [ D8C1FE237762249C879760E7F3ABFC1F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:38:18.0311 1908 MyWiFiDHCPDNS - ok
12:38:18.0327 1908 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:38:18.0358 1908 napagent - ok
12:38:18.0358 1908 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:38:18.0389 1908 NativeWifiP - ok
12:38:18.0389 1908 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:38:18.0405 1908 NcaSvc - ok
12:38:18.0420 1908 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:38:18.0436 1908 NcdAutoSetup - ok
12:38:18.0452 1908 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:38:18.0499 1908 NDIS - ok
12:38:18.0499 1908 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:38:18.0514 1908 NdisCap - ok
12:38:18.0530 1908 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:38:18.0545 1908 NdisImPlatform - ok
12:38:18.0545 1908 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:38:18.0561 1908 NdisTapi - ok
12:38:18.0561 1908 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:38:18.0577 1908 Ndisuio - ok
12:38:18.0592 1908 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:38:18.0608 1908 NdisWan - ok
12:38:18.0624 1908 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:38:18.0639 1908 NDISWANLEGACY - ok
12:38:18.0639 1908 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:38:18.0655 1908 NDProxy - ok
12:38:18.0670 1908 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:38:18.0686 1908 Ndu - ok
12:38:18.0686 1908 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:38:18.0702 1908 NetBIOS - ok
12:38:18.0717 1908 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:38:18.0733 1908 NetBT - ok
12:38:18.0733 1908 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
12:38:18.0749 1908 Netlogon - ok
12:38:18.0764 1908 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
12:38:18.0795 1908 Netman - ok
12:38:18.0795 1908 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:38:18.0827 1908 netprofm - ok
12:38:18.0827 1908 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0842 1908 NetTcpPortSharing - ok
12:38:18.0952 1908 [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
12:38:19.0108 1908 NETwNs64 - ok
12:38:19.0124 1908 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
12:38:19.0139 1908 nfrd960 - ok
12:38:19.0139 1908 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:38:19.0170 1908 NlaSvc - ok
12:38:19.0170 1908 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:38:19.0186 1908 Npfs - ok
12:38:19.0186 1908 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:38:19.0217 1908 npsvctrig - ok
12:38:19.0217 1908 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
12:38:19.0233 1908 nsi - ok
12:38:19.0249 1908 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:38:19.0264 1908 nsiproxy - ok
12:38:19.0295 1908 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:38:19.0374 1908 Ntfs - ok
12:38:19.0374 1908 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
12:38:19.0389 1908 Null - ok
12:38:19.0405 1908 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:38:19.0420 1908 nvraid - ok
12:38:19.0420 1908 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:38:19.0452 1908 nvstor - ok
12:38:19.0452 1908 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:38:19.0467 1908 nv_agp - ok
12:38:19.0467 1908 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:19.0483 1908 ose - ok
12:38:19.0499 1908 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:38:19.0514 1908 p2pimsvc - ok
12:38:19.0530 1908 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:38:19.0545 1908 p2psvc - ok
12:38:19.0561 1908 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:38:19.0577 1908 Parport - ok
12:38:19.0577 1908 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:38:19.0592 1908 partmgr - ok
12:38:19.0608 1908 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:38:19.0624 1908 PcaSvc - ok
12:38:19.0624 1908 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
12:38:19.0655 1908 pci - ok
12:38:19.0655 1908 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:38:19.0670 1908 pciide - ok
12:38:19.0670 1908 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:38:19.0702 1908 pcmcia - ok
12:38:19.0702 1908 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:38:19.0717 1908 pcw - ok
12:38:19.0717 1908 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:38:19.0733 1908 pdc - ok
12:38:19.0749 1908 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:38:19.0780 1908 PEAUTH - ok
12:38:19.0811 1908 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
12:38:19.0874 1908 PeerDistSvc - ok
12:38:19.0889 1908 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:38:19.0905 1908 PerfHost - ok
12:38:19.0936 1908 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
12:38:19.0983 1908 pla - ok
12:38:19.0999 1908 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:38:20.0014 1908 PlugPlay - ok
12:38:20.0014 1908 [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth C:\WINDOWS\system32\DRIVERS\pneteth.sys
12:38:20.0030 1908 pneteth - ok
12:38:20.0030 1908 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:38:20.0045 1908 PNRPAutoReg - ok
12:38:20.0061 1908 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:38:20.0077 1908 PNRPsvc - ok
12:38:20.0092 1908 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:38:20.0124 1908 PolicyAgent - ok
12:38:20.0124 1908 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
12:38:20.0139 1908 Power - ok
12:38:20.0155 1908 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:38:20.0170 1908 PptpMiniport - ok
12:38:20.0202 1908 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
12:38:20.0264 1908 PrintNotify - ok
12:38:20.0264 1908 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:38:20.0280 1908 Processor - ok
12:38:20.0295 1908 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:38:20.0311 1908 ProfSvc - ok
12:38:20.0311 1908 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:38:20.0342 1908 Psched - ok
12:38:20.0342 1908 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
12:38:20.0342 1908 PSI - ok
12:38:20.0358 1908 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:38:20.0374 1908 QWAVE - ok
12:38:20.0389 1908 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:38:20.0405 1908 QWAVEdrv - ok
12:38:20.0405 1908 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:38:20.0421 1908 RasAcd - ok
12:38:20.0436 1908 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:38:20.0467 1908 RasAgileVpn - ok
12:38:20.0467 1908 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:38:20.0483 1908 RasAuto - ok
12:38:20.0499 1908 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:38:20.0514 1908 Rasl2tp - ok
12:38:20.0530 1908 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:38:20.0561 1908 RasMan - ok
12:38:20.0561 1908 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:38:20.0577 1908 RasPppoe - ok
12:38:20.0592 1908 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:38:20.0608 1908 RasSstp - ok
12:38:20.0624 1908 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:38:20.0639 1908 rdbss - ok
12:38:20.0655 1908 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:38:20.0655 1908 rdpbus - ok
12:38:20.0671 1908 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:38:20.0686 1908 RDPDR - ok
12:38:20.0702 1908 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:38:20.0717 1908 RdpVideoMiniport - ok
12:38:20.0717 1908 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:38:20.0733 1908 RDPWD - ok
12:38:20.0749 1908 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:38:20.0764 1908 rdyboost - ok
12:38:20.0764 1908 [ 695C4AC7D0B5002040C7540364C43940 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:38:20.0780 1908 RegSrvc - ok
12:38:20.0796 1908 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:38:20.0811 1908 RemoteAccess - ok
12:38:20.0811 1908 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:38:20.0858 1908 RemoteRegistry - ok
12:38:20.0858 1908 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
12:38:20.0874 1908 RFCOMM - ok
12:38:20.0874 1908 [ 6DA53881D918900F85C3D22331EB0CFD ] risdxc C:\WINDOWS\System32\drivers\risdxc64.sys
12:38:20.0889 1908 risdxc - ok
12:38:20.0905 1908 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:38:20.0921 1908 RpcEptMapper - ok
12:38:20.0921 1908 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
12:38:20.0936 1908 RpcLocator - ok
12:38:20.0952 1908 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:38:20.0983 1908 RpcSs - ok
12:38:20.0999 1908 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:38:21.0014 1908 rspndr - ok
12:38:21.0030 1908 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
12:38:21.0046 1908 RTL8168 - ok
12:38:21.0046 1908 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:38:21.0061 1908 s3cap - ok
12:38:21.0077 1908 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
12:38:21.0092 1908 SamSs - ok
12:38:21.0092 1908 SAService - ok
12:38:21.0092 1908 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:38:21.0124 1908 sbp2port - ok
12:38:21.0124 1908 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:38:21.0155 1908 SCardSvr - ok
12:38:21.0155 1908 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:38:21.0171 1908 scfilter - ok
12:38:21.0202 1908 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:38:21.0233 1908 Schedule - ok
12:38:21.0233 1908 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:38:21.0264 1908 SCPolicySvc - ok
12:38:21.0264 1908 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:38:21.0296 1908 sdbus - ok
12:38:21.0296 1908 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
12:38:21.0311 1908 SDRSVC - ok
12:38:21.0327 1908 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:38:21.0342 1908 sdstor - ok
12:38:21.0342 1908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:38:21.0358 1908 secdrv - ok
12:38:21.0358 1908 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:38:21.0389 1908 seclogon - ok
12:38:21.0405 1908 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
12:38:21.0436 1908 Secunia PSI Agent - ok
12:38:21.0452 1908 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
12:38:21.0483 1908 Secunia Update Agent - ok
12:38:21.0483 1908 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
12:38:21.0514 1908 SENS - ok
12:38:21.0514 1908 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:38:21.0530 1908 SensrSvc - ok
12:38:21.0546 1908 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:38:21.0561 1908 SerCx - ok
12:38:21.0561 1908 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:38:21.0577 1908 Serenum - ok
12:38:21.0577 1908 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:38:21.0592 1908 Serial - ok
12:38:21.0608 1908 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:38:21.0624 1908 sermouse - ok
12:38:21.0639 1908 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:38:21.0655 1908 SessionEnv - ok
12:38:21.0655 1908 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:38:21.0671 1908 sfloppy - ok
12:38:21.0686 1908 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:38:21.0717 1908 SharedAccess - ok
12:38:21.0733 1908 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:38:21.0764 1908 ShellHWDetection - ok
12:38:21.0780 1908 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:38:21.0780 1908 SiSRaid2 - ok
12:38:21.0796 1908 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:38:21.0811 1908 SiSRaid4 - ok
12:38:21.0811 1908 [ E11C9E13E92DA6747363924CFFCBD7EF ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:38:21.0827 1908 SmbDrvI - ok
12:38:21.0827 1908 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:38:21.0858 1908 SNMPTRAP - ok
12:38:21.0858 1908 [ 872E937681910E2456A054331C7D5A18 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:38:21.0889 1908 spaceport - ok
12:38:21.0889 1908 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:38:21.0905 1908 SpbCx - ok
12:38:21.0921 1908 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:38:21.0952 1908 Spooler - ok
12:38:22.0017 1908 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:38:22.0111 1908 sppsvc - ok
12:38:22.0111 1908 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:38:22.0142 1908 srv - ok
12:38:22.0158 1908 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:38:22.0174 1908 srv2 - ok
12:38:22.0189 1908 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:38:22.0205 1908 srvnet - ok
12:38:22.0205 1908 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:38:22.0236 1908 SSDPSRV - ok
12:38:22.0236 1908 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:38:22.0267 1908 SstpSvc - ok
12:38:22.0267 1908 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:38:22.0283 1908 stexstor - ok
12:38:22.0299 1908 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:38:22.0314 1908 stisvc - ok
12:38:22.0330 1908 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:38:22.0345 1908 storahci - ok
12:38:22.0345 1908 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:38:22.0361 1908 storflt - ok
12:38:22.0361 1908 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:38:22.0377 1908 StorSvc - ok
12:38:22.0377 1908 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:38:22.0392 1908 storvsc - ok
12:38:22.0408 1908 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
12:38:22.0424 1908 storvsp - ok
12:38:22.0424 1908 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
12:38:22.0455 1908 svsvc - ok
12:38:22.0455 1908 [ EEBBD6E7D1E31F18B1BA5707FD7A04D6 ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
12:38:22.0470 1908 SWDUMon - ok
12:38:22.0470 1908 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:38:22.0486 1908 swenum - ok
12:38:22.0502 1908 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
12:38:22.0533 1908 swprv - ok
12:38:22.0549 1908 [ AEAE48AF681BAF5904608FF5D84E3C9C ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:38:22.0564 1908 SynTP - ok
12:38:22.0580 1908 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
12:38:22.0627 1908 SysMain - ok
12:38:22.0627 1908 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:38:22.0642 1908 SystemEventsBroker - ok
12:38:22.0658 1908 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:38:22.0674 1908 TabletInputService - ok
12:38:22.0674 1908 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:38:22.0705 1908 TapiSrv - ok
12:38:22.0736 1908 [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:38:22.0830 1908 Tcpip - ok
12:38:22.0861 1908 [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:38:22.0955 1908 TCPIP6 - ok
12:38:22.0955 1908 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:38:22.0971 1908 tcpipreg - ok
12:38:22.0986 1908 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:38:23.0002 1908 tdx - ok
12:38:23.0064 1908 [ 879F46329B7DC4D109345AA96F1AB47F ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:38:23.0158 1908 TeamViewer8 - ok
12:38:23.0174 1908 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:38:23.0189 1908 terminpt - ok
12:38:23.0205 1908 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
12:38:23.0221 1908 TermService - ok
12:38:23.0236 1908 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
12:38:23.0267 1908 Themes - ok
12:38:23.0267 1908 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:38:23.0283 1908 THREADORDER - ok
12:38:23.0283 1908 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:38:23.0314 1908 TimeBroker - ok
12:38:23.0330 1908 [ 373B3EABBE1B07E3CDE98E1452B6D131 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
12:38:23.0330 1908 TPHKLOAD - ok
12:38:23.0346 1908 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:38:23.0361 1908 TPM - ok
12:38:23.0361 1908 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:38:23.0377 1908 TrkWks - ok
12:38:23.0392 1908 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
12:38:23.0408 1908 truecrypt - ok
12:38:23.0408 1908 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:38:23.0424 1908 TrustedInstaller - ok
12:38:23.0439 1908 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:38:23.0455 1908 TsUsbFlt - ok
12:38:23.0455 1908 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:38:23.0471 1908 TsUsbGD - ok
12:38:23.0471 1908 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:38:23.0502 1908 tunnel - ok
12:38:23.0502 1908 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:38:23.0517 1908 uagp35 - ok
12:38:23.0517 1908 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:38:23.0533 1908 UASPStor - ok
12:38:23.0549 1908 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:38:23.0564 1908 UCX01000 - ok
12:38:23.0580 1908 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:38:23.0611 1908 udfs - ok
12:38:23.0627 1908 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:38:23.0642 1908 UI0Detect - ok
12:38:23.0658 1908 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:38:23.0674 1908 uliagpkx - ok
12:38:23.0674 1908 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:38:23.0689 1908 umbus - ok
12:38:23.0689 1908 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:38:23.0705 1908 UmPass - ok
12:38:23.0705 1908 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:38:23.0736 1908 UmRdpService - ok
12:38:23.0767 1908 [ 201840BC53DAB0E5780E643221013902 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:23.0830 1908 UNS - ok
12:38:23.0846 1908 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
12:38:23.0877 1908 upnphost - ok
12:38:23.0877 1908 [ 8047D8AFA070A4C3B9FCBDBF77A84C45 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
12:38:23.0892 1908 usb3Hub - ok
12:38:23.0892 1908 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
12:38:23.0908 1908 USBAAPL64 - ok
12:38:23.0908 1908 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:38:23.0924 1908 usbccgp - ok
12:38:23.0939 1908 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:38:23.0971 1908 usbcir - ok
12:38:23.0971 1908 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:38:23.0986 1908 usbehci - ok
12:38:24.0002 1908 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:38:24.0049 1908 usbhub - ok
12:38:24.0064 1908 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:38:24.0080 1908 USBHUB3 - ok
12:38:24.0096 1908 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:38:24.0111 1908 usbohci - ok
12:38:24.0111 1908 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:38:24.0127 1908 usbprint - ok
12:38:24.0127 1908 [ 72334EC4B3FD4EB270623E32E701B57D ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
12:38:24.0142 1908 usbser - ok
12:38:24.0158 1908 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:38:24.0174 1908 USBSTOR - ok
12:38:24.0174 1908 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:38:24.0189 1908 usbuhci - ok
12:38:24.0205 1908 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:38:24.0221 1908 usbvideo - ok
12:38:24.0221 1908 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:38:24.0252 1908 USBXHCI - ok
12:38:24.0252 1908 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:38:24.0267 1908 VaultSvc - ok
12:38:24.0283 1908 [ 3EEBF3C348C3DEB4CF6F10F2E6E222CD ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
12:38:24.0283 1908 VClone - ok
12:38:24.0299 1908 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:38:24.0314 1908 vdrvroot - ok
12:38:24.0314 1908 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
12:38:24.0346 1908 vds - ok
12:38:24.0346 1908 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:38:24.0361 1908 VerifierExt - ok
12:38:24.0377 1908 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:38:24.0408 1908 vhdmp - ok
12:38:24.0408 1908 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:38:24.0424 1908 viaide - ok
12:38:24.0439 1908 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
12:38:24.0455 1908 Vid - ok
12:38:24.0455 1908 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:38:24.0471 1908 vmbus - ok
12:38:24.0486 1908 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:38:24.0502 1908 VMBusHID - ok
12:38:24.0502 1908 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
12:38:24.0517 1908 vmbusr - ok
12:38:24.0533 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:38:24.0549 1908 vmicheartbeat - ok
12:38:24.0564 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:38:24.0580 1908 vmickvpexchange - ok
12:38:24.0580 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:38:24.0611 1908 vmicrdv - ok
12:38:24.0611 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:38:24.0627 1908 vmicshutdown - ok
12:38:24.0642 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:38:24.0658 1908 vmictimesync - ok
12:38:24.0674 1908 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:38:24.0689 1908 vmicvss - ok
12:38:24.0689 1908 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:38:24.0705 1908 volmgr - ok
12:38:24.0721 1908 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:38:24.0736 1908 volmgrx - ok
12:38:24.0752 1908 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:38:24.0767 1908 volsnap - ok
12:38:24.0783 1908 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:38:24.0799 1908 vpci - ok
12:38:24.0799 1908 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
12:38:24.0814 1908 vpcivsp - ok
12:38:24.0830 1908 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:38:24.0846 1908 vsmraid - ok
12:38:24.0861 1908 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
12:38:24.0908 1908 VSS - ok
12:38:24.0924 1908 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:38:24.0955 1908 VSTXRAID - ok
12:38:24.0955 1908 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:38:24.0971 1908 vwifibus - ok
12:38:24.0971 1908 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:38:24.0986 1908 vwififlt - ok
12:38:25.0002 1908 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:38:25.0018 1908 vwifimp - ok
12:38:25.0018 1908 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
12:38:25.0049 1908 W32Time - ok
12:38:25.0049 1908 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:38:25.0064 1908 WacomPen - ok
12:38:25.0080 1908 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:38:25.0096 1908 Wanarp - ok
12:38:25.0096 1908 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:38:25.0111 1908 Wanarpv6 - ok
12:38:25.0127 1908 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
12:38:25.0174 1908 wbengine - ok
12:38:25.0174 1908 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:38:25.0205 1908 WbioSrvc - ok
12:38:25.0205 1908 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:38:25.0236 1908 Wcmsvc - ok
12:38:25.0236 1908 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:38:25.0268 1908 wcncsvc - ok
12:38:25.0268 1908 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:38:25.0283 1908 WcsPlugInService - ok
12:38:25.0283 1908 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
12:38:25.0299 1908 Wd - ok
12:38:25.0314 1908 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:38:25.0330 1908 WdBoot - ok
12:38:25.0330 1908 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:38:25.0361 1908 Wdf01000 - ok
12:38:25.0377 1908 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:38:25.0393 1908 WdFilter - ok
12:38:25.0408 1908 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:38:25.0439 1908 WdiServiceHost - ok
12:38:25.0439 1908 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:38:25.0471 1908 WdiSystemHost - ok
12:38:25.0471 1908 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:38:25.0502 1908 WebClient - ok
12:38:25.0502 1908 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:38:25.0533 1908 Wecsvc - ok
12:38:25.0533 1908 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:38:25.0580 1908 wercplsupport - ok
12:38:25.0596 1908 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:38:25.0627 1908 WerSvc - ok
12:38:25.0627 1908 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:38:25.0643 1908 WFPLWFS - ok
12:38:25.0643 1908 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:38:25.0658 1908 WiaRpc - ok
12:38:25.0674 1908 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:38:25.0689 1908 WIMMount - ok
12:38:25.0689 1908 WinDefend - ok
12:38:25.0705 1908 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:38:25.0736 1908 WinHttpAutoProxySvc - ok
12:38:25.0736 1908 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:38:25.0768 1908 Winmgmt - ok
12:38:25.0768 1908 WinRing0_1_2_0 - ok
12:38:25.0799 1908 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:38:25.0861 1908 WinRM - ok
12:38:25.0877 1908 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
12:38:25.0908 1908 WinUsb - ok
12:38:25.0939 1908 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:38:25.0971 1908 WlanSvc - ok
12:38:26.0002 1908 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:38:26.0049 1908 wlidsvc - ok
12:38:26.0049 1908 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:38:26.0064 1908 WmiAcpi - ok
12:38:26.0064 1908 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:38:26.0096 1908 wmiApSrv - ok
12:38:26.0096 1908 WMPNetworkSvc - ok
12:38:26.0111 1908 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:38:26.0111 1908 wpcfltr - ok
12:38:26.0127 1908 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:38:26.0143 1908 WPCSvc - ok
12:38:26.0143 1908 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:38:26.0158 1908 WPDBusEnum - ok
12:38:26.0158 1908 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:38:26.0174 1908 WpdUpFltr - ok
12:38:26.0189 1908 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:38:26.0189 1908 ws2ifsl - ok
12:38:26.0205 1908 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:38:26.0221 1908 wscsvc - ok
12:38:26.0221 1908 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
12:38:26.0236 1908 WSDPrintDevice - ok
12:38:26.0236 1908 WSearch - ok
12:38:26.0283 1908 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
12:38:26.0377 1908 WSService - ok
12:38:26.0424 1908 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:38:26.0486 1908 wuauserv - ok
12:38:26.0486 1908 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:38:26.0502 1908 WudfPf - ok
12:38:26.0518 1908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:38:26.0533 1908 WUDFRd - ok
12:38:26.0533 1908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:38:26.0549 1908 WUDFSensorLP - ok
12:38:26.0564 1908 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:38:26.0580 1908 wudfsvc - ok
12:38:26.0580 1908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:38:26.0611 1908 WUDFWpdFs - ok
12:38:26.0611 1908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:38:26.0627 1908 WUDFWpdMtp - ok
12:38:26.0643 1908 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:38:26.0658 1908 WwanSvc - ok
12:38:26.0674 1908 [ 24E57041608ED6A9D7FDAD0D9EC214E2 ] XHCIPort C:\WINDOWS\System32\drivers\XHCIPort.sys
12:38:26.0674 1908 XHCIPort - ok
12:38:26.0705 1908 [ 7055B389BD0DA0B19236BF43CDDF0E1A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
12:38:26.0736 1908 ZeroConfigService - ok
12:38:26.0752 1908 ================ Scan global ===============================
12:38:26.0752 1908 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
12:38:26.0768 1908 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
12:38:26.0768 1908 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
12:38:26.0783 1908 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
12:38:26.0783 1908 [Global] - ok
12:38:26.0783 1908 ================ Scan MBR ==================================
12:38:26.0783 1908 [ 92D254C369228CDF8AAD5B39E303B14E ] \Device\Harddisk0\DR0
12:38:27.0330 1908 \Device\Harddisk0\DR0 - ok
12:38:27.0330 1908 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:38:27.0408 1908 \Device\Harddisk1\DR1 - ok
12:38:27.0408 1908 ================ Scan VBR ==================================
12:38:27.0424 1908 [ 3045DED65FE6DF338ED6E28059E42AEF ] \Device\Harddisk0\DR0\Partition1
12:38:27.0424 1908 \Device\Harddisk0\DR0\Partition1 - ok
12:38:27.0440 1908 [ 6EBF0B0550FF56CD5FABE99FA1CF29EE ] \Device\Harddisk0\DR0\Partition2
12:38:27.0440 1908 \Device\Harddisk0\DR0\Partition2 - ok
12:38:27.0440 1908 [ 258079E114874F817B231FAA4702C22A ] \Device\Harddisk0\DR0\Partition3
12:38:27.0440 1908 \Device\Harddisk0\DR0\Partition3 - ok
12:38:27.0471 1908 [ CF834247AB28C620E46465A65B19F0E4 ] \Device\Harddisk0\DR0\Partition4
12:38:27.0471 1908 \Device\Harddisk0\DR0\Partition4 - ok
12:38:27.0486 1908 [ 7BA75A63A3BF0B6E0BF0CB7F7C486918 ] \Device\Harddisk1\DR1\Partition1
12:38:27.0486 1908 \Device\Harddisk1\DR1\Partition1 - ok
12:38:27.0486 1908 [ A68FC5B28BA3C90CFADB714605B00866 ] \Device\Harddisk1\DR1\Partition2
12:38:27.0486 1908 \Device\Harddisk1\DR1\Partition2 - ok
12:38:27.0486 1908 ============================================================
12:38:27.0486 1908 Scan finished
12:38:27.0486 1908 ============================================================
12:38:27.0502 0052 Detected object count: 2
12:38:27.0502 0052 Actual detected object count: 2
12:38:30.0768 0052 ClassicShellService ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:30.0768 0052 ClassicShellService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:30.0768 0052 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
12:38:30.0768 0052 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:38:43.0098 5576 Deinitialize success
Ich lass es gleich nochmal laufen aber hier schon mal das log file: Gruss mamic Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org
Database version: v2013.06.16.01
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Santa :: YPS [administrator]
16.06.2013 12:43:05
mbar-log-2013-06-16 (12-43-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 258119
Time elapsed: 8 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Aber die Prozessoren laufen nach wie vor auf 100% und der Task manager zeigt mir dass Coin-Miner mit knapp 68% und WMI Provider Host mit etwa 22% zusammen 99,5% meiner ressourcen fressen! Was können wir noch tun? Gruss mamic |
|
16.06.2013, 16:58
| #18 |
| | Coin-miner zieht alle ressourcen! Processor 100% Hallo Schrauber, ich glaube ich habe es geschafft!
__________________Ich habe den Rechner mit Hilfe eines Wiederherstellungspunktes zurückgesetzt. Ich bitte um Entschuldigung, ich hätte das schon machen sollen bevor ich diesen Thread eröffnet habe! Ich hab das irgendwie im Eifer des Gefechtes verschwitzt - bitte nicht böse sein. Vorher hatte ich noch Firefox und Chrome deinstalliert und die Benutzerdaten gelöscht sowie alle Fundstellen des Trojaners. Jetzt sieht es so aus als sei alles i.O. aber ich bin mir halt leider nicht sicher. Deshalb hier nocheinmal ein FRST Log. Was kann ich sonst noch tun damit ich sicher bin dass der Trojaner weg ist? Sind der Defender und Firewall von Windows genug Schutz? -der Fall deutet eher auf "Nein". Danke für die Zeit und Geduld! Gruss mamic FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-06-2013
Ran by Santa (administrator) on 16-06-2013 17:42:33
Running from G:\Desktop
Windows 8 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SAsrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AddGadgets) G:\Downloads\Gadgets\PCMeter\PCMeterV0.3.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Google Inc.) C:\Users\Santa\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Users\Santa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\WINDOWS\System32\LocationNotifications.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe atstartup [1004984 2012-12-17] (KeyLemon)
HKLM\...\Run: [KeyLemon Updater] C:\Program Files\KeyLemon\KLUpdater.exe [705464 2012-12-17] (KeyLemon)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [LenovoOptMouseUpdate] C:\Program Files\Lenovo\HOTKEY\extapsup.exe [250976 2012-08-31] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKCU\...\Run: [NPowerTray] G:\Downloads\NPowerTray.exe [x]
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show [89600 2013-04-11] ()
HKCU\...\Run: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart [3289088 2007-11-21] (Google)
HKCU\...\Run: [Google Update] "C:\Users\Santa\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-06-09] (Google Inc.)
HKCU\...\Run: [MusicManager] "C:\Users\Santa\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [7331840 2013-04-24] (Google Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [1960448 2013-04-05] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Santa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Santa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Santa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: msdaipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://web.de/|hxxp://www.google.com/ig?hl=de|https://ksab.kroschu.com/webaccess/index.php|hxxp://www.gizmodo.de/|hxxp://www.focus.de/|hxxp://www.myliveshopping.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: No Name - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Flagfox - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: DownloadHelper - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: amznUWL2 - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: client - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\client@anonymox.net.xpi
FF Extension: musicplayer - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\musicplayer@firemediaplayer.com.xpi
FF Extension: SkipScreen - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\SkipScreen@SkipScreen.xpi
FF Extension: translator - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\translator@zoli.bod.xpi
FF Extension: No Name - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi
FF Extension: No Name - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Santa\AppData\Roaming\Mozilla\Firefox\Profiles\5zat8v2p.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CHR Plugin: (doubletwist Plugin 1, 3, 0, 0) - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YOUZEEK Free Music) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\2.0.1_0
CHR Extension: (YouTube) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Play Music) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0
CHR Extension: (Gmail) - C:\Users\Santa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2000-01-01] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959256 2012-11-15] (Broadcom Corporation.)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 CxAudMsg; C:\WINDOWS\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-05-30] (Freemake)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R1 ACLE6Live; C:\WINDOWS\system32\Drivers\ACLE1764.sys [109016 2013-02-14] (Softwareentwicklung Remus - ArchiCrypt - )
R1 ACLE6Live; C:\WINDOWS\system32\Drivers\ACLE1764.sys [109016 2013-02-14] (Softwareentwicklung Remus - ArchiCrypt - )
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2000-01-01] (Broadcom Corporation.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-02-02] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-18] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2013-06-16] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 WinRing0_1_2_0; \??\C:\Users\Santa\AppData\Local\Temp\tmp4DF1.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-16 17:13 - 2013-06-16 17:13 - 00000000 ____D C:\Users\Santa\AppData\Roaming\pdfforge
2013-06-16 17:13 - 2013-04-09 15:13 - 00110264 ____A (pdfforge GmbH) C:\Windows\System32\pdfcmon.dll
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files\Greenshot
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-16 17:00 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-16 17:00 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-16 17:00 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-16 17:00 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-16 17:00 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-16 17:00 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-16 17:00 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-16 17:00 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-16 17:00 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-16 17:00 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-16 17:00 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-16 16:59 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-16 16:59 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 16:59 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 16:59 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-16 16:59 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 16:59 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-16 16:59 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-16 16:59 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-16 16:59 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-16 16:59 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 16:59 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 16:59 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-16 12:42 - 2013-06-16 12:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-16 12:42 - 2013-06-16 12:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-15 19:47 - 2013-06-15 19:47 - 00001842 ____A C:\Users\Santa\Desktop\JRT.txt
2013-06-15 19:43 - 2013-06-15 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-06-15 19:43 - 2013-06-15 19:43 - 00000000 ____D C:\JRT
2013-06-15 19:39 - 2013-06-15 19:39 - 00010597 ____A C:\AdwCleaner[S1].txt
2013-06-15 16:01 - 2013-06-15 17:21 - 00000000 ____D C:\FRST
2013-06-13 18:32 - 2013-06-16 17:49 - 00000000 ____D C:\ProgramData\Caphyon
2013-06-13 18:32 - 2013-06-13 18:32 - 00000000 ____D C:\Users\Santa\AppData\Local\Newshosting
2013-06-13 18:32 - 2013-06-13 18:32 - 00000000 ____D C:\Users\Santa\AppData\Local\CrashRpt
2013-06-13 18:30 - 2013-06-13 18:30 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Newshosting
2013-06-11 19:21 - 2013-05-16 00:35 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-06-09 12:54 - 2013-06-09 12:54 - 00000000 ____D C:\Program Files (x86)\iTunes Library Updater
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files\iTunes
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files\iPod
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-09 09:43 - 2013-06-12 21:48 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236658316-3132239065-196456727-1000UA.job
2013-06-09 09:43 - 2013-06-09 09:48 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236658316-3132239065-196456727-1000Core.job
2013-06-08 22:35 - 2013-06-08 22:35 - 00000000 ____D C:\Users\Santa\AppData\Local\Broadcom
2013-06-08 22:35 - 2000-01-01 02:00 - 00161144 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwampfl.sys
2013-06-08 22:34 - 2000-01-01 02:00 - 02231064 ____A (Broadcom Corporation.) C:\Windows\System32\BcmBtRSupport.dll
2013-06-08 22:34 - 2000-01-01 02:00 - 02227992 ____A (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
2013-06-08 22:34 - 2000-01-01 02:00 - 00226680 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2013-06-08 22:34 - 2000-01-01 02:00 - 00186136 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2013-06-08 22:34 - 2000-01-01 02:00 - 00169240 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\bcbtums.sys
2013-06-08 22:34 - 2000-01-01 02:00 - 00040248 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2013-06-08 22:34 - 2000-01-01 02:00 - 00020856 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2013-06-08 22:28 - 2013-06-08 22:34 - 00000433 ____A C:\Windows\setupact.log
2013-06-08 22:28 - 2013-06-08 22:28 - 00000000 ____A C:\Windows\setuperr.log
2013-06-08 22:20 - 2013-06-16 17:06 - 00002196 ____A C:\Windows\PFRO.log
2013-06-08 22:19 - 2013-06-08 22:19 - 00000000 ____D C:\Users\Santa\AppData\Local\pcwServiceCenter
2013-06-08 22:19 - 2000-01-01 02:00 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-06-08 22:16 - 2013-06-08 22:16 - 00002467 ____A C:\Users\Public\Desktop\SlimDrivers.lnk
2013-06-08 22:16 - 2013-06-08 22:16 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-06-08 22:12 - 2013-06-16 17:36 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-06-08 22:12 - 2013-06-16 17:36 - 00000418 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-06-08 22:12 - 2013-06-08 22:12 - 00000000 ____D C:\Users\Santa\AppData\Local\SlimWare Utilities Inc
2013-06-08 21:02 - 2013-06-08 21:02 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-08 21:02 - 2013-06-08 21:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-08 21:01 - 2013-06-08 21:01 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-08 21:01 - 2013-06-08 21:01 - 00001168 ____A C:\Users\Santa\Desktop\Google Talk.lnk
2013-06-08 20:59 - 2013-06-16 17:05 - 01870087 ____A C:\Windows\WindowsUpdate.log
2013-06-08 20:59 - 2013-06-08 20:59 - 00000000 ____D C:\Users\Santa\AppData\Local\Secunia PSI
2013-06-08 20:59 - 2013-06-08 20:59 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-06-08 20:56 - 2013-06-08 20:56 - 00053248 ____A C:\Windows\SysWOW64\zlib.dll
2013-06-08 20:56 - 2013-06-08 20:56 - 00000749 ____A C:\Users\Public\Desktop\dMaintenanceConfig.zip
2013-06-08 20:49 - 2013-06-08 20:49 - 00024576 ____A C:\Windows\System32\FoolishEventLogMsgHelper.dll
2013-06-08 19:54 - 2013-06-08 19:54 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-08 19:48 - 2013-06-08 19:48 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Auslogics
2013-06-08 19:47 - 2013-06-08 19:47 - 00000946 ____A C:\Users\Public\Desktop\PC-WELT-ServiceCenter.lnk
2013-06-08 19:46 - 2013-06-08 19:47 - 00000000 ____D C:\Program Files\PC-WELT-ServiceCenter
2013-06-08 18:32 - 2013-06-08 18:32 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-08 16:46 - 2013-06-08 16:46 - 00000000 ____D C:\Users\Santa\AppData\Local\Engelmann_Media
2013-06-08 16:40 - 2013-06-08 16:40 - 00000000 ____D C:\ProgramData\Licenses
2013-06-08 16:34 - 2013-06-08 22:20 - 00000334 ____A C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2013-06-08 16:34 - 2013-06-08 16:34 - 00000000 ____D C:\Users\Santa\AppData\Roaming\SuperEasy Software
2013-06-08 16:31 - 2013-06-08 16:31 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Engelmann Media
2013-06-08 16:27 - 2013-06-08 16:28 - 00010458 ____A C:\Windows\Q-Dir.ini
2013-06-08 16:27 - 2013-06-08 16:28 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Q-Dir
2013-06-08 16:27 - 2013-06-08 16:27 - 00001832 ____A C:\Users\Public\Desktop\Q-Dir.lnk
2013-06-08 16:27 - 2013-06-08 16:27 - 00000000 ____D C:\Program Files (x86)\Q-Dir
2013-06-06 22:52 - 2013-06-06 23:09 - 00000000 ____D C:\Users\Santa\AppData\Roaming\GlarySoft
2013-06-06 22:50 - 2013-06-16 17:49 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-06-06 22:50 - 2013-06-16 17:36 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-06-04 20:02 - 2013-06-04 20:02 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-06-04 19:22 - 2013-06-04 19:22 - 00000000 ____D C:\ProgramData\Bluray Decrypter
2013-06-04 19:07 - 2013-06-04 19:07 - 00000000 ____D C:\Program Files\Handbrake
2013-06-04 13:52 - 2013-05-24 19:05 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-06-04 13:51 - 2013-06-04 13:56 - 00000000 ____D C:\ProgramData\Lenovo
2013-06-04 13:51 - 2013-06-04 13:51 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-04 13:51 - 2013-06-04 13:51 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-06-03 17:30 - 2013-06-03 17:30 - 00000000 ____D C:\Users\Santa\AppData\Local\VMLite Workstation
2013-06-03 17:10 - 2013-06-08 18:29 - 00000000 ____D C:\Users\Santa\VMLites
2013-06-02 12:38 - 2013-06-02 12:38 - 00000000 ____D C:\Users\Santa\.android
2013-05-31 22:26 - 2013-05-31 22:26 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android
2013-05-31 22:26 - 2011-11-25 01:25 - 00015360 ____A (June Fabrics Technology Inc.) C:\Windows\System32\Drivers\pneteth.sys
2013-05-31 14:19 - 2013-05-31 14:19 - 00000000 ____D C:\ZOPO
2013-05-30 20:59 - 2013-05-30 20:59 - 00000000 ____D C:\Users\Santa\AppData\Local\FreemakeVideoConverter
2013-05-30 20:25 - 2013-05-30 20:25 - 00000000 ____D C:\ProgramData\Freemake
2013-05-30 20:25 - 2013-05-30 20:25 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-05-30 19:37 - 2013-06-04 19:07 - 00000827 ____A C:\Users\Santa\Desktop\Handbrake.lnk
2013-05-30 19:37 - 2013-06-01 12:38 - 00000000 ____D C:\Users\Santa\AppData\Roaming\HandBrake
2013-05-30 17:17 - 2013-05-30 17:17 - 00310216 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 17:13 - 2013-06-05 00:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-30 17:13 - 2013-06-05 00:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-30 16:57 - 2013-05-30 16:57 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-05-30 16:34 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-30 16:04 - 2013-04-08 23:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-30 16:04 - 2013-04-08 23:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-30 16:04 - 2013-04-08 23:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-30 16:04 - 2013-04-08 23:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-30 16:04 - 2013-04-08 23:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-30 16:04 - 2013-04-08 23:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-30 16:04 - 2013-03-16 00:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-30 16:03 - 2013-04-09 07:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-30 16:03 - 2013-04-09 07:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-30 16:03 - 2013-04-09 07:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-30 16:03 - 2013-04-09 07:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-30 16:03 - 2013-04-09 07:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-30 16:03 - 2013-04-09 07:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-30 16:03 - 2013-04-09 07:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-30 16:03 - 2013-04-09 07:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-30 16:03 - 2013-04-09 06:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-30 16:03 - 2013-04-09 06:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-30 16:03 - 2013-04-09 06:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-30 16:03 - 2013-04-09 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-30 16:03 - 2013-04-09 06:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-30 16:03 - 2013-04-09 06:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-30 16:03 - 2013-04-09 06:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-30 16:03 - 2013-04-09 06:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-30 16:03 - 2013-04-09 06:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-30 16:03 - 2013-04-09 06:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-30 16:03 - 2013-04-09 06:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-30 16:03 - 2013-04-09 06:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-30 16:03 - 2013-04-09 06:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-30 16:03 - 2013-04-09 06:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-30 16:03 - 2013-04-09 04:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-30 16:03 - 2013-04-09 04:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-30 16:03 - 2013-04-09 04:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-30 16:03 - 2013-04-09 04:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-30 16:03 - 2013-04-09 04:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-30 16:03 - 2013-04-09 04:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-30 16:03 - 2013-04-09 04:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-30 16:03 - 2013-04-09 04:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-30 16:03 - 2013-04-09 04:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-30 16:03 - 2013-04-09 01:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-30 16:03 - 2013-04-09 01:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-30 16:03 - 2013-04-09 01:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-30 16:03 - 2013-04-09 01:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-30 16:03 - 2013-04-08 23:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-30 16:03 - 2013-04-08 23:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-30 16:03 - 2013-04-08 23:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-30 16:03 - 2013-04-08 23:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-30 16:03 - 2013-04-08 23:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-30 16:03 - 2013-04-08 23:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-30 16:03 - 2013-04-08 23:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-30 16:03 - 2013-04-08 23:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-30 16:03 - 2013-04-05 01:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-30 16:03 - 2013-04-03 00:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-30 16:03 - 2013-03-30 20:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-30 16:03 - 2013-03-30 20:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-30 16:03 - 2013-03-29 00:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-30 16:03 - 2013-03-29 00:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-30 16:03 - 2013-03-16 00:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-30 16:03 - 2012-12-13 06:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-30 16:03 - 2012-12-13 05:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-30 16:01 - 2013-04-16 04:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-30 16:01 - 2013-04-11 08:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-30 15:59 - 2013-03-22 05:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-30 15:59 - 2013-03-22 00:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-30 15:59 - 2013-03-15 02:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-30 15:59 - 2013-03-06 09:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-30 15:59 - 2013-03-06 08:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-30 15:59 - 2013-03-06 08:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-30 15:59 - 2013-03-06 08:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-30 15:59 - 2013-03-06 07:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-30 15:59 - 2013-03-06 07:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-19 12:54 - 2013-05-19 12:54 - 00097176 ____A (Elaborate Bytes AG) C:\Windows\SysWOW64\ElbyCDIO.dll
==================== One Month Modified Files and Folders =======
2013-06-16 17:49 - 2013-06-13 18:32 - 00000000 ____D C:\ProgramData\Caphyon
2013-06-16 17:49 - 2013-06-06 22:50 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-06-16 17:49 - 2013-02-09 16:59 - 00000000 ____D C:\Users\Santa\AppData\Roaming\vlc
2013-06-16 17:49 - 2013-02-03 22:43 - 00000000 ____D C:\Users\Santa\AppData\Roaming\TeraCopy
2013-06-16 17:49 - 2013-02-03 20:59 - 00000000 ____D C:\users\DefaultAppPool
2013-06-16 17:49 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-16 17:49 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:49 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-06-16 17:49 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-06-16 17:41 - 2012-07-26 12:27 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-16 17:41 - 2012-07-26 12:27 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-16 17:41 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-16 17:37 - 2013-02-03 22:45 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Skype
2013-06-16 17:37 - 2013-02-03 21:35 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Dropbox
2013-06-16 17:36 - 2013-06-08 22:12 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-06-16 17:36 - 2013-06-08 22:12 - 00000418 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-06-16 17:36 - 2013-06-06 22:50 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-06-16 17:36 - 2013-03-31 01:13 - 00000026 ____A C:\Users\Santa\AppData\Roaming\Network Meter_Usage.ini
2013-06-16 17:36 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-16 17:15 - 2013-02-03 22:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-16 17:14 - 2013-02-03 22:23 - 00000000 ____D C:\Program Files\CDBurnerXP
2013-06-16 17:13 - 2013-06-16 17:13 - 00000000 ____D C:\Users\Santa\AppData\Roaming\pdfforge
2013-06-16 17:13 - 2013-02-03 22:18 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-06-16 17:13 - 2013-02-03 22:17 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files\Greenshot
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-06-16 17:12 - 2013-06-16 17:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-16 17:12 - 2013-05-30 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-16 17:12 - 2013-02-03 22:15 - 00000000 ____D C:\Users\Santa\AppData\Roaming\uTorrent
2013-06-16 17:09 - 2013-03-30 17:23 - 00014644 ____A C:\Users\Santa\Network_Meter_Data.js
2013-06-16 17:09 - 2013-03-28 14:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-16 17:09 - 2012-07-26 10:12 - 00000000 ___SD C:\Program Files\Windows Sidebar
2013-06-16 17:09 - 2012-07-26 10:12 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2013-06-16 17:06 - 2013-06-08 22:20 - 00002196 ____A C:\Windows\PFRO.log
2013-06-16 17:05 - 2013-06-08 20:59 - 01870087 ____A C:\Windows\WindowsUpdate.log
2013-06-16 17:05 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-16 17:01 - 2013-02-04 22:44 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-16 17:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-16 16:58 - 2013-02-03 22:16 - 00000000 ____D C:\Users\Santa\AppData\Local\Google
2013-06-16 16:49 - 2013-02-03 20:59 - 00000000 ____D C:\users\Santa
2013-06-16 12:56 - 2013-06-16 12:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-16 12:42 - 2013-06-16 12:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-15 19:47 - 2013-06-15 19:47 - 00001842 ____A C:\Users\Santa\Desktop\JRT.txt
2013-06-15 19:43 - 2013-06-15 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-06-15 19:43 - 2013-06-15 19:43 - 00000000 ____D C:\JRT
2013-06-15 19:39 - 2013-06-15 19:39 - 00010597 ____A C:\AdwCleaner[S1].txt
2013-06-15 17:21 - 2013-06-15 16:01 - 00000000 ____D C:\FRST
2013-06-13 22:24 - 2013-02-03 22:01 - 00000000 ____D C:\Users\Santa\AppData\Roaming\UseNeXT
2013-06-13 22:09 - 2013-02-03 21:45 - 00000000 ____D C:\Users\Santa\AppData\Roaming\KeePass
2013-06-13 18:32 - 2013-06-13 18:32 - 00000000 ____D C:\Users\Santa\AppData\Local\Newshosting
2013-06-13 18:32 - 2013-06-13 18:32 - 00000000 ____D C:\Users\Santa\AppData\Local\CrashRpt
2013-06-13 18:30 - 2013-06-13 18:30 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Newshosting
2013-06-12 21:48 - 2013-06-09 09:43 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236658316-3132239065-196456727-1000UA.job
2013-06-12 20:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-12 00:22 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-10 18:43 - 2013-02-05 00:26 - 00000853 ____A C:\Users\Santa\AppData\Roaming\Drives Meter_Settings.ini
2013-06-09 12:54 - 2013-06-09 12:54 - 00000000 ____D C:\Program Files (x86)\iTunes Library Updater
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files\iTunes
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files\iPod
2013-06-09 12:28 - 2013-06-09 12:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-09 09:48 - 2013-06-09 09:43 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1236658316-3132239065-196456727-1000Core.job
2013-06-08 22:35 - 2013-06-08 22:35 - 00000000 ____D C:\Users\Santa\AppData\Local\Broadcom
2013-06-08 22:34 - 2013-06-08 22:28 - 00000433 ____A C:\Windows\setupact.log
2013-06-08 22:34 - 2013-02-11 01:19 - 00000000 ____D C:\Program Files\Lenovo
2013-06-08 22:28 - 2013-06-08 22:28 - 00000000 ____A C:\Windows\setuperr.log
2013-06-08 22:20 - 2013-06-08 16:34 - 00000334 ____A C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2013-06-08 22:19 - 2013-06-08 22:19 - 00000000 ____D C:\Users\Santa\AppData\Local\pcwServiceCenter
2013-06-08 22:19 - 2013-02-03 21:15 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-08 22:16 - 2013-06-08 22:16 - 00002467 ____A C:\Users\Public\Desktop\SlimDrivers.lnk
2013-06-08 22:16 - 2013-06-08 22:16 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-06-08 22:12 - 2013-06-08 22:12 - 00000000 ____D C:\Users\Santa\AppData\Local\SlimWare Utilities Inc
2013-06-08 21:02 - 2013-06-08 21:02 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-08 21:02 - 2013-06-08 21:02 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-08 21:02 - 2013-06-08 21:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-08 21:02 - 2013-04-12 16:38 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-08 21:02 - 2013-04-12 16:38 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-08 21:01 - 2013-06-08 21:01 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-08 21:01 - 2013-06-08 21:01 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-08 21:01 - 2013-06-08 21:01 - 00001168 ____A C:\Users\Santa\Desktop\Google Talk.lnk
2013-06-08 21:01 - 2013-02-03 22:14 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-08 21:01 - 2013-02-03 22:14 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-08 20:59 - 2013-06-08 20:59 - 00000000 ____D C:\Users\Santa\AppData\Local\Secunia PSI
2013-06-08 20:59 - 2013-06-08 20:59 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-06-08 20:56 - 2013-06-08 20:56 - 00053248 ____A C:\Windows\SysWOW64\zlib.dll
2013-06-08 20:56 - 2013-06-08 20:56 - 00000749 ____A C:\Users\Public\Desktop\dMaintenanceConfig.zip
2013-06-08 20:49 - 2013-06-08 20:49 - 00024576 ____A C:\Windows\System32\FoolishEventLogMsgHelper.dll
2013-06-08 19:54 - 2013-06-08 19:54 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-08 19:48 - 2013-06-08 19:48 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Auslogics
2013-06-08 19:47 - 2013-06-08 19:47 - 00000946 ____A C:\Users\Public\Desktop\PC-WELT-ServiceCenter.lnk
2013-06-08 19:47 - 2013-06-08 19:46 - 00000000 ____D C:\Program Files\PC-WELT-ServiceCenter
2013-06-08 18:32 - 2013-06-08 18:32 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-08 18:29 - 2013-06-03 17:10 - 00000000 ____D C:\Users\Santa\VMLites
2013-06-08 17:48 - 2013-02-03 21:03 - 00000000 ____D C:\Users\Santa\AppData\Local\VirtualStore
2013-06-08 16:46 - 2013-06-08 16:46 - 00000000 ____D C:\Users\Santa\AppData\Local\Engelmann_Media
2013-06-08 16:40 - 2013-06-08 16:40 - 00000000 ____D C:\ProgramData\Licenses
2013-06-08 16:34 - 2013-06-08 16:34 - 00000000 ____D C:\Users\Santa\AppData\Roaming\SuperEasy Software
2013-06-08 16:31 - 2013-06-08 16:31 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Engelmann Media
2013-06-08 16:28 - 2013-06-08 16:27 - 00010458 ____A C:\Windows\Q-Dir.ini
2013-06-08 16:28 - 2013-06-08 16:27 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Q-Dir
2013-06-08 16:27 - 2013-06-08 16:27 - 00001832 ____A C:\Users\Public\Desktop\Q-Dir.lnk
2013-06-08 16:27 - 2013-06-08 16:27 - 00000000 ____D C:\Program Files (x86)\Q-Dir
2013-06-06 23:32 - 2013-02-11 01:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-06 23:09 - 2013-06-06 22:52 - 00000000 ____D C:\Users\Santa\AppData\Roaming\GlarySoft
2013-06-06 22:55 - 2013-02-05 00:09 - 00000000 ____D C:\Users\Santa\AppData\Roaming\BatteryBar
2013-06-06 18:09 - 2012-01-07 18:24 - 00000000 ____D C:\Users\Santa\dwhelper
2013-06-06 14:16 - 2013-02-05 00:09 - 00000000 ____D C:\Program Files\BatteryBar
2013-06-05 23:50 - 2013-02-03 22:16 - 00000000 ____D C:\Program Files\Classic Shell
2013-06-05 00:09 - 2013-05-30 17:13 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-05-30 17:13 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 20:05 - 2013-02-09 16:08 - 00000021 ____A C:\Users\Santa\AppData\Roaming\ISOWorkshop.ini
2013-06-04 20:02 - 2013-06-04 20:02 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-06-04 19:48 - 2013-02-05 00:10 - 00000000 ____D C:\Program Files\CCleaner
2013-06-04 19:22 - 2013-06-04 19:22 - 00000000 ____D C:\ProgramData\Bluray Decrypter
2013-06-04 19:13 - 2013-02-05 00:37 - 00001198 ____A C:\Users\Public\Desktop\ISO Workshop.lnk
2013-06-04 19:07 - 2013-06-04 19:07 - 00000000 ____D C:\Program Files\Handbrake
2013-06-04 19:07 - 2013-05-30 19:37 - 00000827 ____A C:\Users\Santa\Desktop\Handbrake.lnk
2013-06-04 16:20 - 2013-02-11 01:20 - 00000000 ____D C:\Users\Santa\AppData\Roaming\TeamViewer
2013-06-04 14:04 - 2013-02-11 01:19 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-06-04 13:56 - 2013-06-04 13:51 - 00000000 ____D C:\ProgramData\Lenovo
2013-06-04 13:51 - 2013-06-04 13:51 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-04 13:51 - 2013-06-04 13:51 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-06-04 13:51 - 2012-07-26 10:12 - 00000000 __RSD C:\Windows\Media
2013-06-03 17:30 - 2013-06-03 17:30 - 00000000 ____D C:\Users\Santa\AppData\Local\VMLite Workstation
2013-06-02 12:38 - 2013-06-02 12:38 - 00000000 ____D C:\Users\Santa\.android
2013-06-02 12:36 - 2013-02-03 22:15 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Notepad++
2013-06-01 12:38 - 2013-05-30 19:37 - 00000000 ____D C:\Users\Santa\AppData\Roaming\HandBrake
2013-05-31 22:26 - 2013-05-31 22:26 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android
2013-05-31 14:19 - 2013-05-31 14:19 - 00000000 ____D C:\ZOPO
2013-05-30 20:59 - 2013-05-30 20:59 - 00000000 ____D C:\Users\Santa\AppData\Local\FreemakeVideoConverter
2013-05-30 20:25 - 2013-05-30 20:25 - 00000000 ____D C:\ProgramData\Freemake
2013-05-30 20:25 - 2013-05-30 20:25 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-05-30 17:24 - 2013-02-06 20:07 - 00000000 ____D C:\Users\Santa\AppData\Roaming\JAM Software
2013-05-30 17:19 - 2013-02-05 23:11 - 00001080 ____A C:\Users\Santa\AppData\Roaming\Network Meter_Settings.ini
2013-05-30 17:17 - 2013-05-30 17:17 - 00310216 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 17:12 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-30 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-05-30 16:57 - 2013-05-30 16:57 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-05-30 16:57 - 2013-02-12 12:51 - 00000000 ____D C:\Users\Santa\AppData\Roaming\Foxit Software
2013-05-24 19:05 - 2013-06-04 13:52 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-05-19 12:54 - 2013-05-19 12:54 - 00097176 ____A (Elaborate Bytes AG) C:\Windows\SysWOW64\ElbyCDIO.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-11 20:03
==================== End Of Log ============================
|
|
16.06.2013, 18:46
| #19 |
| /// the machine /// TB-Ausbilder | Coin-miner zieht alle ressourcen! Processor 100% Sieht besser aus. Beobachte das mal nen Tag oder zwei und meld dich wieder
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.06.2013, 19:18
| #20 |
| | Coin-miner zieht alle ressourcen! Processor 100% Hallo Schrauber,  h: werde ich machen. Erst mal vielen Dank für die Mühe und Zeit. Ich melde mich spätestens nächstes Wochenende nochmal!  mamic |
|
17.06.2013, 08:14
| #21 |
| /// the machine /// TB-Ausbilder | Coin-miner zieht alle ressourcen! Processor 100% Alles klar
__________________ --> Coin-miner zieht alle ressourcen! Processor 100% |
|
18.06.2013, 17:14
| #22 |
| |  Coin-miner zieht alle ressourcen! Processor 100% Hallo Schrauber, so weit, so gut! Computer läuft jetzt mehr als 48h normal, das eine oder andere Programm hab ich deinstalliert und neu installiert weil anscheinend "etwas beschädigt" war.  Bin zu dem Schluss gekommen dass das Schutzpaket von Win 8 wohl doch nicht ausreicht - Ich habe ESET installiert und Malewarebites laufen lassen - keine Meldungen.  Ich verspreche ich werde in Zukunft noch gründlicher checken bevor ich etwas klicke! Dieses Mall war es eine "jjojsdfjläsddjfoweerllnsadhsif.rar.exe" deren Name genau so lang war dass ".exe" nicht mehr zu sehen war. Meine Töchter denen ich normalerweise helfen kann haben sich darüber amüsiert dass es diesmal mich erwischt hatte! Ich sage jedenfalls recht schön Danke für deine Geduld und Hilfe Ich hoffe trotzdem dass ich euch so bald nicht wieder brauche! Liebe Grüsse mamic |
|
18.06.2013, 18:31
| #23 |
| /// the machine /// TB-Ausbilder | Coin-miner zieht alle ressourcen! Processor 100% Gern geschehen Dann räumen wir mal auf, falls noch was da ist: Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 20:25
| #24 |
| | Coin-miner zieht alle ressourcen! Processor 100% Hallo Schrauber, alles erledigt, Software deinstalliert bzw gelöscht. Nochmal schönen Dank Gruss mamic |
|
19.06.2013, 07:12
| #25 |
| /// the machine /// TB-Ausbilder | Coin-miner zieht alle ressourcen! Processor 100% Gern Geschehn
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Coin-miner zieht alle ressourcen! Processor 100% |
| 7-zip, android/exploit.lotoor.an, application/pdf:, askbar, autorun, bonjour, coin-miner, converter, flash player, homepage, iexplore.exe, install.exe, ntdll.dll, plug-in, programm, prozessor 100%, revo uninstaller, secunia psi, software, svchost.exe, usenext, vbs/coinminer.o, win 8, win32/injector.autoit.mb, windows, windows xp |
Linear-Darstellung
