|
Plagegeister aller Art und deren Bekämpfung: Firefox ungewollte umleitungen auf verdächtige SeitenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.07.2013, 12:45 | #1 |
| Firefox ungewollte umleitungen auf verdächtige Seiten Hallo, ich hab seite heute ein Problem bei Firefox. Immer wen ich Fireox neu starte sollte es normalerweise auf diese Seite starten: hxxp://www.youtube.com/feed/subscriptions jedoch komm dann ganz kurz in der Adresszeile dieser Link: hxxp://www.youtube.com/channel/UCQkIU3jEpRGgXRSYC_hFjPw und dann komme ich auf die Startseite von Youtube. Die Seite des Links sehe ich dabei nicht, aber wen ich die Adresse direkt eingebe sehe ich das: ___ {o,o} |)__) -"-"- O RLY? Auch wen ich auf andere Links gehe werde ich nicht direkt dort hin geführt, sondern lande immer auf der Startseite der Webside. Dann muss ich nochmals auf den Link klicken um auf die gewünschte seite zu gelangen. Dann ist da noch etwas: Wen ich auf Facebook gehen möchte werde ich automatisch auf irgendwelche Partnerbörsen umgeleitet, z.B. hxxp://amigos.com/?pid=g1302052 Dann muss ich erneut Facebook aufrufen um drauf zu gelangen. Ich bedanke mich im vorraus für die Hilfe und fals weitere Infos zur lösung benötigt werden einfach bescheid sagen. |
06.07.2013, 12:47 | #2 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex netsvcs msconfig %SYSTEMDRIVE%\*. %PROGRAMFILES%\*.exe %LOCALAPPDATA%\*.exe %systemroot%\*. /mp /s C:\Windows\system32\*.tsp /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %USERPROFILE%\*.* %USERPROFILE%\Local Settings\Temp\*.exe %USERPROFILE%\Local Settings\Temp\*.dll %USERPROFILE%\Application Data\*.exe HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs CREATERESTOREPOINT
__________________ |
06.07.2013, 13:45 | #3 |
| Firefox ungewollte umleitungen auf verdächtige Seiten Ich habe die Datei in Dropbox hochgeladen, da der Text zu lang für eine Antwort und die Datei zu groß zum anhängen ist:
__________________https://www.dropbox.com/s/dnl4i3ymhqg0dhi/OTL%2BExtras.zip |
06.07.2013, 13:56 | #4 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten dannn bitte packen und anhängen.b
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 14:21 | #5 |
| Firefox ungewollte umleitungen auf verdächtige Seiten Gemacht |
06.07.2013, 14:34 | #6 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Hi, Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Firefox ungewollte umleitungen auf verdächtige Seiten |
06.07.2013, 15:49 | #7 |
| Firefox ungewollte umleitungen auf verdächtige Seiten 16:44:37.0323 7088 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 16:44:37.0523 7088 ============================================================ 16:44:37.0523 7088 Current date / time: 2013/07/06 16:44:37.0523 16:44:37.0523 7088 SystemInfo: 16:44:37.0523 7088 16:44:37.0523 7088 OS Version: 6.1.7601 ServicePack: 1.0 16:44:37.0523 7088 Product type: Workstation 16:44:37.0523 7088 ComputerName: PC 16:44:37.0524 7088 UserName: nutzer 16:44:37.0524 7088 Windows directory: C:\Windows 16:44:37.0524 7088 System windows directory: C:\Windows 16:44:37.0524 7088 Running under WOW64 16:44:37.0524 7088 Processor architecture: Intel x64 16:44:37.0524 7088 Number of processors: 8 16:44:37.0524 7088 Page size: 0x1000 16:44:37.0524 7088 Boot type: Normal boot 16:44:37.0524 7088 ============================================================ 16:44:39.0213 7088 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:44:39.0226 7088 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:44:39.0232 7088 ============================================================ 16:44:39.0232 7088 \Device\Harddisk1\DR1: 16:44:39.0233 7088 MBR partitions: 16:44:39.0233 7088 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:44:39.0233 7088 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 16:44:39.0233 7088 \Device\Harddisk0\DR0: 16:44:39.0233 7088 MBR partitions: 16:44:39.0233 7088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000 16:44:39.0233 7088 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x28710800 16:44:39.0233 7088 ============================================================ 16:44:39.0276 7088 C: <-> \Device\Harddisk1\DR1\Partition2 16:44:39.0297 7088 D: <-> \Device\Harddisk0\DR0\Partition1 16:44:39.0320 7088 E: <-> \Device\Harddisk0\DR0\Partition2 16:44:39.0320 7088 ============================================================ 16:44:39.0320 7088 Initialize success 16:44:39.0320 7088 ============================================================ 16:44:44.0162 2068 ============================================================ 16:44:44.0162 2068 Scan started 16:44:44.0162 2068 Mode: Manual; 16:44:44.0163 2068 ============================================================ 16:44:45.0282 2068 ================ Scan system memory ======================== 16:44:45.0282 2068 System memory - ok 16:44:45.0283 2068 ================ Scan services ============================= 16:44:45.0768 2068 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 16:44:45.0771 2068 1394ohci - ok 16:44:45.0806 2068 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:44:45.0839 2068 ACPI - ok 16:44:46.0419 2068 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 16:44:46.0420 2068 AcpiPmi - ok 16:44:46.0592 2068 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:44:46.0593 2068 AdobeARMservice - ok 16:44:46.0787 2068 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:44:46.0790 2068 AdobeFlashPlayerUpdateSvc - ok 16:44:46.0835 2068 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:44:46.0840 2068 adp94xx - ok 16:44:46.0893 2068 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:44:46.0897 2068 adpahci - ok 16:44:46.0905 2068 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:44:46.0907 2068 adpu320 - ok 16:44:46.0930 2068 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:44:46.0931 2068 AeLookupSvc - ok 16:44:46.0985 2068 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 16:44:46.0990 2068 AFD - ok 16:44:47.0011 2068 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 16:44:47.0011 2068 agp440 - ok 16:44:47.0168 2068 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll 16:44:47.0168 2068 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803 16:44:47.0171 2068 Akamai ( HiddenFile.Multi.Generic ) - warning 16:44:47.0171 2068 Akamai - detected HiddenFile.Multi.Generic (1) 16:44:47.0184 2068 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 16:44:47.0185 2068 ALG - ok 16:44:47.0200 2068 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 16:44:47.0204 2068 aliide - ok 16:44:47.0258 2068 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 16:44:47.0261 2068 AMD External Events Utility - ok 16:44:47.0272 2068 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 16:44:47.0273 2068 amdide - ok 16:44:47.0293 2068 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:44:47.0294 2068 AmdK8 - ok 16:44:47.0521 2068 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 16:44:47.0688 2068 amdkmdag - ok 16:44:47.0716 2068 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 16:44:47.0722 2068 amdkmdap - ok 16:44:47.0742 2068 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 16:44:47.0743 2068 AmdPPM - ok 16:44:47.0762 2068 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:44:47.0763 2068 amdsata - ok 16:44:47.0781 2068 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:44:47.0783 2068 amdsbs - ok 16:44:47.0790 2068 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:44:47.0791 2068 amdxata - ok 16:44:47.0842 2068 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 16:44:47.0843 2068 AppHostSvc - ok 16:44:47.0867 2068 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 16:44:47.0868 2068 AppID - ok 16:44:47.0870 2068 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:44:47.0871 2068 AppIDSvc - ok 16:44:47.0926 2068 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 16:44:47.0927 2068 Appinfo - ok 16:44:48.0030 2068 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:44:48.0031 2068 Apple Mobile Device - ok 16:44:48.0119 2068 [ F5308D8E62CD63711CCA37E3B9109832 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe 16:44:48.0127 2068 Application Updater - ok 16:44:48.0135 2068 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 16:44:48.0136 2068 arc - ok 16:44:48.0139 2068 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:44:48.0140 2068 arcsas - ok 16:44:48.0198 2068 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 16:44:48.0224 2068 asmthub3 - ok 16:44:48.0268 2068 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 16:44:48.0272 2068 asmtxhci - ok 16:44:48.0393 2068 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:44:48.0394 2068 aspnet_state - ok 16:44:48.0408 2068 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:44:48.0409 2068 AsyncMac - ok 16:44:48.0411 2068 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 16:44:48.0412 2068 atapi - ok 16:44:48.0456 2068 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 16:44:48.0457 2068 AtiHDAudioService - ok 16:44:48.0519 2068 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys 16:44:48.0522 2068 atksgt - ok 16:44:48.0555 2068 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:44:48.0562 2068 AudioEndpointBuilder - ok 16:44:48.0571 2068 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:44:48.0574 2068 AudioSrv - ok 16:44:48.0621 2068 [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp C:\Windows\system32\drivers\avgtpx64.sys 16:44:48.0622 2068 avgtp - ok 16:44:48.0639 2068 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:44:48.0656 2068 AxInstSV - ok 16:44:48.0682 2068 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:44:48.0687 2068 b06bdrv - ok 16:44:48.0720 2068 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 16:44:48.0722 2068 b57nd60a - ok 16:44:48.0743 2068 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 16:44:48.0744 2068 BDESVC - ok 16:44:48.0761 2068 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 16:44:48.0762 2068 Beep - ok 16:44:48.0817 2068 [ 06C1E887BF34C0E31EB8E2C999E4842F ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe 16:44:48.0818 2068 BEService - ok 16:44:48.0866 2068 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 16:44:48.0873 2068 BFE - ok 16:44:48.0912 2068 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 16:44:48.0923 2068 BITS - ok 16:44:48.0934 2068 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 16:44:48.0935 2068 blbdrive - ok 16:44:49.0018 2068 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 16:44:49.0022 2068 Bonjour Service - ok 16:44:49.0051 2068 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:44:49.0053 2068 bowser - ok 16:44:49.0066 2068 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 16:44:49.0067 2068 BrFiltLo - ok 16:44:49.0083 2068 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 16:44:49.0083 2068 BrFiltUp - ok 16:44:49.0130 2068 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 16:44:49.0132 2068 Browser - ok 16:44:49.0152 2068 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 16:44:49.0155 2068 Brserid - ok 16:44:49.0174 2068 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 16:44:49.0175 2068 BrSerWdm - ok 16:44:49.0184 2068 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 16:44:49.0185 2068 BrUsbMdm - ok 16:44:49.0193 2068 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 16:44:49.0198 2068 BrUsbSer - ok 16:44:49.0216 2068 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:44:49.0217 2068 BTHMODEM - ok 16:44:49.0246 2068 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 16:44:49.0248 2068 bthserv - ok 16:44:49.0262 2068 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:44:49.0264 2068 cdfs - ok 16:44:49.0271 2068 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:44:49.0273 2068 cdrom - ok 16:44:49.0284 2068 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 16:44:49.0285 2068 CertPropSvc - ok 16:44:49.0304 2068 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 16:44:49.0305 2068 circlass - ok 16:44:49.0311 2068 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 16:44:49.0315 2068 CLFS - ok 16:44:49.0346 2068 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:44:49.0347 2068 clr_optimization_v2.0.50727_32 - ok 16:44:49.0374 2068 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:44:49.0375 2068 clr_optimization_v2.0.50727_64 - ok 16:44:49.0439 2068 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:44:49.0441 2068 clr_optimization_v4.0.30319_32 - ok 16:44:49.0449 2068 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:44:49.0451 2068 clr_optimization_v4.0.30319_64 - ok 16:44:49.0467 2068 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 16:44:49.0468 2068 CmBatt - ok 16:44:49.0477 2068 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:44:49.0477 2068 cmdide - ok 16:44:49.0496 2068 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 16:44:49.0501 2068 CNG - ok 16:44:49.0516 2068 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:44:49.0517 2068 Compbatt - ok 16:44:49.0540 2068 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 16:44:49.0541 2068 CompositeBus - ok 16:44:49.0543 2068 COMSysApp - ok 16:44:49.0606 2068 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys 16:44:49.0607 2068 cpuz135 - ok 16:44:49.0627 2068 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:44:49.0628 2068 crcdisk - ok 16:44:49.0672 2068 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:44:49.0675 2068 CryptSvc - ok 16:44:49.0698 2068 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:44:49.0704 2068 DcomLaunch - ok 16:44:49.0729 2068 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 16:44:49.0732 2068 defragsvc - ok 16:44:49.0896 2068 [ D17845A5385BFCB838CDC532AF5E3E47 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe 16:44:49.0949 2068 DevoloNetworkService - ok 16:44:49.0965 2068 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:44:49.0966 2068 DfsC - ok 16:44:49.0980 2068 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 16:44:49.0983 2068 Dhcp - ok 16:44:49.0994 2068 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 16:44:49.0995 2068 discache - ok 16:44:50.0010 2068 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 16:44:50.0011 2068 Disk - ok 16:44:50.0032 2068 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:44:50.0035 2068 Dnscache - ok 16:44:50.0058 2068 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 16:44:50.0062 2068 dot3svc - ok 16:44:50.0121 2068 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 16:44:50.0123 2068 Dot4 - ok 16:44:50.0185 2068 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 16:44:50.0185 2068 Dot4Print - ok 16:44:50.0231 2068 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 16:44:50.0232 2068 dot4usb - ok 16:44:50.0249 2068 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 16:44:50.0252 2068 DPS - ok 16:44:50.0284 2068 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:44:50.0285 2068 drmkaud - ok 16:44:50.0332 2068 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 16:44:50.0335 2068 dtsoftbus01 - ok 16:44:50.0377 2068 dump_wmimmc - ok 16:44:50.0432 2068 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:44:50.0441 2068 DXGKrnl - ok 16:44:50.0455 2068 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 16:44:50.0457 2068 EapHost - ok 16:44:50.0513 2068 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:44:50.0566 2068 ebdrv - ok 16:44:50.0624 2068 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 16:44:50.0625 2068 EFS - ok 16:44:50.0665 2068 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:44:50.0670 2068 ehRecvr - ok 16:44:50.0682 2068 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 16:44:50.0683 2068 ehSched - ok 16:44:50.0699 2068 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:44:50.0704 2068 elxstor - ok 16:44:50.0715 2068 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:44:50.0716 2068 ErrDev - ok 16:44:50.0735 2068 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 16:44:50.0739 2068 EventSystem - ok 16:44:50.0760 2068 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 16:44:50.0762 2068 exfat - ok 16:44:50.0811 2068 Fabs - ok 16:44:50.0822 2068 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:44:50.0824 2068 fastfat - ok 16:44:50.0854 2068 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 16:44:50.0861 2068 Fax - ok 16:44:50.0874 2068 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 16:44:50.0875 2068 fdc - ok 16:44:50.0894 2068 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 16:44:50.0895 2068 fdPHost - ok 16:44:50.0900 2068 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 16:44:50.0901 2068 FDResPub - ok 16:44:50.0906 2068 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:44:50.0907 2068 FileInfo - ok 16:44:50.0916 2068 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:44:50.0916 2068 Filetrace - ok 16:44:51.0008 2068 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 16:44:51.0061 2068 FirebirdServerMAGIXInstance - ok 16:44:51.0167 2068 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 16:44:51.0179 2068 FLEXnet Licensing Service 64 - ok 16:44:51.0191 2068 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 16:44:51.0205 2068 flpydisk - ok 16:44:51.0232 2068 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:44:51.0235 2068 FltMgr - ok 16:44:51.0296 2068 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 16:44:51.0307 2068 FontCache - ok 16:44:51.0347 2068 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:44:51.0347 2068 FontCache3.0.0.0 - ok 16:44:51.0356 2068 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:44:51.0357 2068 FsDepends - ok 16:44:51.0403 2068 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:44:51.0403 2068 Fs_Rec - ok 16:44:51.0440 2068 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:44:51.0442 2068 fvevol - ok 16:44:51.0458 2068 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:44:51.0459 2068 gagp30kx - ok 16:44:51.0502 2068 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:44:51.0503 2068 GEARAspiWDM - ok 16:44:51.0518 2068 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 16:44:51.0526 2068 gpsvc - ok 16:44:51.0631 2068 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:44:51.0632 2068 gupdate - ok 16:44:51.0655 2068 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:44:51.0656 2068 gupdatem - ok 16:44:51.0906 2068 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 16:44:51.0907 2068 hamachi - ok 16:44:51.0916 2068 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 16:44:51.0949 2068 hcw85cir - ok 16:44:52.0129 2068 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:44:52.0151 2068 HdAudAddService - ok 16:44:52.0210 2068 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:44:52.0212 2068 HDAudBus - ok 16:44:52.0231 2068 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 16:44:52.0231 2068 HidBatt - ok 16:44:52.0242 2068 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:44:52.0243 2068 HidBth - ok 16:44:52.0253 2068 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 16:44:52.0254 2068 HidIr - ok 16:44:52.0270 2068 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 16:44:52.0271 2068 hidserv - ok 16:44:52.0294 2068 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:44:52.0295 2068 HidUsb - ok 16:44:52.0315 2068 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:44:52.0317 2068 hkmsvc - ok 16:44:52.0328 2068 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:44:52.0331 2068 HomeGroupListener - ok 16:44:52.0347 2068 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:44:52.0350 2068 HomeGroupProvider - ok 16:44:52.0497 2068 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 16:44:52.0500 2068 hpqcxs08 - ok 16:44:52.0526 2068 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 16:44:52.0528 2068 hpqddsvc - ok 16:44:52.0536 2068 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:44:52.0537 2068 HpSAMD - ok 16:44:52.0606 2068 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 16:44:52.0617 2068 HPSLPSVC - ok 16:44:52.0640 2068 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:44:52.0648 2068 HTTP - ok 16:44:52.0654 2068 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:44:52.0654 2068 hwpolicy - ok 16:44:52.0683 2068 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 16:44:52.0685 2068 i8042prt - ok 16:44:52.0698 2068 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:44:52.0700 2068 iaStorV - ok 16:44:52.0794 2068 [ F85EB9654B4C771470CD13A0A170D3B9 ] IBUpdaterService C:\Windows\system32\dmwu.exe 16:44:52.0808 2068 IBUpdaterService - ok 16:44:52.0898 2068 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 16:44:52.0899 2068 IDriverT - ok 16:44:52.0941 2068 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:44:52.0950 2068 idsvc - ok 16:44:52.0963 2068 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:44:52.0963 2068 iirsp - ok 16:44:53.0001 2068 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe 16:44:53.0001 2068 IISADMIN - ok 16:44:53.0026 2068 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 16:44:53.0035 2068 IKEEXT - ok 16:44:53.0190 2068 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe 16:44:53.0199 2068 IMFservice - ok 16:44:53.0335 2068 [ E7E0E8F2F44BCB48143FBBA70106D8C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:44:53.0392 2068 IntcAzAudAddService - ok 16:44:53.0410 2068 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 16:44:53.0411 2068 intelide - ok 16:44:53.0435 2068 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:44:53.0436 2068 intelppm - ok 16:44:53.0449 2068 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:44:53.0451 2068 IPBusEnum - ok 16:44:53.0468 2068 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:44:53.0469 2068 IpFilterDriver - ok 16:44:53.0520 2068 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:44:53.0526 2068 iphlpsvc - ok 16:44:53.0529 2068 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 16:44:53.0530 2068 IPMIDRV - ok 16:44:53.0533 2068 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:44:53.0534 2068 IPNAT - ok 16:44:53.0554 2068 iPod Service - ok 16:44:53.0557 2068 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:44:53.0558 2068 IRENUM - ok 16:44:53.0577 2068 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:44:53.0577 2068 isapnp - ok 16:44:53.0618 2068 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 16:44:53.0621 2068 iScsiPrt - ok 16:44:53.0639 2068 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:44:53.0640 2068 kbdclass - ok 16:44:53.0649 2068 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:44:53.0650 2068 kbdhid - ok 16:44:53.0657 2068 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 16:44:53.0658 2068 KeyIso - ok 16:44:53.0698 2068 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:44:53.0699 2068 KSecDD - ok 16:44:53.0716 2068 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:44:53.0719 2068 KSecPkg - ok 16:44:53.0724 2068 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:44:53.0725 2068 ksthunk - ok 16:44:53.0748 2068 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 16:44:53.0753 2068 KtmRm - ok 16:44:53.0780 2068 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:44:53.0784 2068 LanmanServer - ok 16:44:53.0805 2068 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:44:53.0808 2068 LanmanWorkstation - ok 16:44:53.0848 2068 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys 16:44:53.0849 2068 lirsgt - ok 16:44:53.0887 2068 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:44:53.0888 2068 lltdio - ok 16:44:53.0916 2068 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:44:53.0920 2068 lltdsvc - ok 16:44:53.0931 2068 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:44:53.0932 2068 lmhosts - ok 16:44:53.0964 2068 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:44:53.0965 2068 LSI_FC - ok 16:44:53.0976 2068 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:44:53.0977 2068 LSI_SAS - ok 16:44:53.0985 2068 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:44:53.0986 2068 LSI_SAS2 - ok 16:44:54.0002 2068 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:44:54.0004 2068 LSI_SCSI - ok 16:44:54.0011 2068 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 16:44:54.0012 2068 luafv - ok 16:44:54.0059 2068 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 16:44:54.0062 2068 LVRS64 - ok 16:44:54.0179 2068 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 16:44:54.0260 2068 LVUVC64 - ok 16:44:54.0315 2068 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:44:54.0317 2068 Mcx2Svc - ok 16:44:54.0331 2068 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 16:44:54.0332 2068 megasas - ok 16:44:54.0347 2068 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 16:44:54.0350 2068 MegaSR - ok 16:44:54.0499 2068 [ 551A5E070F5DF69A64463852E93009DD ] mitsijm2013 C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe 16:44:54.0503 2068 mitsijm2013 - ok 16:44:54.0513 2068 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 16:44:54.0515 2068 MMCSS - ok 16:44:54.0517 2068 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 16:44:54.0518 2068 Modem - ok 16:44:54.0537 2068 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:44:54.0537 2068 monitor - ok 16:44:54.0540 2068 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:44:54.0541 2068 mouclass - ok 16:44:54.0560 2068 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:44:54.0561 2068 mouhid - ok 16:44:54.0576 2068 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:44:54.0577 2068 mountmgr - ok 16:44:54.0680 2068 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:44:54.0701 2068 MozillaMaintenance - ok 16:44:54.0749 2068 [ C8FAFBB0ED7BBCA1035987EB842FE2E6 ] MPEVirtual C:\Windows\system32\DRIVERS\TeViiData64.sys 16:44:54.0749 2068 MPEVirtual - ok 16:44:54.0834 2068 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 16:44:54.0836 2068 MpFilter - ok 16:44:54.0845 2068 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 16:44:54.0847 2068 mpio - ok 16:44:54.0857 2068 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:44:54.0858 2068 mpsdrv - ok 16:44:54.0882 2068 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:44:54.0890 2068 MpsSvc - ok 16:44:54.0906 2068 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:44:54.0908 2068 MRxDAV - ok 16:44:54.0939 2068 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:44:54.0941 2068 mrxsmb - ok 16:44:54.0956 2068 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:44:54.0960 2068 mrxsmb10 - ok 16:44:54.0976 2068 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:44:54.0977 2068 mrxsmb20 - ok 16:44:54.0989 2068 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 16:44:54.0990 2068 msahci - ok 16:44:55.0004 2068 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:44:55.0006 2068 msdsm - ok 16:44:55.0026 2068 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 16:44:55.0028 2068 MSDTC - ok 16:44:55.0033 2068 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:44:55.0034 2068 Msfs - ok 16:44:55.0047 2068 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:44:55.0047 2068 mshidkmdf - ok 16:44:55.0098 2068 [ 26668CC2920DE2497A8E369B16E48CA3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 16:44:55.0099 2068 MSHUSBVideo - ok 16:44:55.0113 2068 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:44:55.0114 2068 msisadrv - ok 16:44:55.0138 2068 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:44:55.0140 2068 MSiSCSI - ok 16:44:55.0142 2068 msiserver - ok 16:44:55.0163 2068 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:44:55.0164 2068 MSKSSRV - ok 16:44:55.0258 2068 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 16:44:55.0259 2068 MsMpSvc - ok 16:44:55.0297 2068 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:44:55.0298 2068 MSPCLOCK - ok 16:44:55.0349 2068 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:44:55.0351 2068 MSPQM - ok 16:44:55.0373 2068 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:44:55.0377 2068 MsRPC - ok 16:44:55.0381 2068 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:44:55.0381 2068 mssmbios - ok 16:44:55.0391 2068 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:44:55.0392 2068 MSTEE - ok 16:44:55.0407 2068 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 16:44:55.0408 2068 MTConfig - ok 16:44:55.0427 2068 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 16:44:55.0428 2068 Mup - ok 16:44:55.0454 2068 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 16:44:55.0459 2068 napagent - ok 16:44:55.0493 2068 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:44:55.0497 2068 NativeWifiP - ok 16:44:55.0546 2068 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:44:55.0555 2068 NDIS - ok 16:44:55.0568 2068 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:44:55.0569 2068 NdisCap - ok 16:44:55.0582 2068 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:44:55.0582 2068 NdisTapi - ok 16:44:55.0599 2068 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:44:55.0600 2068 Ndisuio - ok 16:44:55.0619 2068 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:44:55.0621 2068 NdisWan - ok 16:44:55.0637 2068 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:44:55.0638 2068 NDProxy - ok 16:44:55.0688 2068 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 16:44:55.0689 2068 Net Driver HPZ12 - ok 16:44:55.0750 2068 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 16:44:55.0750 2068 Netaapl - ok 16:44:55.0753 2068 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:44:55.0754 2068 NetBIOS - ok 16:44:55.0776 2068 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:44:55.0778 2068 NetBT - ok 16:44:55.0790 2068 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 16:44:55.0791 2068 Netlogon - ok 16:44:55.0809 2068 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 16:44:55.0814 2068 Netman - ok 16:44:55.0868 2068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:44:55.0870 2068 NetMsmqActivator - ok 16:44:55.0874 2068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:44:55.0875 2068 NetPipeActivator - ok 16:44:55.0906 2068 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 16:44:55.0911 2068 netprofm - ok 16:44:55.0968 2068 [ C553716F6F7BCA3444CEE52DFB7C9016 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys 16:44:55.0975 2068 netr28ux - ok 16:44:55.0978 2068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:44:55.0979 2068 NetTcpActivator - ok 16:44:55.0982 2068 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:44:55.0983 2068 NetTcpPortSharing - ok 16:44:55.0986 2068 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:44:55.0987 2068 nfrd960 - ok 16:44:56.0033 2068 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 16:44:56.0035 2068 NisDrv - ok 16:44:56.0093 2068 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 16:44:56.0098 2068 NisSrv - ok 16:44:56.0150 2068 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:44:56.0154 2068 NlaSvc - ok 16:44:56.0220 2068 [ AD42FB061166AF0643806800304BD76F ] NLNdisMP C:\Windows\system32\DRIVERS\nlndis.sys 16:44:56.0221 2068 NLNdisMP - ok 16:44:56.0244 2068 [ AD42FB061166AF0643806800304BD76F ] NLNdisPT C:\Windows\system32\DRIVERS\nlndis.sys 16:44:56.0245 2068 NLNdisPT - ok 16:44:56.0373 2068 [ 6988373E38223438B09F0C27D7E67393 ] nlsvc C:\Program Files\NetLimiter 3\nlsvc.exe 16:44:56.0414 2068 nlsvc - ok 16:44:56.0499 2068 [ 75E6581DE9A0B155EDAB6807E668BE06 ] nltdi C:\Program Files\NetLimiter 3\nltdi.sys 16:44:56.0500 2068 nltdi - ok 16:44:56.0509 2068 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:44:56.0509 2068 Npfs - ok 16:44:56.0641 2068 [ 49697C2C761ACB5C0DE99CC8FE93E95B ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys 16:44:56.0641 2068 NPF_devolo - ok 16:44:56.0644 2068 npggsvc - ok 16:44:56.0653 2068 NPPTNT2 - ok 16:44:56.0671 2068 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 16:44:56.0673 2068 nsi - ok 16:44:56.0686 2068 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:44:56.0686 2068 nsiproxy - ok 16:44:56.0748 2068 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:44:56.0776 2068 Ntfs - ok 16:44:56.0802 2068 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 16:44:56.0802 2068 Null - ok 16:44:56.0839 2068 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:44:56.0841 2068 nvraid - ok 16:44:56.0865 2068 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:44:56.0866 2068 nvstor - ok 16:44:56.0894 2068 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:44:56.0914 2068 nv_agp - ok 16:44:56.0917 2068 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:44:56.0918 2068 ohci1394 - ok 16:44:56.0940 2068 OverwolfUpdaterService - ok 16:44:56.0964 2068 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:44:56.0967 2068 p2pimsvc - ok 16:44:56.0984 2068 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 16:44:56.0988 2068 p2psvc - ok 16:44:57.0001 2068 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 16:44:57.0002 2068 Parport - ok 16:44:57.0035 2068 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:44:57.0036 2068 partmgr - ok 16:44:57.0053 2068 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 16:44:57.0055 2068 PcaSvc - ok 16:44:57.0063 2068 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 16:44:57.0065 2068 pci - ok 16:44:57.0077 2068 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys 16:44:57.0077 2068 pciide - ok 16:44:57.0097 2068 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:44:57.0099 2068 pcmcia - ok 16:44:57.0111 2068 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 16:44:57.0112 2068 pcw - ok 16:44:57.0130 2068 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:44:57.0137 2068 PEAUTH - ok 16:44:57.0151 2068 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:44:57.0152 2068 PerfHost - ok 16:44:57.0187 2068 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 16:44:57.0204 2068 pla - ok 16:44:57.0278 2068 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:44:57.0566 2068 PlugPlay - ok 16:44:57.0673 2068 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 16:44:57.0675 2068 Pml Driver HPZ12 - ok 16:44:57.0691 2068 PnkBstrA - ok 16:44:57.0694 2068 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:44:57.0696 2068 PNRPAutoReg - ok 16:44:57.0701 2068 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:44:57.0703 2068 PNRPsvc - ok 16:44:57.0740 2068 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:44:57.0745 2068 PolicyAgent - ok 16:44:57.0785 2068 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 16:44:57.0787 2068 Power - ok 16:44:57.0808 2068 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:44:57.0810 2068 PptpMiniport - ok 16:44:57.0813 2068 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 16:44:57.0814 2068 Processor - ok 16:44:57.0859 2068 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 16:44:57.0862 2068 ProfSvc - ok 16:44:57.0864 2068 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:44:57.0865 2068 ProtectedStorage - ok 16:44:57.0869 2068 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:44:57.0870 2068 Psched - ok 16:44:57.0898 2068 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:44:57.0913 2068 ql2300 - ok 16:44:57.0922 2068 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:44:57.0924 2068 ql40xx - ok 16:44:57.0941 2068 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 16:44:57.0945 2068 QWAVE - ok 16:44:57.0956 2068 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:44:57.0957 2068 QWAVEdrv - ok 16:44:57.0969 2068 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:44:57.0970 2068 RasAcd - ok 16:44:57.0987 2068 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 16:44:57.0988 2068 RasAgileVpn - ok 16:44:58.0005 2068 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 16:44:58.0007 2068 RasAuto - ok 16:44:58.0019 2068 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:44:58.0021 2068 Rasl2tp - ok 16:44:58.0032 2068 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 16:44:58.0036 2068 RasMan - ok 16:44:58.0040 2068 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:44:58.0041 2068 RasPppoe - ok 16:44:58.0055 2068 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:44:58.0056 2068 RasSstp - ok 16:44:58.0070 2068 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:44:58.0073 2068 rdbss - ok 16:44:58.0088 2068 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 16:44:58.0089 2068 rdpbus - ok 16:44:58.0111 2068 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:44:58.0112 2068 RDPCDD - ok 16:44:58.0132 2068 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:44:58.0133 2068 RDPENCDD - ok 16:44:58.0142 2068 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 16:44:58.0142 2068 RDPREFMP - ok 16:44:58.0156 2068 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:44:58.0158 2068 RDPWD - ok 16:44:58.0184 2068 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:44:58.0186 2068 rdyboost - ok 16:44:58.0213 2068 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:44:58.0215 2068 RemoteAccess - ok 16:44:58.0218 2068 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:44:58.0222 2068 RemoteRegistry - ok 16:44:58.0229 2068 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:44:58.0230 2068 RpcEptMapper - ok 16:44:58.0250 2068 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 16:44:58.0251 2068 RpcLocator - ok 16:44:58.0265 2068 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 16:44:58.0268 2068 RpcSs - ok 16:44:58.0274 2068 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:44:58.0275 2068 rspndr - ok 16:44:58.0336 2068 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 16:44:58.0342 2068 RTL8167 - ok 16:44:58.0386 2068 [ AE3FC38B9D6739E4187785B3434B4D37 ] SAllBDA C:\Windows\system32\Drivers\TeViiS2.sys 16:44:58.0387 2068 SAllBDA - ok 16:44:58.0390 2068 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 16:44:58.0391 2068 SamSs - ok 16:44:58.0409 2068 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:44:58.0411 2068 sbp2port - ok 16:44:58.0418 2068 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:44:58.0421 2068 SCardSvr - ok 16:44:58.0438 2068 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:44:58.0438 2068 scfilter - ok 16:44:58.0458 2068 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 16:44:58.0469 2068 Schedule - ok 16:44:58.0485 2068 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 16:44:58.0485 2068 SCPolicySvc - ok 16:44:58.0526 2068 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys 16:44:58.0527 2068 ScreamBAudioSvc - ok 16:44:58.0541 2068 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:44:58.0544 2068 SDRSVC - ok 16:44:58.0556 2068 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:44:58.0557 2068 secdrv - ok 16:44:58.0566 2068 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 16:44:58.0567 2068 seclogon - ok 16:44:58.0583 2068 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 16:44:58.0585 2068 SENS - ok 16:44:58.0597 2068 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:44:58.0598 2068 SensrSvc - ok 16:44:58.0607 2068 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 16:44:58.0608 2068 Serenum - ok 16:44:58.0623 2068 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 16:44:58.0624 2068 Serial - ok 16:44:58.0647 2068 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:44:58.0647 2068 sermouse - ok 16:44:58.0671 2068 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 16:44:58.0673 2068 SessionEnv - ok 16:44:58.0709 2068 [ ADDC96399ACDF3C4DD690C74B835082E ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys 16:44:58.0711 2068 sfdrv01a - ok 16:44:58.0728 2068 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:44:58.0729 2068 sffdisk - ok 16:44:58.0742 2068 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:44:58.0743 2068 sffp_mmc - ok 16:44:58.0748 2068 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:44:58.0749 2068 sffp_sd - ok 16:44:58.0772 2068 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys 16:44:58.0773 2068 sfhlp02 - ok 16:44:58.0782 2068 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:44:58.0783 2068 sfloppy - ok 16:44:58.0846 2068 [ 40CF333266E10137F805B8956FE19031 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys 16:44:58.0847 2068 sfsync02 - ok 16:44:58.0898 2068 [ F3B72568A6FA36E5D63D30B8186D1C48 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys 16:44:58.0899 2068 sfvfs02 - ok 16:44:58.0911 2068 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:44:58.0915 2068 SharedAccess - ok 16:44:58.0934 2068 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:44:58.0939 2068 ShellHWDetection - ok 16:44:58.0951 2068 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:44:58.0952 2068 SiSRaid2 - ok 16:44:58.0963 2068 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:44:58.0965 2068 SiSRaid4 - ok 16:44:59.0133 2068 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 16:44:59.0189 2068 Skype C2C Service - ok 16:44:59.0280 2068 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:44:59.0282 2068 SkypeUpdate - ok 16:44:59.0306 2068 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:44:59.0308 2068 Smb - ok 16:44:59.0314 2068 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:44:59.0316 2068 SNMPTRAP - ok 16:44:59.0333 2068 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 16:44:59.0334 2068 spldr - ok 16:44:59.0373 2068 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 16:44:59.0380 2068 Spooler - ok 16:44:59.0437 2068 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 16:44:59.0491 2068 sppsvc - ok 16:44:59.0536 2068 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 16:44:59.0557 2068 sppuinotify - ok 16:44:59.0586 2068 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 16:44:59.0590 2068 srv - ok 16:44:59.0598 2068 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:44:59.0602 2068 srv2 - ok 16:44:59.0627 2068 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:44:59.0629 2068 srvnet - ok 16:44:59.0656 2068 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:44:59.0659 2068 SSDPSRV - ok 16:44:59.0673 2068 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:44:59.0675 2068 SstpSvc - ok 16:44:59.0717 2068 Steam Client Service - ok 16:44:59.0719 2068 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:44:59.0720 2068 stexstor - ok 16:44:59.0770 2068 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 16:44:59.0777 2068 stisvc - ok 16:44:59.0782 2068 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:44:59.0783 2068 swenum - ok 16:44:59.0803 2068 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 16:44:59.0809 2068 swprv - ok 16:44:59.0841 2068 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 16:44:59.0870 2068 SysMain - ok 16:44:59.0897 2068 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:44:59.0899 2068 TabletInputService - ok 16:44:59.0942 2068 [ A8D3F11BC8F37C3D7D026C3E1219B5AC ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 16:44:59.0943 2068 tap0901 - ok 16:45:00.0021 2068 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 16:45:00.0022 2068 taphss6 - ok 16:45:00.0043 2068 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 16:45:00.0047 2068 TapiSrv - ok 16:45:00.0061 2068 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 16:45:00.0063 2068 TBS - ok 16:45:00.0134 2068 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:45:00.0175 2068 Tcpip - ok 16:45:00.0246 2068 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:45:00.0254 2068 TCPIP6 - ok 16:45:00.0298 2068 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:45:00.0299 2068 tcpipreg - ok 16:45:00.0319 2068 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:45:00.0319 2068 TDPIPE - ok 16:45:00.0362 2068 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:45:00.0362 2068 TDTCP - ok 16:45:00.0377 2068 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:45:00.0379 2068 tdx - ok 16:45:00.0517 2068 [ 33966A658FF37E0C65D46E59F37E2380 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 16:45:00.0585 2068 TeamViewer7 - ok 16:45:00.0618 2068 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:45:00.0619 2068 TermDD - ok 16:45:00.0640 2068 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 16:45:00.0644 2068 TermService - ok 16:45:00.0685 2068 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 16:45:00.0686 2068 Themes - ok 16:45:00.0713 2068 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 16:45:00.0714 2068 THREADORDER - ok 16:45:00.0730 2068 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 16:45:00.0732 2068 TrkWks - ok 16:45:00.0777 2068 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:45:00.0779 2068 TrustedInstaller - ok 16:45:00.0794 2068 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:45:00.0795 2068 tssecsrv - ok 16:45:00.0811 2068 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:45:00.0812 2068 TsUsbFlt - ok 16:45:00.0821 2068 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 16:45:00.0822 2068 TsUsbGD - ok 16:45:00.0843 2068 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:45:00.0844 2068 tunnel - ok 16:45:00.0852 2068 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:45:00.0853 2068 uagp35 - ok 16:45:00.0871 2068 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:45:00.0875 2068 udfs - ok 16:45:00.0887 2068 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:45:00.0889 2068 UI0Detect - ok 16:45:00.0920 2068 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:45:00.0922 2068 uliagpkx - ok 16:45:00.0946 2068 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:45:00.0947 2068 umbus - ok 16:45:00.0957 2068 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 16:45:00.0958 2068 UmPass - ok 16:45:01.0018 2068 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 16:45:01.0023 2068 UMVPFSrv - ok 16:45:01.0102 2068 [ 132211270F2E846C4CD1C7BEC980999A ] UpdaterService C:\ProgramData\UpdaterService\wsupdsvc.exe 16:45:01.0108 2068 UpdaterService - ok 16:45:01.0138 2068 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 16:45:01.0142 2068 upnphost - ok 16:45:01.0183 2068 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 16:45:01.0184 2068 USBAAPL64 - ok 16:45:01.0312 2068 [ 842B334B1F1FDF631F43AD70C3DB9401 ] USBADVAU C:\Windows\system32\drivers\cm11264.sys 16:45:01.0342 2068 USBADVAU - ok 16:45:01.0421 2068 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 16:45:01.0422 2068 usbaudio - ok 16:45:01.0448 2068 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:45:01.0449 2068 usbccgp - ok 16:45:01.0465 2068 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:45:01.0467 2068 usbcir - ok 16:45:01.0469 2068 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:45:01.0471 2068 usbehci - ok 16:45:01.0490 2068 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:45:01.0494 2068 usbhub - ok 16:45:01.0504 2068 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 16:45:01.0505 2068 usbohci - ok 16:45:01.0513 2068 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 16:45:01.0513 2068 usbprint - ok 16:45:01.0553 2068 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 16:45:01.0554 2068 usbscan - ok 16:45:01.0574 2068 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:45:01.0576 2068 USBSTOR - ok 16:45:01.0585 2068 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 16:45:01.0586 2068 usbuhci - ok 16:45:01.0633 2068 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 16:45:01.0635 2068 usbvideo - ok 16:45:01.0651 2068 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 16:45:01.0653 2068 UxSms - ok 16:45:01.0657 2068 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 16:45:01.0658 2068 VaultSvc - ok 16:45:01.0669 2068 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:45:01.0670 2068 vdrvroot - ok 16:45:01.0683 2068 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 16:45:01.0689 2068 vds - ok 16:45:01.0716 2068 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:45:01.0717 2068 vga - ok 16:45:01.0733 2068 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 16:45:01.0733 2068 VgaSave - ok 16:45:01.0746 2068 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 16:45:01.0749 2068 vhdmp - ok 16:45:01.0763 2068 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 16:45:01.0764 2068 viaide - ok 16:45:01.0780 2068 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:45:01.0781 2068 volmgr - ok 16:45:01.0787 2068 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:45:01.0790 2068 volmgrx - ok 16:45:01.0798 2068 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:45:01.0801 2068 volsnap - ok 16:45:01.0816 2068 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:45:01.0818 2068 vsmraid - ok 16:45:01.0847 2068 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 16:45:01.0863 2068 VSS - ok 16:45:02.0055 2068 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe 16:45:02.0071 2068 vToolbarUpdater15.3.0 - ok 16:45:02.0082 2068 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 16:45:02.0082 2068 vwifibus - ok 16:45:02.0104 2068 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 16:45:02.0108 2068 W32Time - ok 16:45:02.0183 2068 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 16:45:02.0188 2068 W3SVC - ok 16:45:02.0191 2068 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:45:02.0192 2068 WacomPen - ok 16:45:02.0213 2068 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 16:45:02.0214 2068 WANARP - ok 16:45:02.0217 2068 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:45:02.0217 2068 Wanarpv6 - ok 16:45:02.0258 2068 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 16:45:02.0260 2068 WAS - ok 16:45:02.0321 2068 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 16:45:02.0333 2068 WatAdminSvc - ok 16:45:02.0367 2068 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 16:45:02.0383 2068 wbengine - ok 16:45:02.0406 2068 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:45:02.0409 2068 WbioSrvc - ok 16:45:02.0430 2068 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:45:02.0435 2068 wcncsvc - ok 16:45:02.0442 2068 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:45:02.0444 2068 WcsPlugInService - ok 16:45:02.0457 2068 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 16:45:02.0457 2068 Wd - ok 16:45:02.0511 2068 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:45:02.0519 2068 Wdf01000 - ok 16:45:02.0533 2068 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:45:02.0535 2068 WdiServiceHost - ok 16:45:02.0538 2068 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:45:02.0540 2068 WdiSystemHost - ok 16:45:02.0670 2068 [ D75398987C968DCBABC411E08029E387 ] Web Assistant C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 16:45:02.0672 2068 Web Assistant - ok 16:45:02.0694 2068 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 16:45:02.0698 2068 WebClient - ok 16:45:02.0710 2068 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:45:02.0714 2068 Wecsvc - ok 16:45:02.0727 2068 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:45:02.0729 2068 wercplsupport - ok 16:45:02.0757 2068 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 16:45:02.0759 2068 WerSvc - ok 16:45:02.0774 2068 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 16:45:02.0775 2068 WfpLwf - ok 16:45:02.0788 2068 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:45:02.0789 2068 WIMMount - ok 16:45:02.0790 2068 WinDefend - ok 16:45:02.0812 2068 WinHttpAutoProxySvc - ok 16:45:02.0872 2068 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:45:02.0875 2068 Winmgmt - ok 16:45:02.0919 2068 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 16:45:02.0963 2068 WinRM - ok 16:45:03.0028 2068 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 16:45:03.0029 2068 WinUsb - ok 16:45:03.0063 2068 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 16:45:03.0073 2068 Wlansvc - ok 16:45:03.0240 2068 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:45:03.0409 2068 wlidsvc - ok 16:45:03.0485 2068 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 16:45:03.0486 2068 WmiAcpi - ok 16:45:03.0532 2068 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:45:03.0557 2068 wmiApSrv - ok 16:45:03.0603 2068 WMPNetworkSvc - ok 16:45:03.0620 2068 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:45:03.0627 2068 WPCSvc - ok 16:45:03.0651 2068 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:45:03.0662 2068 WPDBusEnum - ok 16:45:03.0676 2068 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:45:03.0676 2068 ws2ifsl - ok 16:45:03.0688 2068 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 16:45:03.0690 2068 wscsvc - ok 16:45:03.0693 2068 WSearch - ok 16:45:03.0759 2068 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 16:45:03.0801 2068 wuauserv - ok 16:45:03.0851 2068 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:45:03.0852 2068 WudfPf - ok 16:45:03.0896 2068 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:45:03.0898 2068 WUDFRd - ok 16:45:03.0936 2068 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:45:03.0938 2068 wudfsvc - ok 16:45:03.0985 2068 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 16:45:03.0988 2068 WwanSvc - ok 16:45:04.0090 2068 X6va005 - ok 16:45:04.0107 2068 X6va007 - ok 16:45:04.0171 2068 X6va008 - ok 16:45:04.0192 2068 X6va011 - ok 16:45:04.0419 2068 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys 16:45:04.0420 2068 xusb21 - ok 16:45:04.0471 2068 ================ Scan global =============================== 16:45:04.0491 2068 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 16:45:04.0527 2068 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 16:45:04.0534 2068 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 16:45:04.0555 2068 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 16:45:04.0582 2068 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 16:45:04.0586 2068 [Global] - ok 16:45:04.0587 2068 ================ Scan MBR ================================== 16:45:04.0592 2068 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 16:45:04.0947 2068 \Device\Harddisk1\DR1 - ok 16:45:04.0958 2068 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 16:45:05.0089 2068 \Device\Harddisk0\DR0 - ok 16:45:05.0089 2068 ================ Scan VBR ================================== 16:45:05.0090 2068 [ 74EA8E215644328808A79F2CB4F34E0A ] \Device\Harddisk1\DR1\Partition1 16:45:05.0091 2068 \Device\Harddisk1\DR1\Partition1 - ok 16:45:05.0107 2068 [ DDDFC02514361CCB400D4508D96A46A2 ] \Device\Harddisk1\DR1\Partition2 16:45:05.0108 2068 \Device\Harddisk1\DR1\Partition2 - ok 16:45:05.0110 2068 [ 21D4D00033C20136BBDA3A1B6ADDE339 ] \Device\Harddisk0\DR0\Partition1 16:45:05.0111 2068 \Device\Harddisk0\DR0\Partition1 - ok 16:45:05.0116 2068 [ B5436618091499C20D11128DC5226D4F ] \Device\Harddisk0\DR0\Partition2 16:45:05.0117 2068 \Device\Harddisk0\DR0\Partition2 - ok 16:45:05.0117 2068 ============================================================ 16:45:05.0117 2068 Scan finished 16:45:05.0117 2068 ============================================================ 16:45:05.0123 6652 Detected object count: 1 16:45:05.0123 6652 Actual detected object count: 1 16:45:24.0558 6652 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 16:45:24.0558 6652 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 16:45:44.0201 4736 Deinitialize success |
06.07.2013, 15:50 | #8 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Nach Nnleitung konfigurieren, scannen, neues Log posten bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 16:25 | #9 |
| Firefox ungewollte umleitungen auf verdächtige Seiten Tschuldigung aber was ist eine Nnleitung und wie mache ich die konfiguration dazu? |
06.07.2013, 16:26 | #10 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Anleitung, und die Konfiguration steht oben im Text, zu TDSS Killer einfach mal bis zum ende aufmerksam lesen bitte.b
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 16:46 | #11 |
| Firefox ungewollte umleitungen auf verdächtige Seiten 17:40:01.0335 6124 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 17:40:01.0720 6124 ============================================================ 17:40:01.0720 6124 Current date / time: 2013/07/06 17:40:01.0720 17:40:01.0720 6124 SystemInfo: 17:40:01.0720 6124 17:40:01.0720 6124 OS Version: 6.1.7601 ServicePack: 1.0 17:40:01.0720 6124 Product type: Workstation 17:40:01.0720 6124 ComputerName: PC 17:40:01.0721 6124 UserName: nutzer 17:40:01.0721 6124 Windows directory: C:\Windows 17:40:01.0721 6124 System windows directory: C:\Windows 17:40:01.0721 6124 Running under WOW64 17:40:01.0721 6124 Processor architecture: Intel x64 17:40:01.0721 6124 Number of processors: 8 17:40:01.0721 6124 Page size: 0x1000 17:40:01.0721 6124 Boot type: Normal boot 17:40:01.0721 6124 ============================================================ 17:40:03.0381 6124 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:40:03.0396 6124 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:40:03.0402 6124 ============================================================ 17:40:03.0402 6124 \Device\Harddisk1\DR1: 17:40:03.0402 6124 MBR partitions: 17:40:03.0402 6124 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:40:03.0402 6124 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 17:40:03.0402 6124 \Device\Harddisk0\DR0: 17:40:03.0402 6124 MBR partitions: 17:40:03.0402 6124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000 17:40:03.0402 6124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x28710800 17:40:03.0402 6124 ============================================================ 17:40:03.0433 6124 C: <-> \Device\Harddisk1\DR1\Partition2 17:40:03.0450 6124 D: <-> \Device\Harddisk0\DR0\Partition1 17:40:03.0473 6124 E: <-> \Device\Harddisk0\DR0\Partition2 17:40:03.0473 6124 ============================================================ 17:40:03.0473 6124 Initialize success 17:40:03.0473 6124 ============================================================ 17:41:24.0997 3172 ============================================================ 17:41:24.0997 3172 Scan started 17:41:24.0997 3172 Mode: Manual; SigCheck; TDLFS; 17:41:24.0997 3172 ============================================================ 17:41:25.0815 3172 ================ Scan system memory ======================== 17:41:25.0815 3172 System memory - ok 17:41:25.0816 3172 ================ Scan services ============================= 17:41:25.0901 3172 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 17:41:25.0978 3172 1394ohci - ok 17:41:26.0005 3172 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 17:41:26.0015 3172 ACPI - ok 17:41:26.0030 3172 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 17:41:26.0088 3172 AcpiPmi - ok 17:41:26.0236 3172 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:41:26.0243 3172 AdobeARMservice - ok 17:41:26.0409 3172 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:41:26.0418 3172 AdobeFlashPlayerUpdateSvc - ok 17:41:26.0445 3172 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:41:26.0458 3172 adp94xx - ok 17:41:26.0470 3172 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:41:26.0480 3172 adpahci - ok 17:41:26.0493 3172 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:41:26.0501 3172 adpu320 - ok 17:41:26.0530 3172 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:41:26.0609 3172 AeLookupSvc - ok 17:41:26.0662 3172 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 17:41:26.0689 3172 AFD - ok 17:41:26.0710 3172 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:41:26.0717 3172 agp440 - ok 17:41:26.0864 3172 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll 17:41:26.0864 3172 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803 17:41:26.0867 3172 Akamai ( HiddenFile.Multi.Generic ) - warning 17:41:26.0867 3172 Akamai - detected HiddenFile.Multi.Generic (1) 17:41:26.0883 3172 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 17:41:26.0901 3172 ALG - ok 17:41:26.0911 3172 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 17:41:26.0916 3172 aliide - ok 17:41:26.0969 3172 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 17:41:27.0004 3172 AMD External Events Utility - ok 17:41:27.0016 3172 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 17:41:27.0023 3172 amdide - ok 17:41:27.0037 3172 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:41:27.0044 3172 AmdK8 - ok 17:41:27.0254 3172 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:41:27.0355 3172 amdkmdag - ok 17:41:27.0405 3172 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 17:41:27.0436 3172 amdkmdap - ok 17:41:27.0453 3172 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 17:41:27.0483 3172 AmdPPM - ok 17:41:27.0506 3172 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 17:41:27.0513 3172 amdsata - ok 17:41:27.0525 3172 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 17:41:27.0532 3172 amdsbs - ok 17:41:27.0545 3172 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 17:41:27.0551 3172 amdxata - ok 17:41:27.0608 3172 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 17:41:27.0630 3172 AppHostSvc - ok 17:41:27.0644 3172 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 17:41:27.0720 3172 AppID - ok 17:41:27.0723 3172 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 17:41:27.0757 3172 AppIDSvc - ok 17:41:27.0847 3172 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 17:41:27.0854 3172 Appinfo - ok 17:41:27.0941 3172 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:41:27.0946 3172 Apple Mobile Device - ok 17:41:28.0030 3172 [ F5308D8E62CD63711CCA37E3B9109832 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe 17:41:28.0041 3172 Application Updater - ok 17:41:28.0056 3172 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 17:41:28.0063 3172 arc - ok 17:41:28.0066 3172 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:41:28.0072 3172 arcsas - ok 17:41:28.0131 3172 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 17:41:28.0221 3172 asmthub3 - ok 17:41:28.0267 3172 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 17:41:28.0315 3172 asmtxhci - ok 17:41:28.0437 3172 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 17:41:28.0442 3172 aspnet_state - ok 17:41:28.0452 3172 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:41:28.0474 3172 AsyncMac - ok 17:41:28.0476 3172 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 17:41:28.0482 3172 atapi - ok 17:41:28.0555 3172 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 17:41:28.0561 3172 AtiHDAudioService - ok 17:41:28.0618 3172 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys 17:41:28.0628 3172 atksgt - ok 17:41:28.0654 3172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:41:28.0698 3172 AudioEndpointBuilder - ok 17:41:28.0705 3172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 17:41:28.0729 3172 AudioSrv - ok 17:41:28.0787 3172 [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp C:\Windows\system32\drivers\avgtpx64.sys 17:41:28.0794 3172 avgtp - ok 17:41:28.0816 3172 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 17:41:28.0876 3172 AxInstSV - ok 17:41:28.0893 3172 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 17:41:28.0929 3172 b06bdrv - ok 17:41:28.0952 3172 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 17:41:28.0977 3172 b57nd60a - ok 17:41:28.0998 3172 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 17:41:29.0011 3172 BDESVC - ok 17:41:29.0027 3172 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 17:41:29.0047 3172 Beep - ok 17:41:29.0106 3172 [ 06C1E887BF34C0E31EB8E2C999E4842F ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe 17:41:29.0108 3172 BEService ( UnsignedFile.Multi.Generic ) - warning 17:41:29.0108 3172 BEService - detected UnsignedFile.Multi.Generic (1) 17:41:29.0154 3172 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 17:41:29.0192 3172 BFE - ok 17:41:29.0233 3172 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 17:41:29.0259 3172 BITS - ok 17:41:29.0278 3172 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 17:41:29.0305 3172 blbdrive - ok 17:41:29.0395 3172 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:41:29.0403 3172 Bonjour Service - ok 17:41:29.0439 3172 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:41:29.0534 3172 bowser - ok 17:41:29.0544 3172 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 17:41:29.0553 3172 BrFiltLo - ok 17:41:29.0560 3172 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 17:41:29.0581 3172 BrFiltUp - ok 17:41:29.0618 3172 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 17:41:29.0641 3172 Browser - ok 17:41:29.0662 3172 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 17:41:29.0705 3172 Brserid - ok 17:41:29.0718 3172 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 17:41:29.0726 3172 BrSerWdm - ok 17:41:29.0740 3172 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 17:41:29.0753 3172 BrUsbMdm - ok 17:41:29.0760 3172 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 17:41:29.0767 3172 BrUsbSer - ok 17:41:29.0783 3172 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 17:41:29.0814 3172 BTHMODEM - ok 17:41:29.0836 3172 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 17:41:29.0857 3172 bthserv - ok 17:41:29.0863 3172 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:41:29.0911 3172 cdfs - ok 17:41:29.0928 3172 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:41:29.0936 3172 cdrom - ok 17:41:29.0963 3172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 17:41:29.0983 3172 CertPropSvc - ok 17:41:30.0016 3172 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 17:41:30.0079 3172 circlass - ok 17:41:30.0214 3172 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 17:41:30.0225 3172 CLFS - ok 17:41:30.0269 3172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:41:30.0274 3172 clr_optimization_v2.0.50727_32 - ok 17:41:30.0308 3172 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:41:30.0315 3172 clr_optimization_v2.0.50727_64 - ok 17:41:30.0473 3172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:41:30.0481 3172 clr_optimization_v4.0.30319_32 - ok 17:41:30.0494 3172 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:41:30.0501 3172 clr_optimization_v4.0.30319_64 - ok 17:41:30.0512 3172 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 17:41:30.0520 3172 CmBatt - ok 17:41:30.0533 3172 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:41:30.0539 3172 cmdide - ok 17:41:30.0585 3172 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 17:41:30.0631 3172 CNG - ok 17:41:30.0650 3172 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 17:41:30.0656 3172 Compbatt - ok 17:41:30.0674 3172 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 17:41:30.0702 3172 CompositeBus - ok 17:41:30.0704 3172 COMSysApp - ok 17:41:30.0785 3172 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys 17:41:30.0791 3172 cpuz135 - ok 17:41:30.0805 3172 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:41:30.0812 3172 crcdisk - ok 17:41:30.0862 3172 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:41:30.0883 3172 CryptSvc - ok 17:41:30.0910 3172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:41:30.0956 3172 DcomLaunch - ok 17:41:30.0984 3172 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 17:41:31.0007 3172 defragsvc - ok 17:41:31.0172 3172 [ D17845A5385BFCB838CDC532AF5E3E47 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe 17:41:31.0209 3172 DevoloNetworkService - ok 17:41:31.0221 3172 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:41:31.0242 3172 DfsC - ok 17:41:31.0269 3172 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 17:41:31.0309 3172 Dhcp - ok 17:41:31.0328 3172 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 17:41:31.0351 3172 discache - ok 17:41:31.0388 3172 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 17:41:31.0395 3172 Disk - ok 17:41:31.0411 3172 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:41:31.0456 3172 Dnscache - ok 17:41:31.0481 3172 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:41:31.0507 3172 dot3svc - ok 17:41:31.0566 3172 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 17:41:31.0575 3172 Dot4 - ok 17:41:31.0630 3172 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 17:41:31.0638 3172 Dot4Print - ok 17:41:31.0676 3172 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 17:41:31.0697 3172 dot4usb - ok 17:41:31.0716 3172 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 17:41:31.0759 3172 DPS - ok 17:41:31.0796 3172 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:41:31.0804 3172 drmkaud - ok 17:41:31.0854 3172 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 17:41:31.0862 3172 dtsoftbus01 - ok 17:41:31.0910 3172 dump_wmimmc - ok 17:41:31.0965 3172 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:41:31.0982 3172 DXGKrnl - ok 17:41:32.0000 3172 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 17:41:32.0024 3172 EapHost - ok 17:41:32.0077 3172 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 17:41:32.0104 3172 ebdrv - ok 17:41:32.0146 3172 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 17:41:32.0167 3172 EFS - ok 17:41:32.0210 3172 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:41:32.0252 3172 ehRecvr - ok 17:41:32.0260 3172 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 17:41:32.0280 3172 ehSched - ok 17:41:32.0322 3172 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:41:32.0333 3172 elxstor - ok 17:41:32.0349 3172 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:41:32.0371 3172 ErrDev - ok 17:41:32.0402 3172 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 17:41:32.0442 3172 EventSystem - ok 17:41:32.0460 3172 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 17:41:32.0482 3172 exfat - ok 17:41:32.0556 3172 Fabs - ok 17:41:32.0623 3172 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:41:32.0663 3172 fastfat - ok 17:41:32.0699 3172 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 17:41:32.0744 3172 Fax - ok 17:41:32.0763 3172 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 17:41:32.0770 3172 fdc - ok 17:41:32.0784 3172 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 17:41:32.0805 3172 fdPHost - ok 17:41:32.0822 3172 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 17:41:32.0861 3172 FDResPub - ok 17:41:32.0884 3172 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:41:32.0891 3172 FileInfo - ok 17:41:32.0905 3172 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:41:32.0945 3172 Filetrace - ok 17:41:33.0051 3172 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 17:41:33.0074 3172 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 17:41:33.0074 3172 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 17:41:33.0177 3172 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 17:41:33.0194 3172 FLEXnet Licensing Service 64 - ok 17:41:33.0213 3172 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 17:41:33.0221 3172 flpydisk - ok 17:41:33.0243 3172 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:41:33.0251 3172 FltMgr - ok 17:41:33.0319 3172 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 17:41:33.0346 3172 FontCache - ok 17:41:33.0392 3172 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:41:33.0397 3172 FontCache3.0.0.0 - ok 17:41:33.0412 3172 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 17:41:33.0419 3172 FsDepends - ok 17:41:33.0459 3172 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:41:33.0465 3172 Fs_Rec - ok 17:41:33.0507 3172 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 17:41:33.0517 3172 fvevol - ok 17:41:33.0536 3172 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:41:33.0542 3172 gagp30kx - ok 17:41:33.0567 3172 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:41:33.0571 3172 GEARAspiWDM - ok 17:41:33.0607 3172 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 17:41:33.0647 3172 gpsvc - ok 17:41:33.0765 3172 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:41:33.0771 3172 gupdate - ok 17:41:33.0788 3172 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:41:33.0794 3172 gupdatem - ok 17:41:33.0839 3172 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 17:41:33.0844 3172 hamachi - ok 17:41:33.0861 3172 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 17:41:33.0879 3172 hcw85cir - ok 17:41:33.0906 3172 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:41:33.0916 3172 HdAudAddService - ok 17:41:33.0955 3172 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:41:33.0978 3172 HDAudBus - ok 17:41:33.0998 3172 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 17:41:34.0005 3172 HidBatt - ok 17:41:34.0020 3172 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:41:34.0029 3172 HidBth - ok 17:41:34.0043 3172 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 17:41:34.0051 3172 HidIr - ok 17:41:34.0070 3172 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 17:41:34.0091 3172 hidserv - ok 17:41:34.0117 3172 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:41:34.0123 3172 HidUsb - ok 17:41:34.0138 3172 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:41:34.0180 3172 hkmsvc - ok 17:41:34.0210 3172 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 17:41:34.0224 3172 HomeGroupListener - ok 17:41:34.0248 3172 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 17:41:34.0271 3172 HomeGroupProvider - ok 17:41:34.0431 3172 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 17:41:34.0436 3172 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0436 3172 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 17:41:34.0482 3172 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 17:41:34.0500 3172 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0500 3172 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 17:41:34.0536 3172 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 17:41:34.0543 3172 HpSAMD - ok 17:41:34.0618 3172 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 17:41:34.0643 3172 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 17:41:34.0643 3172 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 17:41:34.0673 3172 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:41:34.0699 3172 HTTP - ok 17:41:34.0721 3172 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 17:41:34.0726 3172 hwpolicy - ok 17:41:34.0739 3172 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:41:34.0746 3172 i8042prt - ok 17:41:34.0765 3172 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 17:41:34.0774 3172 iaStorV - ok 17:41:34.0871 3172 [ F85EB9654B4C771470CD13A0A170D3B9 ] IBUpdaterService C:\Windows\system32\dmwu.exe 17:41:34.0889 3172 IBUpdaterService - ok 17:41:35.0009 3172 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 17:41:35.0012 3172 IDriverT ( UnsignedFile.Multi.Generic ) - warning 17:41:35.0012 3172 IDriverT - detected UnsignedFile.Multi.Generic (1) 17:41:35.0064 3172 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:41:35.0078 3172 idsvc - ok 17:41:35.0096 3172 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:41:35.0102 3172 iirsp - ok 17:41:35.0134 3172 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe 17:41:35.0174 3172 IISADMIN - ok 17:41:35.0196 3172 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 17:41:35.0265 3172 IKEEXT - ok 17:41:35.0434 3172 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe 17:41:35.0449 3172 IMFservice - ok 17:41:35.0556 3172 [ E7E0E8F2F44BCB48143FBBA70106D8C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 17:41:35.0588 3172 IntcAzAudAddService - ok 17:41:35.0591 3172 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 17:41:35.0597 3172 intelide - ok 17:41:35.0624 3172 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:41:35.0646 3172 intelppm - ok 17:41:35.0672 3172 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:41:35.0694 3172 IPBusEnum - ok 17:41:35.0697 3172 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:41:35.0739 3172 IpFilterDriver - ok 17:41:35.0787 3172 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:41:35.0806 3172 iphlpsvc - ok 17:41:35.0808 3172 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 17:41:35.0815 3172 IPMIDRV - ok 17:41:35.0826 3172 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 17:41:35.0847 3172 IPNAT - ok 17:41:35.0865 3172 iPod Service - ok 17:41:35.0872 3172 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:41:35.0895 3172 IRENUM - ok 17:41:35.0910 3172 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:41:35.0916 3172 isapnp - ok 17:41:35.0936 3172 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 17:41:35.0944 3172 iScsiPrt - ok 17:41:35.0962 3172 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:41:35.0968 3172 kbdclass - ok 17:41:35.0994 3172 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:41:36.0003 3172 kbdhid - ok 17:41:36.0013 3172 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 17:41:36.0020 3172 KeyIso - ok 17:41:36.0065 3172 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:41:36.0072 3172 KSecDD - ok 17:41:36.0083 3172 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 17:41:36.0090 3172 KSecPkg - ok 17:41:36.0102 3172 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 17:41:36.0123 3172 ksthunk - ok 17:41:36.0149 3172 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 17:41:36.0171 3172 KtmRm - ok 17:41:36.0203 3172 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 17:41:36.0247 3172 LanmanServer - ok 17:41:36.0261 3172 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:41:36.0298 3172 LanmanWorkstation - ok 17:41:36.0404 3172 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys 17:41:36.0411 3172 lirsgt - ok 17:41:36.0440 3172 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:41:36.0465 3172 lltdio - ok 17:41:36.0528 3172 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:41:36.0555 3172 lltdsvc - ok 17:41:36.0557 3172 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:41:36.0599 3172 lmhosts - ok 17:41:36.0620 3172 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:41:36.0626 3172 LSI_FC - ok 17:41:36.0643 3172 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:41:36.0649 3172 LSI_SAS - ok 17:41:36.0663 3172 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 17:41:36.0669 3172 LSI_SAS2 - ok 17:41:36.0680 3172 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:41:36.0687 3172 LSI_SCSI - ok 17:41:36.0701 3172 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 17:41:36.0742 3172 luafv - ok 17:41:36.0804 3172 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 17:41:36.0813 3172 LVRS64 - ok 17:41:36.0934 3172 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 17:41:36.0987 3172 LVUVC64 - ok 17:41:37.0016 3172 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:41:37.0023 3172 Mcx2Svc - ok 17:41:37.0043 3172 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 17:41:37.0049 3172 megasas - ok 17:41:37.0058 3172 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 17:41:37.0066 3172 MegaSR - ok 17:41:37.0221 3172 [ 551A5E070F5DF69A64463852E93009DD ] mitsijm2013 C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe 17:41:37.0230 3172 mitsijm2013 - ok 17:41:37.0247 3172 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 17:41:37.0285 3172 MMCSS - ok 17:41:37.0302 3172 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 17:41:37.0322 3172 Modem - ok 17:41:37.0337 3172 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:41:37.0346 3172 monitor - ok 17:41:37.0348 3172 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:41:37.0354 3172 mouclass - ok 17:41:37.0361 3172 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:41:37.0379 3172 mouhid - ok 17:41:37.0399 3172 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 17:41:37.0405 3172 mountmgr - ok 17:41:37.0502 3172 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:41:37.0510 3172 MozillaMaintenance - ok 17:41:37.0560 3172 [ C8FAFBB0ED7BBCA1035987EB842FE2E6 ] MPEVirtual C:\Windows\system32\DRIVERS\TeViiData64.sys 17:41:37.0567 3172 MPEVirtual - ok 17:41:37.0656 3172 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 17:41:37.0666 3172 MpFilter - ok 17:41:37.0678 3172 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 17:41:37.0686 3172 mpio - ok 17:41:37.0701 3172 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:41:37.0723 3172 mpsdrv - ok 17:41:37.0748 3172 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 17:41:37.0774 3172 MpsSvc - ok 17:41:37.0784 3172 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:41:37.0806 3172 MRxDAV - ok 17:41:37.0839 3172 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:41:37.0860 3172 mrxsmb - ok 17:41:37.0879 3172 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:41:37.0906 3172 mrxsmb10 - ok 17:41:37.0932 3172 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:41:37.0939 3172 mrxsmb20 - ok 17:41:37.0945 3172 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 17:41:37.0951 3172 msahci - ok 17:41:37.0960 3172 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:41:37.0967 3172 msdsm - ok 17:41:37.0982 3172 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 17:41:38.0007 3172 MSDTC - ok 17:41:38.0032 3172 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:41:38.0053 3172 Msfs - ok 17:41:38.0058 3172 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 17:41:38.0079 3172 mshidkmdf - ok 17:41:38.0121 3172 [ 26668CC2920DE2497A8E369B16E48CA3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 17:41:38.0145 3172 MSHUSBVideo - ok 17:41:38.0158 3172 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:41:38.0165 3172 msisadrv - ok 17:41:38.0183 3172 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:41:38.0205 3172 MSiSCSI - ok 17:41:38.0207 3172 msiserver - ok 17:41:38.0219 3172 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:41:38.0240 3172 MSKSSRV - ok 17:41:38.0325 3172 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 17:41:38.0331 3172 MsMpSvc - ok 17:41:38.0342 3172 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:41:38.0362 3172 MSPCLOCK - ok 17:41:38.0372 3172 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:41:38.0392 3172 MSPQM - ok 17:41:38.0406 3172 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:41:38.0415 3172 MsRPC - ok 17:41:38.0419 3172 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:41:38.0424 3172 mssmbios - ok 17:41:38.0436 3172 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:41:38.0457 3172 MSTEE - ok 17:41:38.0474 3172 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 17:41:38.0480 3172 MTConfig - ok 17:41:38.0494 3172 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 17:41:38.0500 3172 Mup - ok 17:41:38.0521 3172 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 17:41:38.0544 3172 napagent - ok 17:41:38.0571 3172 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:41:38.0582 3172 NativeWifiP - ok 17:41:38.0634 3172 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:41:38.0649 3172 NDIS - ok 17:41:38.0668 3172 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 17:41:38.0706 3172 NdisCap - ok 17:41:38.0727 3172 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:41:38.0747 3172 NdisTapi - ok 17:41:38.0766 3172 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:41:38.0787 3172 Ndisuio - ok 17:41:38.0797 3172 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:41:38.0839 3172 NdisWan - ok 17:41:38.0859 3172 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:41:38.0879 3172 NDProxy - ok 17:41:38.0933 3172 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 17:41:38.0953 3172 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 17:41:38.0953 3172 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 17:41:39.0028 3172 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 17:41:39.0057 3172 Netaapl - ok 17:41:39.0060 3172 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:41:39.0101 3172 NetBIOS - ok 17:41:39.0120 3172 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 17:41:39.0141 3172 NetBT - ok 17:41:39.0144 3172 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 17:41:39.0150 3172 Netlogon - ok 17:41:39.0200 3172 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 17:41:39.0226 3172 Netman - ok 17:41:39.0280 3172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:41:39.0285 3172 NetMsmqActivator - ok 17:41:39.0288 3172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:41:39.0293 3172 NetPipeActivator - ok 17:41:39.0317 3172 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 17:41:39.0341 3172 netprofm - ok 17:41:39.0390 3172 [ C553716F6F7BCA3444CEE52DFB7C9016 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys 17:41:39.0414 3172 netr28ux - ok 17:41:39.0417 3172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:41:39.0423 3172 NetTcpActivator - ok 17:41:39.0425 3172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:41:39.0430 3172 NetTcpPortSharing - ok 17:41:39.0446 3172 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:41:39.0452 3172 nfrd960 - ok 17:41:39.0500 3172 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 17:41:39.0507 3172 NisDrv - ok 17:41:39.0560 3172 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 17:41:39.0572 3172 NisSrv - ok 17:41:39.0617 3172 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:41:39.0640 3172 NlaSvc - ok 17:41:39.0710 3172 [ AD42FB061166AF0643806800304BD76F ] NLNdisMP C:\Windows\system32\DRIVERS\nlndis.sys 17:41:39.0716 3172 NLNdisMP - ok 17:41:39.0737 3172 [ AD42FB061166AF0643806800304BD76F ] NLNdisPT C:\Windows\system32\DRIVERS\nlndis.sys 17:41:39.0742 3172 NLNdisPT - ok 17:41:39.0884 3172 [ 6988373E38223438B09F0C27D7E67393 ] nlsvc C:\Program Files\NetLimiter 3\nlsvc.exe 17:41:39.0906 3172 nlsvc ( UnsignedFile.Multi.Generic ) - warning 17:41:39.0906 3172 nlsvc - detected UnsignedFile.Multi.Generic (1) 17:41:39.0955 3172 [ 75E6581DE9A0B155EDAB6807E668BE06 ] nltdi C:\Program Files\NetLimiter 3\nltdi.sys 17:41:39.0961 3172 nltdi - ok 17:41:39.0976 3172 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:41:40.0017 3172 Npfs - ok 17:41:40.0152 3172 [ 49697C2C761ACB5C0DE99CC8FE93E95B ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys 17:41:40.0159 3172 NPF_devolo - ok 17:41:40.0173 3172 npggsvc - ok 17:41:40.0185 3172 NPPTNT2 - ok 17:41:40.0205 3172 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 17:41:40.0230 3172 nsi - ok 17:41:40.0242 3172 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:41:40.0280 3172 nsiproxy - ok 17:41:40.0348 3172 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:41:40.0371 3172 Ntfs - ok 17:41:40.0380 3172 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 17:41:40.0401 3172 Null - ok 17:41:40.0428 3172 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:41:40.0435 3172 nvraid - ok 17:41:40.0454 3172 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:41:40.0461 3172 nvstor - ok 17:41:40.0472 3172 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:41:40.0479 3172 nv_agp - ok 17:41:40.0491 3172 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 17:41:40.0498 3172 ohci1394 - ok 17:41:40.0507 3172 OverwolfUpdaterService - ok 17:41:40.0531 3172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 17:41:40.0572 3172 p2pimsvc - ok 17:41:40.0584 3172 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 17:41:40.0594 3172 p2psvc - ok 17:41:40.0612 3172 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 17:41:40.0637 3172 Parport - ok 17:41:40.0669 3172 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:41:40.0675 3172 partmgr - ok 17:41:40.0686 3172 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 17:41:40.0713 3172 PcaSvc - ok 17:41:40.0730 3172 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 17:41:40.0737 3172 pci - ok 17:41:40.0744 3172 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys 17:41:40.0749 3172 pciide - ok 17:41:40.0764 3172 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 17:41:40.0771 3172 pcmcia - ok 17:41:40.0789 3172 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 17:41:40.0795 3172 pcw - ok 17:41:40.0807 3172 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:41:40.0833 3172 PEAUTH - ok 17:41:40.0840 3172 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 17:41:40.0847 3172 PerfHost - ok 17:41:40.0876 3172 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 17:41:40.0906 3172 pla - ok 17:41:40.0951 3172 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:41:40.0973 3172 PlugPlay - ok 17:41:41.0040 3172 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 17:41:41.0043 3172 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 17:41:41.0043 3172 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 17:41:41.0059 3172 PnkBstrA - ok 17:41:41.0063 3172 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 17:41:41.0083 3172 PNRPAutoReg - ok 17:41:41.0088 3172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 17:41:41.0098 3172 PNRPsvc - ok 17:41:41.0141 3172 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:41:41.0175 3172 PolicyAgent - ok 17:41:41.0218 3172 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 17:41:41.0254 3172 Power - ok 17:41:41.0286 3172 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:41:41.0321 3172 PptpMiniport - ok 17:41:41.0324 3172 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 17:41:41.0333 3172 Processor - ok 17:41:41.0370 3172 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 17:41:41.0408 3172 ProfSvc - ok 17:41:41.0410 3172 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:41:41.0417 3172 ProtectedStorage - ok 17:41:41.0435 3172 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 17:41:41.0455 3172 Psched - ok 17:41:41.0486 3172 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:41:41.0506 3172 ql2300 - ok 17:41:41.0523 3172 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:41:41.0530 3172 ql40xx - ok 17:41:41.0541 3172 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 17:41:41.0553 3172 QWAVE - ok 17:41:41.0567 3172 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:41:41.0577 3172 QWAVEdrv - ok 17:41:41.0590 3172 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:41:41.0612 3172 RasAcd - ok 17:41:41.0642 3172 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 17:41:41.0663 3172 RasAgileVpn - ok 17:41:41.0682 3172 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 17:41:41.0704 3172 RasAuto - ok 17:41:41.0719 3172 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:41:41.0763 3172 Rasl2tp - ok 17:41:41.0798 3172 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 17:41:41.0824 3172 RasMan - ok 17:41:41.0837 3172 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:41:41.0858 3172 RasPppoe - ok 17:41:41.0876 3172 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:41:41.0898 3172 RasSstp - ok 17:41:41.0914 3172 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:41:41.0949 3172 rdbss - ok 17:41:41.0965 3172 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 17:41:41.0974 3172 rdpbus - ok 17:41:41.0989 3172 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:41:42.0009 3172 RDPCDD - ok 17:41:42.0031 3172 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:41:42.0052 3172 RDPENCDD - ok 17:41:42.0063 3172 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 17:41:42.0106 3172 RDPREFMP - ok 17:41:42.0122 3172 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:41:42.0158 3172 RDPWD - ok 17:41:42.0172 3172 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 17:41:42.0180 3172 rdyboost - ok 17:41:42.0201 3172 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:41:42.0224 3172 RemoteAccess - ok 17:41:42.0241 3172 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:41:42.0283 3172 RemoteRegistry - ok 17:41:42.0306 3172 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 17:41:42.0345 3172 RpcEptMapper - ok 17:41:42.0371 3172 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 17:41:42.0392 3172 RpcLocator - ok 17:41:42.0420 3172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 17:41:42.0445 3172 RpcSs - ok 17:41:42.0451 3172 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:41:42.0472 3172 rspndr - ok 17:41:42.0536 3172 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 17:41:42.0548 3172 RTL8167 - ok 17:41:42.0596 3172 [ AE3FC38B9D6739E4187785B3434B4D37 ] SAllBDA C:\Windows\system32\Drivers\TeViiS2.sys 17:41:42.0604 3172 SAllBDA - ok 17:41:42.0623 3172 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 17:41:42.0631 3172 SamSs - ok 17:41:42.0642 3172 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:41:42.0648 3172 sbp2port - ok 17:41:42.0662 3172 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:41:42.0684 3172 SCardSvr - ok 17:41:42.0686 3172 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 17:41:42.0722 3172 scfilter - ok 17:41:42.0756 3172 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 17:41:42.0784 3172 Schedule - ok 17:41:42.0806 3172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 17:41:42.0826 3172 SCPolicySvc - ok 17:41:42.0869 3172 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys 17:41:42.0874 3172 ScreamBAudioSvc - ok 17:41:42.0885 3172 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:41:42.0923 3172 SDRSVC - ok 17:41:42.0933 3172 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:41:42.0955 3172 secdrv - ok 17:41:42.0965 3172 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 17:41:42.0985 3172 seclogon - ok 17:41:42.0993 3172 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 17:41:43.0036 3172 SENS - ok 17:41:43.0052 3172 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 17:41:43.0080 3172 SensrSvc - ok 17:41:43.0096 3172 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 17:41:43.0122 3172 Serenum - ok 17:41:43.0156 3172 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 17:41:43.0180 3172 Serial - ok 17:41:43.0202 3172 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:41:43.0210 3172 sermouse - ok 17:41:43.0226 3172 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 17:41:43.0266 3172 SessionEnv - ok 17:41:43.0342 3172 [ ADDC96399ACDF3C4DD690C74B835082E ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys 17:41:43.0348 3172 sfdrv01a - ok 17:41:43.0361 3172 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:41:43.0369 3172 sffdisk - ok 17:41:43.0375 3172 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:41:43.0399 3172 sffp_mmc - ok 17:41:43.0414 3172 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:41:43.0422 3172 sffp_sd - ok 17:41:43.0449 3172 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys 17:41:43.0454 3172 sfhlp02 - ok 17:41:43.0470 3172 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 17:41:43.0477 3172 sfloppy - ok 17:41:43.0545 3172 [ 40CF333266E10137F805B8956FE19031 ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys 17:41:43.0550 3172 sfsync02 - ok 17:41:43.0575 3172 [ F3B72568A6FA36E5D63D30B8186D1C48 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys 17:41:43.0581 3172 sfvfs02 - ok 17:41:43.0610 3172 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:41:43.0646 3172 SharedAccess - ok 17:41:43.0667 3172 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:41:43.0690 3172 ShellHWDetection - ok 17:41:43.0706 3172 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 17:41:43.0712 3172 SiSRaid2 - ok 17:41:43.0718 3172 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:41:43.0724 3172 SiSRaid4 - ok 17:41:43.0899 3172 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 17:41:43.0934 3172 Skype C2C Service - ok 17:41:44.0002 3172 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 17:41:44.0007 3172 SkypeUpdate - ok 17:41:44.0038 3172 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:41:44.0060 3172 Smb - ok 17:41:44.0074 3172 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:41:44.0082 3172 SNMPTRAP - ok 17:41:44.0088 3172 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 17:41:44.0095 3172 spldr - ok 17:41:44.0122 3172 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 17:41:44.0147 3172 Spooler - ok 17:41:44.0212 3172 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 17:41:44.0256 3172 sppsvc - ok 17:41:44.0269 3172 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 17:41:44.0291 3172 sppuinotify - ok 17:41:44.0314 3172 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 17:41:44.0328 3172 srv - ok 17:41:44.0333 3172 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:41:44.0343 3172 srv2 - ok 17:41:44.0360 3172 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:41:44.0367 3172 srvnet - ok 17:41:44.0389 3172 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:41:44.0410 3172 SSDPSRV - ok 17:41:44.0428 3172 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:41:44.0450 3172 SstpSvc - ok 17:41:44.0494 3172 Steam Client Service - ok 17:41:44.0530 3172 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 17:41:44.0536 3172 stexstor - ok 17:41:44.0580 3172 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 17:41:44.0609 3172 stisvc - ok 17:41:44.0626 3172 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:41:44.0632 3172 swenum - ok 17:41:44.0646 3172 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 17:41:44.0671 3172 swprv - ok 17:41:44.0706 3172 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 17:41:44.0741 3172 SysMain - ok 17:41:44.0763 3172 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:41:44.0774 3172 TabletInputService - ok 17:41:44.0819 3172 [ A8D3F11BC8F37C3D7D026C3E1219B5AC ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 17:41:44.0824 3172 tap0901 - ok 17:41:44.0898 3172 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys 17:41:44.0903 3172 taphss6 - ok 17:41:44.0920 3172 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 17:41:44.0942 3172 TapiSrv - ok 17:41:44.0961 3172 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 17:41:44.0995 3172 TBS - ok 17:41:45.0077 3172 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:41:45.0104 3172 Tcpip - ok 17:41:45.0154 3172 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 17:41:45.0176 3172 TCPIP6 - ok 17:41:45.0220 3172 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:41:45.0227 3172 tcpipreg - ok 17:41:45.0240 3172 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:41:45.0260 3172 TDPIPE - ok 17:41:45.0294 3172 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:41:45.0300 3172 TDTCP - ok 17:41:45.0321 3172 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:41:45.0342 3172 tdx - ok 17:41:45.0483 3172 [ 33966A658FF37E0C65D46E59F37E2380 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 17:41:45.0521 3172 TeamViewer7 - ok 17:41:45.0539 3172 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:41:45.0547 3172 TermDD - ok 17:41:45.0561 3172 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 17:41:45.0586 3172 TermService - ok 17:41:45.0595 3172 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 17:41:45.0606 3172 Themes - ok 17:41:45.0635 3172 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 17:41:45.0656 3172 THREADORDER - ok 17:41:45.0663 3172 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 17:41:45.0701 3172 TrkWks - ok 17:41:45.0743 3172 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:41:45.0764 3172 TrustedInstaller - ok 17:41:45.0767 3172 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:41:45.0802 3172 tssecsrv - ok 17:41:45.0821 3172 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 17:41:45.0828 3172 TsUsbFlt - ok 17:41:45.0843 3172 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 17:41:45.0848 3172 TsUsbGD - ok 17:41:45.0875 3172 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:41:45.0918 3172 tunnel - ok 17:41:45.0921 3172 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:41:45.0927 3172 uagp35 - ok 17:41:45.0948 3172 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:41:45.0985 3172 udfs - ok 17:41:46.0009 3172 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:41:46.0017 3172 UI0Detect - ok 17:41:46.0031 3172 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:41:46.0037 3172 uliagpkx - ok 17:41:46.0067 3172 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:41:46.0075 3172 umbus - ok 17:41:46.0090 3172 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 17:41:46.0108 3172 UmPass - ok 17:41:46.0175 3172 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 17:41:46.0186 3172 UMVPFSrv - ok 17:41:46.0414 3172 [ 132211270F2E846C4CD1C7BEC980999A ] UpdaterService C:\ProgramData\UpdaterService\wsupdsvc.exe 17:41:46.0426 3172 UpdaterService - ok 17:41:46.0470 3172 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 17:41:46.0548 3172 upnphost - ok 17:41:46.0582 3172 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 17:41:46.0599 3172 USBAAPL64 - ok 17:41:46.0677 3172 [ 842B334B1F1FDF631F43AD70C3DB9401 ] USBADVAU C:\Windows\system32\drivers\cm11264.sys 17:41:46.0690 3172 USBADVAU - ok 17:41:46.0742 3172 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:41:46.0771 3172 usbaudio - ok 17:41:46.0803 3172 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:41:46.0821 3172 usbccgp - ok 17:41:46.0842 3172 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:41:46.0852 3172 usbcir - ok 17:41:46.0866 3172 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:41:46.0873 3172 usbehci - ok 17:41:46.0889 3172 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:41:46.0898 3172 usbhub - ok 17:41:46.0914 3172 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 17:41:46.0920 3172 usbohci - ok 17:41:46.0934 3172 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:41:46.0959 3172 usbprint - ok 17:41:47.0019 3172 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 17:41:47.0030 3172 usbscan - ok 17:41:47.0040 3172 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:41:47.0058 3172 USBSTOR - ok 17:41:47.0073 3172 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:41:47.0080 3172 usbuhci - ok 17:41:47.0121 3172 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:41:47.0142 3172 usbvideo - ok 17:41:47.0162 3172 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 17:41:47.0184 3172 UxSms - ok 17:41:47.0190 3172 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 17:41:47.0196 3172 VaultSvc - ok 17:41:47.0202 3172 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 17:41:47.0208 3172 vdrvroot - ok 17:41:47.0228 3172 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 17:41:47.0251 3172 vds - ok 17:41:47.0272 3172 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:41:47.0282 3172 vga - ok 17:41:47.0299 3172 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 17:41:47.0341 3172 VgaSave - ok 17:41:47.0345 3172 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 17:41:47.0352 3172 vhdmp - ok 17:41:47.0375 3172 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 17:41:47.0381 3172 viaide - ok 17:41:47.0391 3172 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:41:47.0397 3172 volmgr - ok 17:41:47.0403 3172 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:41:47.0411 3172 volmgrx - ok 17:41:47.0420 3172 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:41:47.0429 3172 volsnap - ok 17:41:47.0461 3172 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:41:47.0468 3172 vsmraid - ok 17:41:47.0504 3172 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 17:41:47.0554 3172 VSS - ok 17:41:47.0755 3172 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe 17:41:47.0777 3172 vToolbarUpdater15.3.0 - ok 17:41:47.0793 3172 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 17:41:47.0802 3172 vwifibus - ok 17:41:47.0815 3172 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 17:41:47.0839 3172 W32Time - ok 17:41:47.0906 3172 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 17:41:47.0931 3172 W3SVC - ok 17:41:47.0934 3172 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:41:47.0944 3172 WacomPen - ok 17:41:47.0980 3172 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 17:41:48.0004 3172 WANARP - ok 17:41:48.0010 3172 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:41:48.0031 3172 Wanarpv6 - ok 17:41:48.0069 3172 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 17:41:48.0079 3172 WAS - ok 17:41:48.0143 3172 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 17:41:48.0164 3172 WatAdminSvc - ok 17:41:48.0202 3172 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 17:41:48.0257 3172 wbengine - ok 17:41:48.0273 3172 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 17:41:48.0284 3172 WbioSrvc - ok 17:41:48.0296 3172 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:41:48.0309 3172 wcncsvc - ok 17:41:48.0320 3172 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:41:48.0352 3172 WcsPlugInService - ok 17:41:48.0357 3172 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 17:41:48.0362 3172 Wd - ok 17:41:48.0421 3172 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:41:48.0435 3172 Wdf01000 - ok 17:41:48.0444 3172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:41:48.0486 3172 WdiServiceHost - ok 17:41:48.0488 3172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:41:48.0499 3172 WdiSystemHost - ok 17:41:48.0626 3172 [ D75398987C968DCBABC411E08029E387 ] Web Assistant C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 17:41:48.0632 3172 Web Assistant - ok 17:41:48.0661 3172 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 17:41:48.0689 3172 WebClient - ok 17:41:48.0710 3172 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:41:48.0733 3172 Wecsvc - ok 17:41:48.0736 3172 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:41:48.0758 3172 wercplsupport - ok 17:41:48.0801 3172 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 17:41:48.0828 3172 WerSvc - ok 17:41:48.0841 3172 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 17:41:48.0861 3172 WfpLwf - ok 17:41:48.0877 3172 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 17:41:48.0883 3172 WIMMount - ok 17:41:48.0885 3172 WinDefend - ok 17:41:48.0901 3172 WinHttpAutoProxySvc - ok 17:41:48.0950 3172 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:41:48.0976 3172 Winmgmt - ok 17:41:49.0017 3172 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 17:41:49.0051 3172 WinRM - ok 17:41:49.0106 3172 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 17:41:49.0116 3172 WinUsb - ok 17:41:49.0152 3172 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 17:41:49.0185 3172 Wlansvc - ok 17:41:49.0327 3172 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:41:49.0352 3172 wlidsvc - ok 17:41:49.0374 3172 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 17:41:49.0381 3172 WmiAcpi - ok 17:41:49.0399 3172 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:41:49.0407 3172 wmiApSrv - ok 17:41:49.0418 3172 WMPNetworkSvc - ok 17:41:49.0431 3172 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:41:49.0476 3172 WPCSvc - ok 17:41:49.0484 3172 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:41:49.0504 3172 WPDBusEnum - ok 17:41:49.0509 3172 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:41:49.0529 3172 ws2ifsl - ok 17:41:49.0544 3172 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 17:41:49.0572 3172 wscsvc - ok 17:41:49.0574 3172 WSearch - ok 17:41:49.0636 3172 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 17:41:49.0668 3172 wuauserv - ok 17:41:49.0706 3172 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 17:41:49.0744 3172 WudfPf - ok 17:41:49.0762 3172 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:41:49.0783 3172 WUDFRd - ok 17:41:49.0825 3172 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:41:49.0833 3172 wudfsvc - ok 17:41:49.0885 3172 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 17:41:49.0902 3172 WwanSvc - ok 17:41:49.0995 3172 X6va005 - ok 17:41:49.0998 3172 X6va007 - ok 17:41:50.0049 3172 X6va008 - ok 17:41:50.0070 3172 X6va011 - ok 17:41:50.0241 3172 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys 17:41:50.0249 3172 xusb21 - ok 17:41:50.0299 3172 ================ Scan global =============================== 17:41:50.0324 3172 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 17:41:50.0361 3172 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 17:41:50.0366 3172 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 17:41:50.0388 3172 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 17:41:50.0416 3172 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 17:41:50.0418 3172 [Global] - ok 17:41:50.0418 3172 ================ Scan MBR ================================== 17:41:50.0425 3172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 17:41:50.0815 3172 \Device\Harddisk1\DR1 - ok 17:41:50.0841 3172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:41:51.0064 3172 \Device\Harddisk0\DR0 - ok 17:41:51.0064 3172 ================ Scan VBR ================================== 17:41:51.0066 3172 [ 74EA8E215644328808A79F2CB4F34E0A ] \Device\Harddisk1\DR1\Partition1 17:41:51.0067 3172 \Device\Harddisk1\DR1\Partition1 - ok 17:41:51.0085 3172 [ DDDFC02514361CCB400D4508D96A46A2 ] \Device\Harddisk1\DR1\Partition2 17:41:51.0086 3172 \Device\Harddisk1\DR1\Partition2 - ok 17:41:51.0088 3172 [ 21D4D00033C20136BBDA3A1B6ADDE339 ] \Device\Harddisk0\DR0\Partition1 17:41:51.0088 3172 \Device\Harddisk0\DR0\Partition1 - ok 17:41:51.0116 3172 [ B5436618091499C20D11128DC5226D4F ] \Device\Harddisk0\DR0\Partition2 17:41:51.0117 3172 \Device\Harddisk0\DR0\Partition2 - ok 17:41:51.0117 3172 ============================================================ 17:41:51.0117 3172 Scan finished 17:41:51.0117 3172 ============================================================ 17:41:51.0145 4656 Detected object count: 10 17:41:51.0145 4656 Actual detected object count: 10 17:42:10.0382 4656 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 17:42:10.0382 4656 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 17:42:10.0383 4656 BEService ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0383 4656 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0384 4656 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0384 4656 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0385 4656 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0385 4656 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0385 4656 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0385 4656 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0386 4656 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0386 4656 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0387 4656 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0387 4656 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0387 4656 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0388 4656 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0388 4656 nlsvc ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0388 4656 nlsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:10.0389 4656 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:10.0389 4656 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:47.0715 6320 Deinitialize success |
06.07.2013, 16:48 | #12 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 17:10 | #13 |
| Firefox ungewollte umleitungen auf verdächtige Seiten Combofix Logfile: Code:
ATTFilter ComboFix 13-07-06.03 - nutzer 06.07.2013 17:55:41.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8173.4888 [GMT 2:00] ausgeführt von:: c:\users\nutzer\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: IObit Malware Fighter *Disabled/Outdated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Incredibar.com c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe c:\programdata\0E41B8054F.sys c:\programdata\MAgniiPPic c:\programdata\MAgniiPPic\51d735509cf7c.dll c:\programdata\MAgniiPPic\51d735509cf7c.tlb c:\programdata\MAgniiPPic\settings.ini c:\programdata\MAgniiPPic\uninstall.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\MAgniiPPic c:\programdata\Microsoft\Windows\Start Menu\Programs\MAgniiPPic\MAgniiPPic.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\MAgniiPPic\Uninstall.lnk c:\users\nutzer\AppData\Local\TempDIR c:\users\nutzer\AppData\Local\TempDIR\BetterInstaller.exe c:\users\nutzer\AppData\Roaming\AcroIEHelpe.txt c:\users\nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato c:\users\nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk c:\users\nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk c:\users\nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\chrome.manifest c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\funmoods.css c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\funmoods.xul c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\images\pref.jpg c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\arwDwn.gif c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ae.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\bg.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ch.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cn.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cz.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\de.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\eg.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\en.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\es.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\fr.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\gr.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\he.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\il.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\it.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ja.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\jp.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\nl.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\no.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pl.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pt.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ro.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ru.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sa.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\se.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sv.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\tr.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ua.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\us.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\help_16.gif c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\home.gif c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\logo.png c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\privecy_16_hot.gif c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\imgs\tellafriend.gif c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\loader.xul c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\mtstart.js c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\preferences.xul c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\content\tmplt.js c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\install.rdf c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@funmoods.com\META-INF\manifest.mf c:\users\nutzer\AppData\Roaming\srvblck2.tmp c:\users\nutzer\AppData\Roaming\srvblck5.tmp c:\users\Public\AlexaNSISPlugin.5096.dll c:\windows\Downloaded Program Files\IDropPTB.dll c:\windows\IsUn0407.exe c:\windows\SysWow64\frapsvid.dll c:\windows\SysWow64\tmp8EB9.tmp c:\windows\SysWow64\tmp8EC9.tmp c:\windows\SysWow64\tmpA9D5.tmp c:\windows\SysWow64\tmpA9D6.tmp . . ((((((((((((((((((((((( Dateien erstellt von 2013-06-06 bis 2013-07-06 )))))))))))))))))))))))))))))) . . 2013-07-06 16:05 . 2013-07-06 16:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-07-06 16:05 . 2013-07-06 16:05 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2013-07-06 10:53 . 2013-07-06 10:53 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF26B285-D16A-4C88-9BE1-16A834EF2CFE}\offreg.dll 2013-07-06 08:16 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF26B285-D16A-4C88-9BE1-16A834EF2CFE}\mpengine.dll 2013-07-05 20:13 . 2013-07-05 20:13 -------- d-----w- c:\program files (x86)\PrivitizeVPN 2013-07-05 20:13 . 2013-07-05 20:13 -------- d-----w- c:\program files (x86)\hosts 2013-07-05 20:13 . 2013-07-05 20:13 -------- d-----w- c:\programdata\StarApp 2013-07-05 20:13 . 2013-07-05 20:13 -------- d-----w- c:\program files (x86)\MagniPic 2013-07-05 20:12 . 2013-07-05 20:12 -------- d-----w- c:\program files (x86)\Industriya 2013-07-05 20:12 . 2013-07-05 20:12 -------- d-----w- c:\users\nutzer\AppData\Roaming\Industriya 2013-07-05 11:21 . 2013-07-05 11:21 -------- d-----w- c:\users\nutzer\AppData\Roaming\Rogue Legacy 2013-07-05 07:39 . 2013-07-05 07:39 -------- d-----w- c:\users\nutzer\AppData\Local\Solid State Networks 2013-07-05 07:39 . 2013-07-05 07:39 -------- d-----w- c:\program files (x86)\MeteorEntertainment 2013-07-05 07:33 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-07-04 16:01 . 2013-07-04 16:01 -------- d-----w- c:\users\nutzer\paros 2013-07-04 16:01 . 2013-07-04 16:01 -------- d-----w- c:\program files (x86)\Paros 2013-07-02 14:16 . 2013-07-02 14:16 -------- d-----w- c:\program files (x86)\Resource Hacker 2013-06-30 18:24 . 2013-06-30 18:24 -------- d-----w- c:\users\nutzer\AppData\Local\libimobiledevice 2013-06-30 18:10 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll 2013-06-30 18:10 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll 2013-06-30 18:10 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll 2013-06-30 18:10 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll 2013-06-30 18:10 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll 2013-06-30 18:10 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll 2013-06-30 18:10 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll 2013-06-30 18:10 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe 2013-06-30 18:10 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll 2013-06-30 18:10 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll 2013-06-30 18:10 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll 2013-06-30 18:10 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe 2013-06-29 14:37 . 2013-06-30 00:07 327680 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin 2013-06-29 14:35 . 2013-06-29 14:35 -------- d-----w- c:\windows\SysWow64\BestPractices 2013-06-29 14:35 . 2013-06-29 14:35 -------- d-----w- c:\windows\system32\BestPractices 2013-06-29 14:35 . 2013-06-29 14:35 -------- d-----w- C:\inetpub 2013-06-28 18:01 . 2013-06-28 18:01 -------- d-----w- c:\users\nutzer\AppData\Local\Mojang 2013-06-28 14:27 . 2013-06-28 14:27 -------- d-----w- c:\users\nutzer\AppData\Roaming\MinMaxGames 2013-06-28 13:35 . 2013-06-28 13:35 -------- d-----w- c:\program files (x86)\Reincubate 2013-06-28 11:06 . 2013-06-28 11:16 -------- d-----w- c:\users\nutzer\AppData\Roaming\iFunbox_UserCache 2013-06-28 11:06 . 2013-06-28 11:06 -------- d-----w- c:\program files (x86)\i-Funbox DevTeam 2013-06-26 12:26 . 2013-06-18 14:22 263576 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2013-06-25 13:43 . 2013-06-25 13:43 -------- d-----w- c:\users\nutzer\AppData\Roaming\pWE7XS0zFHKcFf 2013-06-24 19:47 . 2013-06-24 19:47 -------- d-----w- c:\program files (x86)\PicoZipRT 2013-06-24 19:33 . 2013-06-24 19:33 -------- d-----w- c:\program files (x86)\Elcomsoft 2013-06-24 19:33 . 2013-06-24 19:33 -------- d-----w- c:\program files (x86)\Elcomsoft Password Recovery 2013-06-24 19:33 . 2013-06-24 19:33 -------- d-----w- c:\programdata\Elcomsoft Password Recovery 2013-06-23 13:38 . 2013-06-23 13:39 -------- d-----w- C:\AntMe 2013-06-21 21:17 . 2013-06-21 21:16 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BA08EC1-809F-43C1-BCB4-798F5B2F14A9}\gapaengine.dll 2013-06-20 18:42 . 2013-06-20 18:42 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-06-20 18:42 . 2013-06-12 19:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-19 11:53 . 2013-06-19 11:54 -------- d-----w- c:\users\nutzer\AppData\Roaming\PlayClaw3 2013-06-19 11:53 . 2012-06-22 06:29 110080 ----a-w- c:\windows\system32\tmb1-v64.dll 2013-06-19 11:53 . 2012-06-22 06:29 123392 ----a-w- c:\windows\SysWow64\tmb1-v32.dll 2013-06-19 11:52 . 2013-06-19 11:53 -------- d-----w- c:\program files (x86)\PlayClaw3 2013-06-16 18:14 . 2013-06-17 13:55 -------- d-----w- c:\program files (x86)\World of Warcraft 2013-06-16 18:13 . 2013-06-16 18:13 -------- d-----w- c:\programdata\Battle.net 2013-06-15 13:23 . 2013-06-15 20:02 -------- d-----w- c:\program files (x86)\Sauerbraten 2013-06-14 20:52 . 2013-06-15 18:06 -------- d-----w- c:\programdata\boost_interprocess 2013-06-14 20:37 . 2013-06-14 20:37 -------- d-----w- c:\users\nutzer\AppData\Local\Dxtory Software 2013-06-14 20:37 . 2013-02-15 20:44 8300544 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll 2013-06-14 20:37 . 2013-02-15 20:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll 2013-06-14 20:37 . 2013-06-14 20:37 -------- d-----w- c:\program files (x86)\Dxtory Software 2013-06-14 16:16 . 2013-06-14 16:16 -------- d-----w- c:\program files (x86)\IObit Toolbar 2013-06-14 16:16 . 2013-06-14 16:16 -------- d-----w- c:\program files (x86)\Application Updater 2013-06-14 16:16 . 2013-06-14 16:16 -------- d-----w- c:\program files (x86)\Common Files\Spigot 2013-06-14 12:44 . 2013-06-14 13:00 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2013-06-14 12:44 . 2013-06-14 13:01 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2013-06-14 12:44 . 2013-06-14 13:00 -------- d-----w- c:\users\nutzer\AppData\Roaming\DVDVideoSoft 2013-06-13 18:25 . 2013-07-06 15:50 -------- d-----w- c:\users\nutzer\AppData\Local\CrashDumps 2013-06-13 18:21 . 2013-06-13 18:21 -------- d-----w- c:\users\nutzer\AppData\Roaming\TechSmith 2013-06-12 18:29 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-06-12 17:06 . 2013-06-12 17:06 -------- d-----w- c:\users\nutzer\AppData\Roaming\com.radialgames.MonsterLovesYou 2013-06-11 13:51 . 2013-06-10 23:02 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe 2013-06-11 13:51 . 2013-06-11 13:51 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2013-06-07 12:06 . 2013-06-07 12:06 -------- d-----w- c:\users\nutzer\AppData\Local\My Games . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-02 13:50 . 2012-05-16 13:27 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2013-07-02 13:50 . 2012-05-21 14:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2013-06-28 10:56 . 2012-05-21 14:33 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2013-06-28 10:56 . 2012-05-16 13:27 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2013-06-26 14:51 . 2012-09-16 13:25 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-06-16 17:41 . 2011-12-27 11:00 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-06-16 17:41 . 2011-12-26 22:20 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-06-15 09:42 . 2011-12-26 22:20 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-06-13 17:38 . 2012-04-04 08:17 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-06-13 17:38 . 2011-10-24 05:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-13 16:16 . 2012-05-16 13:27 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-06-12 20:23 . 2011-10-18 12:22 75825640 ----a-w- c:\windows\system32\MRT.exe 2013-06-12 19:48 . 2012-05-07 15:13 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2013-06-12 19:48 . 2011-10-24 11:59 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-06-11 14:18 . 2011-12-26 22:20 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-05-23 12:12 . 2013-05-23 12:12 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-05-23 12:12 . 2013-05-23 12:12 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-05-23 12:12 . 2013-05-23 12:12 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-05-23 12:12 . 2013-05-23 12:12 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-05-23 12:12 . 2013-05-23 12:12 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-05-23 12:12 . 2013-05-23 12:12 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-05-23 12:12 . 2013-05-23 12:12 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-05-23 12:12 . 2013-05-23 12:12 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-05-23 12:12 . 2013-05-23 12:12 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-05-23 12:12 . 2013-05-23 12:12 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-05-23 12:12 . 2013-05-23 12:12 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-05-23 12:12 . 2013-05-23 12:12 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-05-23 12:12 . 2013-05-23 12:12 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-05-23 12:12 . 2013-05-23 12:12 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-05-23 12:12 . 2013-05-23 12:12 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-05-23 12:12 . 2013-05-23 12:12 81408 ----a-w- c:\windows\system32\icardie.dll 2013-05-23 12:12 . 2013-05-23 12:12 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-05-23 12:12 . 2013-05-23 12:12 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-05-23 12:12 . 2013-05-23 12:12 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-05-23 12:12 . 2013-05-23 12:12 441856 ----a-w- c:\windows\system32\html.iec 2013-05-23 12:12 . 2013-05-23 12:12 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-05-23 12:12 . 2013-05-23 12:12 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-05-23 12:12 . 2013-05-23 12:12 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-05-23 12:12 . 2013-05-23 12:12 235008 ----a-w- c:\windows\system32\url.dll 2013-05-23 12:12 . 2013-05-23 12:12 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-05-23 12:12 . 2013-05-23 12:12 216064 ----a-w- c:\windows\system32\msls31.dll 2013-05-23 12:12 . 2013-05-23 12:12 197120 ----a-w- c:\windows\system32\msrating.dll 2013-05-23 12:12 . 2013-05-23 12:12 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-23 12:12 . 2013-05-23 12:12 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-05-23 12:12 . 2013-05-23 12:12 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-05-23 12:12 . 2013-05-23 12:12 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-05-23 12:12 . 2013-05-23 12:12 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-05-23 12:12 . 2013-05-23 12:12 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-05-23 12:12 . 2013-05-23 12:12 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-05-23 12:12 . 2013-05-23 12:12 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-05-23 12:12 . 2013-05-23 12:12 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-05-23 12:12 . 2013-05-23 12:12 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-05-23 12:12 . 2013-05-23 12:12 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-05-23 12:12 . 2013-05-23 12:12 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-05-23 12:12 . 2013-05-23 12:12 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-23 12:12 . 2013-05-23 12:12 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-05-23 12:12 . 2013-05-23 12:12 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-05-23 12:12 . 2013-05-23 12:12 149504 ----a-w- c:\windows\system32\occache.dll 2013-05-23 12:12 . 2013-05-23 12:12 144896 ----a-w- c:\windows\system32\wextract.exe 2013-05-23 12:12 . 2013-05-23 12:12 13824 ----a-w- c:\windows\system32\mshta.exe 2013-05-23 12:12 . 2013-05-23 12:12 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-05-23 12:12 . 2013-05-23 12:12 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-05-23 12:12 . 2013-05-23 12:12 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-05-23 12:12 . 2013-05-23 12:12 102912 ----a-w- c:\windows\system32\inseng.dll 2013-05-23 12:09 . 2013-05-23 12:09 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-23 12:09 . 2013-05-23 12:09 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-05-23 12:09 . 2013-05-23 12:09 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-05-23 12:09 . 2013-05-23 12:09 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-05-23 12:09 . 2013-05-23 12:09 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-05-23 12:09 . 2013-05-23 12:09 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-05-23 12:09 . 2013-05-23 12:09 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-05-23 12:09 . 2013-05-23 12:09 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-05-23 12:09 . 2013-05-23 12:09 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-05-23 12:09 . 2013-05-23 12:09 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-05-23 12:09 . 2013-05-23 12:09 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-05-23 12:09 . 2013-05-23 12:09 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-05-23 12:09 . 2013-05-23 12:09 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-05-23 12:09 . 2013-05-23 12:09 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2013-05-23 12:09 . 2013-05-23 12:09 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-05-23 12:09 . 2013-05-23 12:09 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-05-23 12:09 . 2013-05-23 12:09 1682432 ----a-w- c:\windows\system32\XpsPrint.dll 2013-05-23 12:09 . 2013-05-23 12:09 1643520 ----a-w- c:\windows\system32\DWrite.dll 2013-05-23 12:09 . 2013-05-23 12:09 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuz2.dll" [2011-05-09 176936] "{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}] 2013-06-07 16:28 1353536 ----a-w- c:\program files (x86)\IObit Toolbar\IE\7.2\iobitToolbarIE.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] 2013-07-05 20:13 748032 ----a-w- c:\program files (x86)\hosts\hosts-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}] 2013-03-25 15:14 251288 ----a-w- c:\program files (x86)\Industriya\privitize\1.8.16.22\bh\privitize.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2013-06-26 14:51 3055280 ----a-w- c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] 2013-05-20 10:02 295832 ----a-w- c:\program files (x86)\Delta\delta\1.8.21.5\bh\delta.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}] 2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll" [2011-05-09 176936] "{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll" [2013-05-20 284056] "{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}"= "c:\program files (x86)\IObit Toolbar\IE\7.2\iobitToolbarIE.dll" [2013-06-07 1353536] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll" [2013-06-26 3055280] . [HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}] . [HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}] [HKEY_CLASSES_ROOT\delta.deltadskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\delta.deltadskBnd] . [HKEY_CLASSES_ROOT\clsid\{0bda0769-fd72-49f4-9266-e1fb004f4d8f}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-03 1671592] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "SPEEDLINK KUDOS"="c:\program files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe" [2012-02-06 1470464] "SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-06-07 1302336] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "DeleteEngineAfterUpdate"="reg DELETE HKCU\Software\AppDataLow\Software\ConduitEngine" [X] . c:\users\nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Security Essentials.lnk - c:\program files\Microsoft Security Client\msseces.exe [2013-1-27 1281512] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux7"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x] R3 dump_wmimmc;dump_wmimmc;c:\aeriagames\Wolfteam-DE\GameGuard\dump_wmimmc.sys;c:\aeriagames\Wolfteam-DE\GameGuard\dump_wmimmc.sys [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 MPEVirtual;TeViiData Network Adapter Driver;c:\windows\system32\DRIVERS\TeViiData64.sys;c:\windows\SYSNATIVE\DRIVERS\TeViiData64.sys [x] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 X6va005;X6va005;c:\users\nutzer\AppData\Local\Temp\00591A0.tmp;c:\users\nutzer\AppData\Local\Temp\00591A0.tmp [x] R3 X6va007;X6va007;c:\users\nutzer\AppData\Local\Temp\007BBDA.tmp;c:\users\nutzer\AppData\Local\Temp\007BBDA.tmp [x] R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x] R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x] R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x] S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys;c:\windows\SYSNATIVE\drivers\sfdrv01a.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x] S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x] S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x] S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x] S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x] S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S2 UpdaterService;WhiteSmoke Updater Service;c:\programdata\UpdaterService\wsupdsvc.exe;c:\programdata\UpdaterService\wsupdsvc.exe [x] S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x] S2 Web Assistant;Web Assistant;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SAllBDA;TeVii DVB-S/S2 Receiver;c:\windows\system32\Drivers\TeViiS2.sys;c:\windows\SYSNATIVE\Drivers\TeViiS2.sys [x] S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x] S3 USBADVAU;Sennheiser 3D G4ME1 Interface;c:\windows\system32\drivers\cm11264.sys;c:\windows\SYSNATIVE\drivers\cm11264.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - 00969564 *NewlyCreated* - 35953878 *NewlyCreated* - 45991555 *Deregistered* - 00969564 *Deregistered* - 35953878 *Deregistered* - 45991555 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-20 22:26 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:38] . 2013-02-28 c:\windows\Tasks\DGChrome21099 Watcher.job - c:\program files\Web Assistant\DGChrome.exe [2013-02-28 08:51] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-29 13:48] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-29 13:48] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2087355569-1678231640-1909434344-1000Core.job - c:\users\nutzer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-15 21:11] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2087355569-1678231640-1909434344-1000UA.job - c:\users\nutzer\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-15 21:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "3DG4me"="c:\windows\System\3DG4me.exe" [2010-04-23 126976] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-25 12681320] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://searchou.com/?id=60d60ef1000000000000c860005a0dbf mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.2.1 Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll FF - ProfilePath - c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Search The Web (privitize) FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/feed/subscriptions FF - prefs.js: keyword.URL - hxxp://searchou.com/?q={searchTerms}&id=60d60ef1000000000000c860005a0dbf FF - ExtSQL: 2013-05-28 15:02; iobit@mybrowserbar.com; c:\program files (x86)\IObit Toolbar\FF FF - ExtSQL: 2013-06-14 14:45; ffxtlbr@delta.com; c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\ffxtlbr@delta.com FF - ExtSQL: 2013-07-04 17:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF - ExtSQL: 2013-07-05 22:13; 05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com; c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com FF - ExtSQL: 2013-07-05 23:06; epeiue@sjrjeoyfezg.edu; c:\users\nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\cyecpk5o.default\extensions\epeiue@sjrjeoyfezg.edu FF - ExtSQL: !HIDDEN! 2013-04-10 17:39; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - user.js: extensions.softonic_i.newTab - false FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.softonic_i.id - 60d60ef10000000000000019214bf858 FF - user.js: extensions.softonic_i.instlDay - 15374 FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5 FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.521:02 FF - user.js: extensions.softonic_i.prtnrId - softonic FF - user.js: extensions.softonic_i.prdct - softonic FF - user.js: extensions.softonic_i.aflt - SD FF - user.js: extensions.softonic_i.smplGrp - eng7 FF - user.js: extensions.softonic_i.tlbrId - de12JANdefault FF - user.js: extensions.softonic_i.instlRef - MON00015 FF - user.js: extensions.softonic_i.dfltLng - de FF - user.js: extensions.softonic_i.excTlbr - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109986 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 60d60ef10000000000000019214bf858 FF - user.js: extensions.BabylonToolbar_i.hardId - 60d60ef10000000000000019214bf858 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15434 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:20 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyFdwzV9W&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 60d60ef1000000000000c860005a0dbf FF - user.js: extensions.incredibar_i.instlDay - 15508 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1413:14 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyFdwzV9W FF - user.js: extensions.incredibar_i.upn2n - 92261600654226900 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10665 FF - user.js: extensions.incredibar_i.ppd - FF - user.js: extentions.y2layers.installId - b2661b17-1332-487e-9517-c37fedaf4aa1 FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,buzzdock,YontooNewOffers FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyD0AtD0D0B0FtD0E0FtCtN0D0Tzu0CtAtCyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1265018073 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyD0AtD0D0B0FtD0E0FtCtN0D0Tzu0CtAtCyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1265018073 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyD0AtD0D0B0FtD0E0FtCtN0D0Tzu0CtAtCyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1265018073&q= FF - user.js: extensions.funmoods.id - C860005A0DBF0EF1 FF - user.js: extensions.funmoods.instlDay - 15655 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2218:40 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - download FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - download FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 60d60ef1000000000000c860005a0dbf FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15870 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.515:01 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=121562 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false FF - user.js: extensions.privitize.hpOld0 - hxxp://www.youtube.com/feed/subscriptions FF - user.js: extensions.privitize.tlbrSrchUrl - hxxp://searchou.com/?id=60d60ef1000000000000c860005a0dbf&q= FF - user.js: extensions.privitize.id - 60d60ef1000000000000c860005a0dbf FF - user.js: extensions.privitize.appId - {301966DF-A84B-4255-AAB9-574B5CE237E4} FF - user.js: extensions.privitize.instlDay - 15891 FF - user.js: extensions.privitize.vrsn - 1.8.16.22 FF - user.js: extensions.privitize.vrsni - 1.8.16.22 FF - user.js: extensions.privitize.vrsnTs - 1.8.16.2222:12 FF - user.js: extensions.privitize.prtnrId - privitize FF - user.js: extensions.privitize.prdct - privitize FF - user.js: extensions.privitize.aflt - orgnl FF - user.js: extensions.privitize.smplGrp - none FF - user.js: extensions.privitize.tlbrId - base FF - user.js: extensions.privitize.instlRef - FF - user.js: extensions.privitize.dfltLng - FF - user.js: extensions.privitize.excTlbr - true FF - user.js: extensions.privitize.ffxUnstlRst - false FF - user.js: extensions.privitize.admin - false FF - user.js: extensions.privitize.autoRvrt - false FF - user.js: extensions.privitize.rvrt - false FF - user.js: extensions.privitize.hmpg - true FF - user.js: extensions.privitize.hmpgUrl - hxxp://searchou.com/?id=60d60ef1000000000000c860005a0dbf FF - user.js: extensions.privitize.dfltSrch - true FF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize) FF - user.js: extensions.privitize.kw_url - hxxp://searchou.com/?q={searchTerms}&id=60d60ef1000000000000c860005a0dbf FF - user.js: extensions.privitize.dnsErr - true FF - user.js: extensions.privitize.newTab - true FF - user.js: extensions.privitize.newTabUrl - hxxp://searchou.com/?id=60d60ef1000000000000c860005a0dbf . - - - - Entfernte verwaiste Registrierungseinträge - - - - . URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file) BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file) BHO-{AC19415C-03A7-3530-B1AA-1A5BF8AEB6C0} - c:\programdata\MAgniiPPic\51d735509cf7c.dll Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - (no file) BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file) WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file) HKLM-Run-TeViiRC - c:\windows\TeViiRC.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Amazon Browser Bar - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.Uninstall.exe AddRemove-Audacity_is1 - c:\program files (x86)\Audacity\unins000.exe AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe AddRemove-bi_uninstaller - c:\users\nutzer\Local Settings\Application Data\Bundled software uninstaller\biclient.exe AddRemove-Blockscape_is1 - c:\program files (x86)\Blockscape\unins000.exe AddRemove-BrickForce - c:\brickforce\uninst.exe AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe AddRemove-ChatZum Toolbar - c:\program files (x86)\ChatZum Toolbar\tbunsc8E80.tmp\uninstaller.exe AddRemove-Death Road - c:\program files (x86)\Death Road\uninstall.exe AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe AddRemove-FakeVoice7_is1 - c:\program files (x86)\Fake Voice 7.0\7.0.0.0\unins000.exe AddRemove-Florensia - c:\florensia\Netts\uninst.exe AddRemove-funmoods - c:\program files (x86)\Funmoods\1.5.23.22\uninstall.exe AddRemove-Goldgräber - c:\program files (x86)\Goldgraeber\dhuninstall.exe AddRemove-Grotesque-Tactics - c:\program files (x86)\Silent Dreams\Grotesque-Tactics\Uninstall.exe AddRemove-IMBoosterARP - c:\program files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe AddRemove-InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E} - c:\program files (x86)\InstallShield Installation Information\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}\setup.exe AddRemove-Phun_is1 - c:\program files (x86)\Algodoo Phun Edition\unins000.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe AddRemove-RewardsArcade - c:\program files (x86)\RewardsArcade\Uninstall.exe AddRemove-RocketDock_is1 - c:\program files (x86)\RocketDock\unins000.exe AddRemove-Sauerbraten - c:\program files (x86)\Sauerbraten2\uninstall.exe AddRemove-Steamless Counter Strike Source Pack - c:\program files (x86)\Steamless CounterStrikeSource Pack\uninstall.exe AddRemove-Sumotori Dreams - c:\program files (x86)\gravitysensation.com\sumotori_demo\Uninstall.exe AddRemove-Sumotori Full Version - c:\program files (x86)\gravitysensation.com\Sumotori_Full\Uninstall.exe AddRemove-Sven - Die ersten 10 Jahre - c:\program files (x86)\Sven - Die ersten 10 Jahre\de-S10J\uninst.exe AddRemove-The Mighty Quest For Epic Loot_is1 - c:\program files\The Mighty Quest For Epic Loot\LauncherData\unins000.exe AddRemove-TmSunrise_is1 - c:\program files (x86)\TrackMania Sunrise\unins000.exe AddRemove-WinGimp-2.0_is1 - c:\program files (x86)\GIMP-2.0\setup\unins000.exe AddRemove-WolfTeam-DE - c:\aeriagames\Wolfteam-DE\Uninst.exe AddRemove-{1FFD5753-5BED-40C2-B6B3-1195AE362C68}_is1 - c:\program files (x86)\Operation Ragdoll\unins000.exe AddRemove-{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1 - c:\program files (x86)\Minecraft Note Block Studio\unins000.exe AddRemove-{EB03EF39-C655-D560-FA95-79182B837D64} - c:\programdata\MAgniiPPic\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\nutzer\AppData\Local\Temp\00591A0.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007] "ImagePath"="\??\c:\users\nutzer\AppData\Local\Temp\007BBDA.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:61,8e,6c,d6,4f,9e,cc,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ad,30,ac,54,7c,73,6b,46,b4,e0,7b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ad,30,ac,54,7c,73,6b,46,b4,e0,7b,\ . [HKEY_USERS\S-1-5-21-2087355569-1678231640-1909434344-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:74,7a,39,36,80,5c,6c,d7,11,d8,17,87,b9,47,af,70,7f,1d,c1,ab,57,c5,f6, 29,63,79,84,a0,ce,c9,7b,6e,dc,f9,72,c7,be,ca,a8,6b,0a,cc,73,f6,53,8d,c1,2c,\ "??"=hex:a1,8c,fa,d2,d2,6f,30,d4,26,a5,35,0c,e8,5c,51,33 . [HKEY_USERS\S-1-5-21-2087355569-1678231640-1909434344-1000\Software\SecuROM\License information*] "datasecu"=hex:28,41,73,07,2e,c5,c9,e8,f4,f7,2f,07,8b,d8,a8,d6,e5,a9,d1,11,07, 79,fc,94,da,d7,27,85,1f,cb,30,e4,b7,32,d6,5f,ab,68,38,1b,d3,5a,7e,9d,ef,45,\ "rkeysecu"=hex:f9,1e,dc,0d,6c,ec,41,b7,22,e9,2a,96,f8,50,7e,45 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\0a\00\1e\0a\1b\18?" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2013-07-06 18:07:22 ComboFix-quarantined-files.txt 2013-07-06 16:07 . Vor Suchlauf: 21 Verzeichnis(se), 374.100.623.360 Bytes frei Nach Suchlauf: 25 Verzeichnis(se), 381.947.359.232 Bytes frei . - - End Of File - - 3B582AC878BB4369B727D8C0556ED700 A36C5E4F47E84449FF07ED3517B43A31 Es gab keine Fehlermeldungen |
06.07.2013, 17:22 | #14 |
/// Malware-holic | Firefox ungewollte umleitungen auf verdächtige Seiten Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.07.2013, 22:11 | #15 |
| Firefox ungewollte umleitungen auf verdächtige SeitenCode:
ATTFilter Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 775111 Laufzeit: 2 Stunde(n), 20 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 2 C:\ProgramData\UpdaterService\wsupdsvc.exe (PUP.BundleInstaller.IB) -> 2480 -> Keine Aktion durchgeführt. C:\ProgramData\UpdaterService\wsupdsvc.exe (PUP.BundleInstaller.IB) -> 2524 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 47 HKLM\SYSTEM\CurrentControlSet\Services\UpdaterService (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke Updater Service (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt. HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Keine Aktion durchgeführt. HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{BE711972-8B0A-4B0B-A1B9-0769A74B225D} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\privitize.privitizeappCore.1 (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\privitize.privitizeappCore (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\f (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} (PUP.FunMoods) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6764C5ED-CEE4-42ae-8F31-23F02A3A661F} (Trojan.Agent) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor (Adware.Agent) -> Keine Aktion durchgeführt. HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt. HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt. HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 3 HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt. HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt. HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 7 C:\Users\nutzer\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\Local\RewardsArcade\Chrome (PUP.RewardsArcade) -> Keine Aktion durchgeführt. C:\Users\Administrator\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\Administrator\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Keine Aktion durchgeführt. Infizierte Dateien: 98 C:\ProgramData\UpdaterService\wsupdsvc.exe (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Industriya\privitize\1.8.16.22\privitizeApp.dll (PUP.Funmoods) -> Keine Aktion durchgeführt. C:\myTeVii\MyTheatre.exe (VirTool.Vbcrypt) -> Keine Aktion durchgeführt. C:\myTeVii\LNB2\MyTheatre.exe (VirTool.Vbcrypt) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Download-Version\Protein\Berdi.exe (PUP.Hacktool.Patcher) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Uncompressor\Uninstall\Uninstall.exe (Adware.Agent) -> Keine Aktion durchgeführt. C:\ProgramData\Premium\MagniPic\MagniPic.exe (Trojan.Startpage) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\Downloads\ADLSoft_UnCompressor.exe (Adware.Agent) -> Keine Aktion durchgeführt. C:\Users\nutzer\Downloads\SoftonicDownloader_for_daemon-tools.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\Local\funmoods.crx (PUP.Funmoods) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\Local\funmoods-speeddial_sf.crx (PUP.FunMoods) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\Local\RewardsArcade\Chrome\RewardsArcade.crx (PUP.RewardsArcade) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71_2.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\1b56f16ed9915e2ddbdc7e781b9b40c4 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\1b56f16ed9915e2ddbdc7e781b9b40c4_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\21d2bb231d3c04f5b6434220b2b1cb9e (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\21d2bb231d3c04f5b6434220b2b1cb9e_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\23d2c85d4900d7bc495fc376d471f66a (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\23d2c85d4900d7bc495fc376d471f66a_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\3b507b6d0186efd3615b9b9233c5f708 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\3b507b6d0186efd3615b9b9233c5f708_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\4c84596d3a88c66ad9d449a45c76dd89 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\4c84596d3a88c66ad9d449a45c76dd89_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\5d5c3541c8187f3a48d4f72f4374009c (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\5d5c3541c8187f3a48d4f72f4374009c_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\6a8ef73701ad78f92631ccabc37a9b58 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\6a8ef73701ad78f92631ccabc37a9b58_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\719f6985083c6f0c2a8fef7aa1f75d63 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\719f6985083c6f0c2a8fef7aa1f75d63_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\7e781915f58fe108a6af37bf82ba047b (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\7e781915f58fe108a6af37bf82ba047b_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\93aa59562815aa22d93923c7215ac7f1 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\93aa59562815aa22d93923c7215ac7f1_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\9dec145d2a2e788d627cf591d7d148b2 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\9dec145d2a2e788d627cf591d7d148b2_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\a9c80b28f0f53807d95af233fd1d668c (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\a9c80b28f0f53807d95af233fd1d668c_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bd75b259da6df295d57bcf03a94e1ba6 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bd75b259da6df295d57bcf03a94e1ba6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2 (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Keine Aktion durchgeführt. C:\Users\nutzer\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Keine Aktion durchgeführt. (Ende) |
Themen zu Firefox ungewollte umleitungen auf verdächtige Seiten |
adresse, adresszeile, automatisch, direkt, einfach, erneut, firefox, gen, heute, infos, klicke, klicken, link, links, lösung, neu, problem, seite, seiten, starten, startseite, umgeleitet, umleitungen, ungewollte, verdächtige |