| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Deal Finder auf amazon + stij.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.07.2013, 18:26
| #1 |
| |  Deal Finder auf amazon + stij.exe Hallo, vorhin und noch gestern war eine Verlinkungsapp namens Dealfinder auf meinem Win7 64bit PC. Hab dann gestern Kaspersky laufen lassen und 2 Trojaner gefunden und beseitigt. Danach, also heute morgen war Deal Finder immer noch oben. Es sucht noch billigere Angebote wenn ich auf amazon was suche etc. Jetzt ist es weg. Was kann das sein? Kennt das jemand? Und was ist stij.exe |
|
06.07.2013, 18:35
| #2 |
| /// Malware-holic   | Deal Finder auf amazon + stij.exe Hi wo sind die kaspersky Fundmeldungen, bittee Mit Pfadangabe als Text posten.
__________________danach: Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
08.07.2013, 20:55
| #3 |
| | Deal Finder auf amazon + stij.exe HierOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 08.07.2013 21:23:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HOME\Pictures\dwhelper\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,08 Gb Available Physical Memory | 76,95% Memory free 7,99 Gb Paging File | 6,47 Gb Available in Paging File | 80,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 189,23 Gb Free Space | 40,63% Space Free | Partition Type: NTFS Computer Name: HOME-PC | User Name: HOME | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.07 00:04:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HOME\Pictures\dwhelper\Downloads\OTL.exe PRC - [2013.02.28 16:46:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.11.11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011.10.06 14:20:10 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010.10.11 16:12:08 | 000,273,672 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe PRC - [2009.11.20 13:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE PRC - [2009.07.14 03:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe PRC - [2006.10.11 12:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe ========== Modules (No Company Name) ========== MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2010.05.07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2010.05.07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2010.05.07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2010.05.07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2010.05.07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.09.24 03:58:30 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.02.28 16:46:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.22 16:42:25 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe -- (MozillaMaintenance) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.06 14:20:10 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011.07.29 21:31:40 | 001,249,064 | ---- | M] () [On_Demand | Stopped] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.06.18 10:59:10 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2013.05.06 19:37:26 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.05.06 19:37:25 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.02.28 16:46:50 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2013.02.28 16:46:50 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.11.26 16:34:14 | 000,058,360 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\networx.sys -- (networx) DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012.01.18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.12.04 23:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD) DRV:64bit: - [2011.10.30 09:28:45 | 000,147,456 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv06.sys -- (acedrv06) DRV:64bit: - [2011.10.13 19:59:25 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.10.13 19:59:25 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.09.24 04:58:12 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2011.09.24 04:58:12 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.09.24 03:19:14 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009.12.02 09:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009.11.20 13:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2009.11.20 13:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.11.11 14:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008.11.11 14:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2008.11.11 14:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV - [2013.07.08 18:35:57 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011.12.04 23:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B AE 79 02 EC 5F CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{36CBBD56-F7EA-4118-9261-89159BF108A8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{6569B709-5D84-410f-A13D-7D8C48B9AFA7}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{87DD421F-0D44-4B07-9E94-C802EA68275E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=D215BFBC-4AB5-4797-802E-98A577EDFABC&apn_sauid=F7CFF0EB-506C-44D9-B3F6-5D300B32328E IE - HKCU\..\SearchScopes\{BFBDD277-4E14-45f9-A7D9-04B040738A7C}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68 FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.15 FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.9.1 FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.5.1 FF - prefs.js..extensions.enabledAddons: firefox@ghostery.com:2.9.6 FF - prefs.js..extensions.enabledAddons: {b9bfaf1c-a63f-47cd-8b9a-29526ced9060}:1.5.18 FF - prefs.js..network.proxy.backup.ftp: "218.189.88.190" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.socks: "218.189.88.190" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "218.189.88.190" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "118.123.242.103" FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.http: "118.123.242.103" FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "118.123.242.103" FF - prefs.js..network.proxy.socks_port: 80 FF - prefs.js..network.proxy.ssl: "118.123.242.103" FF - prefs.js..network.proxy.ssl_port: 80 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@coreonline.com/run3d,version=1.0: C:\Users\HOME\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\HOME\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\HOME\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\HOME\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HOME\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HOME\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.10.10 07:11:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.10.10 07:12:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.05.06 19:37:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.05.06 19:37:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.05.06 19:37:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.05.06 19:37:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.05.06 19:37:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 16:42:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files (x86)\LyricsPal\116.xpi [2013.07.03 15:43:56 | 000,005,397 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 16:42:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.01 09:37:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\Extensions [2013.07.06 20:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\Firefox\Profiles\5y7bc8fw.default\extensions [2013.05.31 23:33:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\HOME\AppData\Roaming\mozilla\Firefox\Profiles\5y7bc8fw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.07.06 20:08:32 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\HOME\AppData\Roaming\mozilla\Firefox\Profiles\5y7bc8fw.default\extensions\firefox@ghostery.com [2013.07.06 20:08:32 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\HOME\AppData\Roaming\mozilla\Firefox\Profiles\5y7bc8fw.default\extensions\ich@maltegoetz.de [2013.07.06 20:08:18 | 000,316,582 | ---- | M] () (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\5y7bc8fw.default\extensions\artur.dubovoy@gmail.com.xpi [2013.07.06 20:08:32 | 000,014,264 | ---- | M] () (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\5y7bc8fw.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013.03.22 23:11:31 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\5y7bc8fw.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013.02.14 22:37:52 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\5y7bc8fw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.07.12 23:43:25 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\5y7bc8fw.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012.07.01 09:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.22 16:42:25 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\HOME\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HOME\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HOME\AppData\Local\Google\Chrome\Application\27.0.1453.116\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Google Update (Enabled) = C:\Users\HOME\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0\ CHR - Extension: YouTube = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Hide My Ass! Web Proxy = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\ CHR - Extension: Google-Suche = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Modul zur Link-Untersuchung = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\ CHR - Extension: AdBlock = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\ CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\ CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\ CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\ CHR - Extension: Lyrics-Pal = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.116_0\ CHR - Extension: YouTube Unblocker = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0\ CHR - Extension: Google Mail = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Anti-Banner = C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Lyrics-Pal) - {C8FBE488-BAF5-4019-A7F7-C888045987D3} - C:\Program Files (x86)\LyricsPal\116.dll (LyricsPal Soft. LTD) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe (Microsoft Corp.) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_SA3C.tmp" /EF "HKCU" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.17.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34707726-940D-4ECA-B99E-4D8C2691503F}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{6ff0c4bf-40df-11e1-8322-1c6f6540c240}\Shell - "" = AutoRun O33 - MountPoints2\{6ff0c4bf-40df-11e1-8322-1c6f6540c240}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe O33 - MountPoints2\{f1d5c2ef-dca8-11e1-93d6-1c6f6540c240}\Shell - "" = AutoRun O33 - MountPoints2\{f1d5c2ef-dca8-11e1-93d6-1c6f6540c240}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.03 15:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsPal [2013.07.03 15:36:58 | 000,000,000 | ---D | C] -- C:\Users\HOME\Local Settings [2013.07.03 15:34:55 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll [2013.07.03 15:34:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp [2013.07.03 15:34:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC [2013.06.26 20:39:46 | 000,000,000 | ---D | C] -- C:\Users\HOME\Desktop\PS3 [2013.06.24 16:28:31 | 000,000,000 | ---D | C] -- C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder [2013.06.24 16:28:31 | 000,000,000 | ---D | C] -- C:\Users\HOME\AppData\Local\No23 Recorder [2013.06.20 22:09:45 | 000,000,000 | ---D | C] -- C:\Users\HOME\Desktop\aufschriebe [2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\HOME\AppData\Local\CDRip.dll [2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\HOME\AppData\Local\No23 Recorder.exe [2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\HOME\AppData\Local\basscd.dll [2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\HOME\AppData\Local\bass.dll [62 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.08 21:20:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.08 21:19:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764305817-477906740-2804058845-1000UA.job [2013.07.08 19:44:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.08 18:43:21 | 000,015,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.08 18:43:21 | 000,015,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.08 18:38:51 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\Lyrics-Pal Update.job [2013.07.08 18:35:59 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.08 18:35:50 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys [2013.07.07 01:08:30 | 000,007,599 | ---- | M] () -- C:\Users\HOME\AppData\Local\Resmon.ResmonCfg [2013.07.07 00:10:26 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764305817-477906740-2804058845-1000Core.job [2013.07.03 15:46:13 | 000,043,113 | ---- | M] () -- C:\Users\HOME\Desktop\beautiful es (1).zip [2013.07.03 15:35:05 | 000,043,113 | ---- | M] () -- C:\Users\HOME\Desktop\beautiful es.zip [2013.06.28 22:22:49 | 000,000,162 | ---- | M] () -- C:\Users\HOME\Desktop\Softair Protektor Dessert Beast Maske (brushed metal)- Amazon.de- Sport & Freizeit.url [2013.06.28 13:41:28 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.28 13:41:28 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.28 13:41:28 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.28 13:41:28 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.28 13:41:28 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.28 00:07:49 | 000,513,230 | ---- | M] () -- C:\Users\HOME\Desktop\img097.jpg [2013.06.28 00:03:11 | 000,512,605 | ---- | M] () -- C:\Users\HOME\Desktop\img096.jpg [2013.06.25 19:13:18 | 000,025,033 | ---- | M] () -- C:\Users\HOME\Desktop\incoterms.odt [2013.06.24 16:55:04 | 000,001,434 | ---- | M] () -- C:\Users\HOME\AppData\Local\RecConfig.xml [2013.06.24 16:28:32 | 000,001,024 | ---- | M] () -- C:\Users\HOME\Desktop\No23 Recorder.lnk [2013.06.24 02:26:26 | 000,057,114 | ---- | M] () -- C:\Users\HOME\Desktop\handout inco.pdf [2013.06.24 02:26:08 | 000,022,510 | ---- | M] () -- C:\Users\HOME\Desktop\handout inco.odt [2013.06.18 10:59:10 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.06.17 15:23:32 | 000,023,863 | ---- | M] () -- C:\Users\HOME\Desktop\zusammengefasst.odt [2013.06.17 14:29:50 | 000,031,147 | ---- | M] () -- C:\Users\HOME\Desktop\energiewirtschaft ew ka.odt [2013.06.13 20:22:38 | 000,003,204 | ---- | M] () -- C:\Users\HOME\AppData\Roaming\wklnhst.dat [62 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.03 15:46:14 | 000,043,113 | ---- | C] () -- C:\Users\HOME\Desktop\beautiful es (1).zip [2013.07.03 15:43:56 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\Lyrics-Pal Update.job [2013.07.03 15:36:11 | 000,043,113 | ---- | C] () -- C:\Users\HOME\Desktop\beautiful es.zip [2013.07.03 15:34:55 | 001,277,744 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe [2013.06.28 22:22:49 | 000,000,162 | ---- | C] () -- C:\Users\HOME\Desktop\Softair Protektor Dessert Beast Maske (brushed metal)- Amazon.de- Sport & Freizeit.url [2013.06.28 00:07:48 | 000,513,230 | ---- | C] () -- C:\Users\HOME\Desktop\img097.jpg [2013.06.28 00:03:10 | 000,512,605 | ---- | C] () -- C:\Users\HOME\Desktop\img096.jpg [2013.06.24 16:30:08 | 000,001,434 | ---- | C] () -- C:\Users\HOME\AppData\Local\RecConfig.xml [2013.06.24 16:28:32 | 000,001,024 | ---- | C] () -- C:\Users\HOME\Desktop\No23 Recorder.lnk [2013.06.24 02:20:38 | 000,057,114 | ---- | C] () -- C:\Users\HOME\Desktop\handout inco.pdf [2013.06.23 22:12:40 | 000,022,510 | ---- | C] () -- C:\Users\HOME\Desktop\handout inco.odt [2013.06.22 16:38:17 | 000,025,033 | ---- | C] () -- C:\Users\HOME\Desktop\incoterms.odt [2013.06.17 14:54:54 | 000,023,863 | ---- | C] () -- C:\Users\HOME\Desktop\zusammengefasst.odt [2013.06.17 14:29:47 | 000,031,147 | ---- | C] () -- C:\Users\HOME\Desktop\energiewirtschaft ew ka.odt [2013.06.06 10:11:05 | 000,003,584 | ---- | C] () -- C:\Users\HOME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.11.18 03:21:53 | 000,000,700 | ---- | C] () -- C:\Users\HOME\Bibliotheken - Verknüpfung.lnk [2012.10.21 14:15:05 | 000,101,162 | ---- | C] () -- C:\Users\HOME\Richtig bewerben.htm [2012.02.22 18:03:33 | 000,000,216 | ---- | C] () -- C:\Users\HOME\Produkt-Information.url [2012.01.23 01:18:12 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012.01.07 18:36:55 | 000,003,204 | ---- | C] () -- C:\Users\HOME\AppData\Roaming\wklnhst.dat [2011.12.28 15:48:48 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.10.30 09:28:45 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\acedrv06.dll [2011.10.21 23:00:26 | 000,007,599 | ---- | C] () -- C:\Users\HOME\AppData\Local\Resmon.ResmonCfg [2011.10.06 14:20:28 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.10.06 14:20:10 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.10.05 11:21:57 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI [2011.10.04 19:23:23 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.10.03 12:08:56 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011.10.03 12:08:56 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011.10.03 12:08:56 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011.10.03 12:08:56 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011.10.03 12:08:56 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011.10.03 12:08:56 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011.10.03 12:08:56 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011.10.03 12:08:56 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011.10.03 12:08:56 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011.10.03 12:08:56 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011.10.03 12:08:56 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011.10.03 12:08:56 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011.10.03 12:08:56 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011.10.03 12:08:56 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011.10.03 12:08:56 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011.10.03 12:08:56 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011.10.03 12:08:56 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011.10.03 12:08:56 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011.10.03 12:08:56 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011.10.03 01:02:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011.10.03 00:47:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\HOME\AppData\Local\lame_enc.dll [2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\HOME\AppData\Local\vorbisenc.dll [2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\HOME\AppData\Local\vorbisfile.dll [2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\HOME\AppData\Local\vorbis.dll [2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\HOME\AppData\Local\ogg.dll [2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\HOME\AppData\Local\no23xwrapper.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.05.28 04:00:28 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\.minecraft [2012.11.18 03:36:57 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Audacity [2011.12.28 16:19:26 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Canneverbe Limited [2011.10.05 13:48:03 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Canon [2012.05.19 11:07:23 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\EPSON [2011.11.15 01:04:43 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Free Audio Editor [2013.03.03 20:24:19 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\FreeFLVConverter [2011.10.03 01:15:28 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\ICQ [2012.03.25 11:33:59 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\InstallShare [2011.10.03 14:50:48 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Leadertech [2011.10.27 20:17:01 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\LG Electronics [2011.10.03 15:16:19 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\LGAAS [2013.01.28 00:18:48 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\LolClient [2013.05.03 17:54:26 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\NetSpeedMonitor [2011.12.09 17:45:08 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\OpenOffice.org [2013.05.01 13:52:43 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Orbit [2011.10.06 13:27:51 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Origin [2012.02.29 00:50:34 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\pokerth [2013.03.03 04:10:50 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\ProgSense [2011.10.04 13:29:46 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Publish Providers [2011.10.05 11:21:35 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\ScanSoft [2012.06.27 16:41:02 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\six-updater [2012.06.27 16:34:46 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\six-zsync [2012.06.15 15:23:07 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\SoftGrid Client [2012.08.16 02:58:15 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Sony [2012.02.20 04:09:20 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Sony Creative Software [2012.08.08 18:15:58 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\supertuxkart [2012.01.09 21:52:40 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Template [2011.10.04 19:24:31 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\TP [2013.05.21 23:06:09 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\TS3Client [2011.10.08 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\XMedia Recode [2011.12.26 04:21:37 | 000,000,000 | ---D | M] -- C:\Users\HOME\AppData\Roaming\Youtube Downloader HD ========== Purity Check ========== < End of report > |
|
08.07.2013, 20:58
| #4 |
| /// Malware-holic | Deal Finder auf amazon + stij.exe Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.07.2013, 21:00
| #5 |
| | Deal Finder auf amazon + stij.exe teil 2OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.07.2013 21:23:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HOME\Pictures\dwhelper\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,08 Gb Available Physical Memory | 76,95% Memory free
7,99 Gb Paging File | 6,47 Gb Available in Paging File | 80,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 189,23 Gb Free Space | 40,63% Space Free | Partition Type: NTFS
Computer Name: HOME-PC | User Name: HOME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002885CE-B1D1-49DA-B4DD-41BDCA0B3461}" = lport=139 | protocol=6 | dir=in | app=system |
"{16043387-81A9-4CF5-8721-CCA0F5B0FB82}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{17B6D346-9EA7-4698-8D49-F717D86C7BE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22B0B744-6E5F-4CA4-B6D0-3FA3DB015AB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{3499188E-AC09-45E9-8EE0-E821BFE5F0E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{44070C1F-DC68-40C9-8FD3-787F32F47B62}" = lport=137 | protocol=17 | dir=in | app=system |
"{496E06E2-FB3A-47A9-A83F-8A8EDCC764AA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DB1B688-D88B-4D65-B009-6158BC03C50C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DA298BF-B8F8-484A-AF54-0ECDE440C877}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{88DDC7DB-967B-4A84-B4BF-EC90AD67CEFC}" = rport=138 | protocol=17 | dir=out | app=system |
"{AA4567FC-37BE-4744-8221-F2827B709D5C}" = lport=138 | protocol=17 | dir=in | app=system |
"{AF7C927A-2157-48ED-9369-8BEFFAEC7A72}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B11D4B40-AB3D-429C-89F6-F3BE71481516}" = rport=445 | protocol=6 | dir=out | app=system |
"{D070839B-7AA9-486C-B685-4DEBD85569A5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D37DA4A5-E517-4869-8DB3-303B36E65713}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D66DB913-3E6D-4C30-8A96-94551E7CB1A5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EB17FB78-7D50-4566-8B97-B71D83E9B754}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE30DBB1-147D-47D3-A262-1298B0ABFEB5}" = lport=445 | protocol=6 | dir=in | app=system |
"{F32B047E-15DB-47AE-AD71-0D98D32BAC22}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F5EF1447-9AFC-4829-A389-E2D88AA3AFA8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015E5C47-0CB8-49B0-B284-EBD37C7FDE13}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{01D91988-2902-49EA-A6F0-498ABB839626}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{0A5C5DD6-1586-4DE8-B62A-666A874E25BD}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{0EFC8E82-9764-4B97-8415-26921E863A32}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{1066DE68-F48E-411C-8D4C-3C43323240CB}" = protocol=17 | dir=in | app=c:\users\home\desktop\league of legends\setup.exe |
"{208233A4-681B-4B21-BC21-F100169C31C1}" = protocol=6 | dir=in | app=c:\users\home\desktop\league of legends\setup.exe |
"{27F445A0-C193-4D98-8A1B-D60AB8E583AB}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{30AD1E2C-60B4-4DCF-939B-3A317218CCED}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{358908FF-41BB-415C-B193-0671E90F1FFA}" = dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{384B4D3E-C103-4967-92CF-DC0C6F18007A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{393DC84C-A21E-4DF8-AE02-373B23E3B2E5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{394AC9F1-7F0A-4E3D-B238-DB86F056E8D5}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{3F198AAF-8B09-487C-B2E1-F7D539895AEE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{3FE78BD2-3613-456C-8528-218F8CD14048}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{411DF3AB-8834-44ED-954F-793DCAADC802}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{43398B75-6C77-4968-A063-3F9532AAF168}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43A6373C-0914-44F2-AD29-E5728EA96124}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{4598159A-4344-4741-8A7E-A542855D6809}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{549CB58F-9C74-430A-BDC1-501AFC9A7827}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{634B8F45-2540-45CD-B60B-B8700EBDA09D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{665D4240-5AC2-4069-9AD9-E7EA793C506C}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{67B0C947-86F7-454B-8CB9-C69C68A2544F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7E82B145-C983-4D92-AB8A-CBE5E29921A1}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{80A7B386-8E6F-4DBF-9E11-2DD091A685F4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8537E1C7-2563-4E12-BDB4-ADD87FA2E341}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{88FE99BF-A961-418F-90C2-A62D39F3CEB2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8D0BE978-D87B-446B-8973-908C4B3D54D4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8E05BA45-653F-475A-A72D-A41329C93D0A}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9185B485-DE1B-4B44-98E6-E439268F76B7}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{96EC54BE-567B-44CB-9F00-9D5B14DDDBAE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A4922608-8AFA-4E58-A910-D0056D00A6EC}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{B7B38C85-ECCE-4881-B8AF-56D1590A9BAE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.admin.exe |
"{B80BDE9A-4C72-48A2-AE22-0E357A971D67}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{BDD69938-9141-4D4A-913A-25EF9B17796D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D003123C-C74B-4340-8A1D-B8EE8D6DAC0D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D8908078-0029-4B0B-999F-EE139852B5EA}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"{E0B63551-73E1-4736-88EE-2B5B69F8224F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{E4490916-4BC1-4FE0-B74E-4F3D9E2C6914}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0295DD99-6487-4017-AD83-23381794983D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{04DA3BAB-CD32-4CDF-95C6-6EE3A1121BAC}C:\windows.old\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\windows.old\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1709D042-8E60-42A0-9BF0-C8D205662E06}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{64A9EF75-FD34-43BD-8BD2-E39EB43FAD73}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"TCP Query User{719D3510-A02F-40CE-BA42-F22757C5BB57}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{7A11267A-F63A-42F3-BB92-5621253E5B1D}C:\windows.old\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\windows.old\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{7B508322-A597-42B4-8580-3957A748628D}C:\windows.old\program files (x86)\electronic arts\battlefield 2142\bf2142.exe" = protocol=6 | dir=in | app=c:\windows.old\program files (x86)\electronic arts\battlefield 2142\bf2142.exe |
"TCP Query User{8B01F315-DF19-40C9-A0CB-77823E9F97A5}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{8FCFBAA7-2B87-4711-A7FE-FC917C0AD5F8}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{9D143D22-E966-4206-ACA2-FEC4DB172D62}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{BE95AA1E-7E2A-483F-806E-5358123A0FA6}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{E8CEF046-DFCC-4B56-96F3-A6879546CD78}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{1FE83979-DFEC-46AD-B318-031AC7E65112}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{3131594C-84CE-4DA9-B212-8952CB91344D}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{342B22E2-8540-4995-94BB-F85E0B7CDF0F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{85777E96-5D62-4CA8-AE33-83FC87BD1903}C:\windows.old\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\windows.old\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{9FFCD719-AE28-4624-A106-3B44AA06C813}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{A20506FA-7AE9-4DCD-867C-323463292A41}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{B610B0B2-A2DB-4DB9-A946-510F42FD5B64}C:\windows.old\program files (x86)\electronic arts\battlefield 2142\bf2142.exe" = protocol=17 | dir=in | app=c:\windows.old\program files (x86)\electronic arts\battlefield 2142\bf2142.exe |
"UDP Query User{B61E9F39-7659-47CD-9AFA-E83FA0C29899}C:\program files (x86)\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"UDP Query User{B97E0F4D-F433-46C8-B951-61F6FB5B1238}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{D0467F38-2A0E-4E17-A8E6-6FC4E99D1517}C:\windows.old\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\windows.old\program files (x86)\skype\phone\skype.exe |
"UDP Query User{E95ABCE8-4DCD-43AA-BEFE-118D1A080000}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{FD0AED66-13C7-47B9-97C9-7FD947702C3D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42822DCA-21E7-49C6-20DE-9FAC7A4980C2}" = ATI Problem Report Wizard
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6B06B783-FEBA-944A-C1DE-26032C12AA7C}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.SingleImage_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.SingleImage_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.SingleImage_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A134DC03-2C81-C8D2-5476-D7D9AD3F43CC}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{DD57342D-62B2-4D22-90FB-0BE732962410}" = Vegas Pro 9.0 (64-bit)
"{F2DEDF1D-AFB2-CCFD-54C4-05BED30C75ED}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NetWorx_is1" = NetWorx 5.2.7
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Recuva" = Recuva
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{038E0E55-9758-49A1-892D-5226FAED5395}" = CCC Help Italian
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12499C3D-9197-EF35-0499-2FD15F0B3750}" = CCC Help German
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1695F36D-6501-8139-FCC4-C8EAEDD8CEE0}" = CCC Help Polish
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1C5509E5-0217-8D75-AE02-29F492990EC6}" = Catalyst Control Center HydraVision Full
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{204F1BCA-E5C9-091E-797D-F1C89BC8EABC}" = CCC Help English
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{23D6C05C-E8BB-0812-7C96-33F0E25A6388}" = HydraVision
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2BF9702B-52EE-4841-83C4-B5E640B6C97A}" = Media Go
"{2C85BCF9-4CD2-3428-F61F-DFC8120DA962}" = Catalyst Control Center Localization All
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{34EA290B-46FE-842B-570D-B7FD8DA524CE}" = CCC Help Finnish
"{36424AC9-1F0A-5F04-EE8A-AA67AFFF0E38}" = CCC Help Thai
"{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}" = Google Talk Plugin
"{37FF2633-E9CF-2BEA-07E5-5C7CEB95D19C}" = CCC Help Hungarian
"{3888AA11-8C88-75FE-C777-9091A30906F1}" = CCC Help Chinese Traditional
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FB5B60F-1DBE-4E41-D1B6-7725D2EB6C28}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43787BBC-2502-F521-D190-4D0F3D3F577D}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1" = Minecraft PC Gamer Demo version 1.5
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5BA93046-491F-0DAF-BD71-6950CAB9C3B3}" = CCC Help Norwegian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1" = Ontrack EasyRecovery Professional
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FA1BBE7-C9C9-A690-B02B-DA870D870C85}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793A82B9-A40A-24B2-64D2-E94861E2394E}" = Catalyst Control Center Graphics Previews Common
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8213E9E7-AFAF-79B8-DB19-F86FA9461F65}" = CCC Help Chinese Standard
"{826BAFB7-04F7-FADE-9498-ADBCEBFE1BDB}" = CCC Help Greek
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B03690C-8D38-FE9D-7018-69217FC80377}" = CCC Help French
"{8D4E9553-BCEB-6FEC-2792-49957375B43D}" = CCC Help Spanish
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{95C489A8-CB62-493C-8312-CA34ED2A3F12}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA76423-9C56-0E19-0FAC-29312B65387C}" = CCC Help Turkish
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A1F46482-7396-F8E7-305A-3D705A7118D2}" = CCC Help Portuguese
"{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}" = Media Go Video Playback Engine 1.92.170.06150
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93F5A52-4BFB-FC4B-711B-A7DBF2D0B3D7}" = CCC Help Japanese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B365F570-2800-9F57-1E82-EC6F6C53BB3E}" = Catalyst Control Center Graphics Full Existing
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{C1505E9E-C2EF-71EE-2440-2A47F909C2ED}" = CCC Help Czech
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C6B61052-2A15-1322-4EBD-1A8D6CCED0DA}" = CCC Help Russian
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CAF9161C-0D5C-9C91-5A07-16C8AD61742B}" = Catalyst Control Center Graphics Full New
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D5F587D9-7C72-F53B-5463-B05E781315E1}" = CCC Help Danish
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DFB61AE1-6C02-5388-EABD-35F872D95018}" = Catalyst Control Center Graphics Light
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1806FC2-13EE-A21F-F4A0-705D55BA47DE}" = Catalyst Control Center Core Implementation
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{FB366EEB-C608-0993-CB9E-54789A6107DC}" = Catalyst Control Center Graphics Previews Vista
"{FC384AF3-A370-2EE7-3F65-965C3819780B}" = Catalyst Control Center InstallProxy
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AnyDVD" = AnyDVD
"Audacity_is1" = Audacity 2.0.2
"CCleaner" = CCleaner (remove only)
"CloneDVD2" = CloneDVD2
"Disk Investigator" = Disk Investigator 1.61
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"Free FLV Converter_is1" = Free FLV Converter V 7.5.0
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"lrcspal@lyricspal.co" = Lyrics-Pal
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Origin" = Origin
"PDF Blender" = PDF Blender
"Picasa 3" = Picasa 3
"PokerTH 0.9.3" = PokerTH
"PokerTH 1.0" = PokerTH
"PS3 Media Server" = PS3 Media Server
"PunkBusterSvc" = PunkBuster Services
"SSC Service Utility_is1" = SSC Service Utility v4.30
"TimeLineRemove_is1" = TimeLineRemove 0.5
"TmNationsForever_is1" = TmNationsForever
"TVersity Codec Pack" = TVersity Codec Pack 1.7
"TVersity Media Server" = TVersity Media Server 1.9.7
"Update Engine" = Sony Ericsson Update Engine
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.10
"waterMark V2" = waterMark V2
"Wisdom-soft AutoScreenRecorder 3.1 Pro" = Wisdom-soft AutoScreenRecorder 3.1 Pro
"XMedia Recode" = XMedia Recode 2.2.9.7
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.6
"ZBrush 4R4 4R4" = ZBrush 4R4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG" = gamelauncher-ps2-psg
"soe-PlanetSide 2 PSG" = PlanetSide 2
"Square Enix Secure Launcher" = Square Enix Secure Launcher
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.06.2013 16:37:57 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: rads_user_kernel.exe, Version:
0.0.0.0, Zeitstempel: 0x4e65c1ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b8554
ID
des fehlerhaften Prozesses: 0xe78 Startzeit der fehlerhaften Anwendung: 0x01ce622c891784f7
Pfad
der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad
des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichtskennung:
cdca57af-ce1f-11e2-8224-1c6f6540c240
Error - 05.06.2013 16:38:22 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 115c Startzeit: 01ce622c94cc2935 Endzeit: 0 Anwendungspfad:
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: d99cd4e8-ce1f-11e2-8224-1c6f6540c240
Error - 05.06.2013 16:39:25 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 11c0 Startzeit: 01ce622ca73405b3 Endzeit: 7 Anwendungspfad:
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: 00846b54-ce20-11e2-8224-1c6f6540c240
Error - 05.06.2013 16:41:21 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1290 Startzeit: 01ce622cd8d36d21 Endzeit: 3 Anwendungspfad:
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: 365dff6f-ce20-11e2-8224-1c6f6540c240
Error - 23.06.2013 17:50:49 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16476 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1434 Startzeit: 01ce705bb2e383f4 Endzeit: 12 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 05.07.2013 17:26:03 | Computer Name = HOME-PC | Source = MsiInstaller | ID = 11730
Description =
Error - 05.07.2013 17:58:59 | Computer Name = HOME-PC | Source = MsiInstaller | ID = 11730
Description =
Error - 05.07.2013 18:00:23 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 700 Startzeit: 01ce79caf7752c7f Endzeit: 0 Anwendungspfad: C:\Riot
Games\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: 48c04ede-e5be-11e2-9a03-1c6f6540c240
Error - 06.07.2013 14:08:31 | Computer Name = HOME-PC | Source = MsiInstaller | ID = 11730
Description =
Error - 08.07.2013 15:24:10 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12a0 Startzeit:
01ce7c104bc1c62f Endzeit: 0 Anwendungspfad: C:\Users\HOME\Pictures\dwhelper\Downloads\OTL.exe
Berichts-ID:
[ System Events ]
Error - 03.07.2013 17:28:19 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1352 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 03.07.2013 17:28:19 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1069
Error - 04.07.2013 07:57:25 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 04.07.2013 11:04:03 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 04.07.2013 15:54:09 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 05.07.2013 16:51:40 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 06.07.2013 12:08:37 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 06.07.2013 14:12:53 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 06.07.2013 18:00:34 | Computer Name = HOME-PC | Source = DCOM | ID = 10010
Description =
Error - 08.07.2013 12:36:01 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
< End of report >
|
|
08.07.2013, 21:01
| #6 |
| /// Malware-holic | Deal Finder auf amazon + stij.exe Weiter bitte mit TDSS Killer.
__________________ --> Deal Finder auf amazon + stij.exe |
|
08.07.2013, 21:19
| #7 |
| | Deal Finder auf amazon + stij.exe hey und jetzt? Soll ich ein Bild posten vom Ergebnis`? Ah ok habs gelesen moment. Ergebnis Tdss Code:
ATTFilter 22:15:53.0669 0860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:15:54.0104 0860 ============================================================
22:15:54.0104 0860 Current date / time: 2013/07/08 22:15:54.0104
22:15:54.0104 0860 SystemInfo:
22:15:54.0104 0860
22:15:54.0104 0860 OS Version: 6.1.7601 ServicePack: 1.0
22:15:54.0104 0860 Product type: Workstation
22:15:54.0105 0860 ComputerName: HOME-PC
22:15:54.0105 0860 UserName: HOME
22:15:54.0105 0860 Windows directory: C:\Windows
22:15:54.0105 0860 System windows directory: C:\Windows
22:15:54.0105 0860 Running under WOW64
22:15:54.0105 0860 Processor architecture: Intel x64
22:15:54.0105 0860 Number of processors: 4
22:15:54.0105 0860 Page size: 0x1000
22:15:54.0105 0860 Boot type: Normal boot
22:15:54.0105 0860 ============================================================
22:15:55.0610 0860 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
22:15:55.0615 0860 ============================================================
22:15:55.0615 0860 \Device\Harddisk0\DR0:
22:15:55.0630 0860 MBR partitions:
22:15:55.0630 0860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385830
22:15:55.0630 0860 ============================================================
22:15:55.0668 0860 C: <-> \Device\Harddisk0\DR0\Partition1
22:15:55.0706 0860 ============================================================
22:15:55.0706 0860 Initialize success
22:15:55.0706 0860 ============================================================
22:16:11.0028 4432 ============================================================
22:16:11.0028 4432 Scan started
22:16:11.0028 4432 Mode: Manual; SigCheck; TDLFS;
22:16:11.0028 4432 ============================================================
22:16:12.0543 4432 ================ Scan system memory ========================
22:16:12.0543 4432 System memory - ok
22:16:12.0545 4432 ================ Scan services =============================
22:16:12.0737 4432 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:16:12.0943 4432 1394ohci - ok
22:16:12.0986 4432 [ C8030D922511A926D0AA06B78C4B87A9 ] acedrv06 C:\Windows\system32\drivers\acedrv06.sys
22:16:13.0025 4432 acedrv06 ( UnsignedFile.Multi.Generic ) - warning
22:16:13.0025 4432 acedrv06 - detected UnsignedFile.Multi.Generic (1)
22:16:13.0058 4432 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:16:13.0106 4432 ACPI - ok
22:16:13.0148 4432 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:16:13.0233 4432 AcpiPmi - ok
22:16:13.0374 4432 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:16:13.0404 4432 AdobeARMservice - ok
22:16:13.0460 4432 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:16:13.0518 4432 adp94xx - ok
22:16:13.0553 4432 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:16:13.0600 4432 adpahci - ok
22:16:13.0622 4432 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:16:13.0661 4432 adpu320 - ok
22:16:13.0705 4432 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:16:14.0022 4432 AeLookupSvc - ok
22:16:14.0089 4432 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:16:14.0202 4432 AFD - ok
22:16:14.0248 4432 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:16:14.0281 4432 agp440 - ok
22:16:14.0301 4432 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:16:14.0402 4432 ALG - ok
22:16:14.0423 4432 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:16:14.0459 4432 aliide - ok
22:16:14.0521 4432 [ E6E4DBE4B5B9A476A6D1959440BEE911 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:16:14.0642 4432 AMD External Events Utility - ok
22:16:14.0660 4432 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:16:14.0691 4432 amdide - ok
22:16:14.0726 4432 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:16:14.0795 4432 AmdK8 - ok
22:16:15.0054 4432 [ 4E1C6E69703E0C4E9A3AE31641E97DA4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:15.0474 4432 amdkmdag - ok
22:16:15.0526 4432 [ 10D76BB72B8089D63A4AB8AF84FE7E8E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:16:15.0580 4432 amdkmdap - ok
22:16:15.0629 4432 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:16:15.0681 4432 AmdPPM - ok
22:16:15.0737 4432 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:16:15.0772 4432 amdsata - ok
22:16:15.0799 4432 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:16:15.0839 4432 amdsbs - ok
22:16:15.0902 4432 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:16:15.0933 4432 amdxata - ok
22:16:15.0990 4432 [ 7CE7D6019D0D73F9203BA4FF4BA35B6A ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
22:16:16.0025 4432 AnyDVD - ok
22:16:16.0069 4432 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:16:16.0253 4432 AppID - ok
22:16:16.0292 4432 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:16:16.0416 4432 AppIDSvc - ok
22:16:16.0449 4432 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:16:16.0554 4432 Appinfo - ok
22:16:16.0603 4432 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:16:16.0638 4432 arc - ok
22:16:16.0656 4432 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:16:16.0691 4432 arcsas - ok
22:16:16.0719 4432 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:16.0831 4432 AsyncMac - ok
22:16:16.0888 4432 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:16:16.0919 4432 atapi - ok
22:16:16.0967 4432 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
22:16:16.0998 4432 AtiHdmiService - ok
22:16:17.0226 4432 [ 4E1C6E69703E0C4E9A3AE31641E97DA4 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:17.0477 4432 atikmdag - ok
22:16:17.0529 4432 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:16:17.0544 4432 atksgt - ok
22:16:17.0596 4432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:16:17.0708 4432 AudioEndpointBuilder - ok
22:16:17.0742 4432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:16:17.0848 4432 AudioSrv - ok
22:16:17.0932 4432 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
22:16:17.0978 4432 AVP - ok
22:16:18.0035 4432 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:16:18.0132 4432 AxInstSV - ok
22:16:18.0183 4432 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:16:18.0283 4432 b06bdrv - ok
22:16:18.0331 4432 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:16:18.0387 4432 b57nd60a - ok
22:16:18.0425 4432 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:16:18.0502 4432 BDESVC - ok
22:16:18.0529 4432 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:16:18.0648 4432 Beep - ok
22:16:18.0717 4432 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:16:18.0829 4432 BFE - ok
22:16:18.0864 4432 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:16:19.0005 4432 BITS - ok
22:16:19.0096 4432 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:16:19.0156 4432 blbdrive - ok
22:16:19.0195 4432 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:16:19.0241 4432 bowser - ok
22:16:19.0260 4432 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:16:19.0334 4432 BrFiltLo - ok
22:16:19.0355 4432 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:16:19.0419 4432 BrFiltUp - ok
22:16:19.0462 4432 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:16:19.0535 4432 Browser - ok
22:16:19.0559 4432 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:16:19.0640 4432 Brserid - ok
22:16:19.0662 4432 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:19.0718 4432 BrSerWdm - ok
22:16:19.0742 4432 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:19.0780 4432 BrUsbMdm - ok
22:16:19.0797 4432 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:16:19.0848 4432 BrUsbSer - ok
22:16:19.0873 4432 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:16:19.0931 4432 BTHMODEM - ok
22:16:19.0995 4432 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:16:20.0101 4432 bthserv - ok
22:16:20.0133 4432 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:16:20.0243 4432 cdfs - ok
22:16:20.0298 4432 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:16:20.0347 4432 cdrom - ok
22:16:20.0389 4432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:16:20.0491 4432 CertPropSvc - ok
22:16:20.0519 4432 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:16:20.0565 4432 circlass - ok
22:16:20.0606 4432 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:16:20.0653 4432 CLFS - ok
22:16:20.0739 4432 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:16:20.0771 4432 clr_optimization_v2.0.50727_32 - ok
22:16:20.0846 4432 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:16:20.0877 4432 clr_optimization_v2.0.50727_64 - ok
22:16:20.0977 4432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:16:21.0011 4432 clr_optimization_v4.0.30319_32 - ok
22:16:21.0058 4432 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:16:21.0090 4432 clr_optimization_v4.0.30319_64 - ok
22:16:21.0133 4432 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:16:21.0183 4432 CmBatt - ok
22:16:21.0214 4432 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:16:21.0247 4432 cmdide - ok
22:16:21.0291 4432 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:16:21.0367 4432 CNG - ok
22:16:21.0387 4432 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:16:21.0418 4432 Compbatt - ok
22:16:21.0437 4432 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:16:21.0496 4432 CompositeBus - ok
22:16:21.0519 4432 COMSysApp - ok
22:16:21.0540 4432 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:16:21.0572 4432 crcdisk - ok
22:16:21.0628 4432 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:16:21.0750 4432 CryptSvc - ok
22:16:21.0807 4432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:16:21.0920 4432 DcomLaunch - ok
22:16:21.0958 4432 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:16:22.0073 4432 defragsvc - ok
22:16:22.0123 4432 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:16:22.0232 4432 DfsC - ok
22:16:22.0281 4432 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:16:22.0397 4432 Dhcp - ok
22:16:22.0431 4432 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:16:22.0543 4432 discache - ok
22:16:22.0579 4432 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:16:22.0612 4432 Disk - ok
22:16:22.0649 4432 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:16:22.0719 4432 Dnscache - ok
22:16:22.0762 4432 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:16:22.0873 4432 dot3svc - ok
22:16:22.0921 4432 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:16:23.0031 4432 DPS - ok
22:16:23.0078 4432 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:16:23.0124 4432 drmkaud - ok
22:16:23.0184 4432 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:16:23.0263 4432 DXGKrnl - ok
22:16:23.0300 4432 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:16:23.0409 4432 EapHost - ok
22:16:23.0530 4432 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:16:23.0697 4432 ebdrv - ok
22:16:23.0731 4432 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:16:23.0816 4432 EFS - ok
22:16:23.0897 4432 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:16:24.0008 4432 ehRecvr - ok
22:16:24.0045 4432 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:16:24.0096 4432 ehSched - ok
22:16:24.0135 4432 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
22:16:24.0165 4432 ElbyCDIO - ok
22:16:24.0217 4432 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:16:24.0276 4432 elxstor - ok
22:16:24.0318 4432 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:16:24.0368 4432 ErrDev - ok
22:16:24.0410 4432 [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
22:16:24.0438 4432 ES lite Service - ok
22:16:24.0500 4432 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:16:24.0618 4432 EventSystem - ok
22:16:24.0653 4432 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:16:24.0750 4432 exfat - ok
22:16:24.0771 4432 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:16:24.0886 4432 fastfat - ok
22:16:24.0945 4432 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:16:25.0042 4432 Fax - ok
22:16:25.0066 4432 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:16:25.0100 4432 fdc - ok
22:16:25.0136 4432 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:16:25.0252 4432 fdPHost - ok
22:16:25.0275 4432 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:16:25.0383 4432 FDResPub - ok
22:16:25.0436 4432 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:16:25.0469 4432 FileInfo - ok
22:16:25.0484 4432 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:16:25.0607 4432 Filetrace - ok
22:16:25.0624 4432 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:16:25.0657 4432 flpydisk - ok
22:16:25.0704 4432 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:16:25.0747 4432 FltMgr - ok
22:16:25.0811 4432 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:16:25.0919 4432 FontCache - ok
22:16:25.0980 4432 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:16:26.0008 4432 FontCache3.0.0.0 - ok
22:16:26.0022 4432 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:16:26.0055 4432 FsDepends - ok
22:16:26.0096 4432 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:16:26.0127 4432 Fs_Rec - ok
22:16:26.0170 4432 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:16:26.0219 4432 fvevol - ok
22:16:26.0245 4432 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:16:26.0278 4432 gagp30kx - ok
22:16:26.0319 4432 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
22:16:26.0344 4432 gdrv - ok
22:16:26.0403 4432 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:16:26.0539 4432 gpsvc - ok
22:16:26.0643 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:16:26.0672 4432 gupdate - ok
22:16:26.0693 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:16:26.0720 4432 gupdatem - ok
22:16:26.0768 4432 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:16:26.0802 4432 gusvc - ok
22:16:26.0839 4432 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:16:26.0907 4432 hcw85cir - ok
22:16:26.0961 4432 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:16:27.0023 4432 HdAudAddService - ok
22:16:27.0055 4432 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:16:27.0113 4432 HDAudBus - ok
22:16:27.0134 4432 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:16:27.0179 4432 HidBatt - ok
22:16:27.0208 4432 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:16:27.0265 4432 HidBth - ok
22:16:27.0293 4432 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:16:27.0335 4432 HidIr - ok
22:16:27.0372 4432 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:16:27.0480 4432 hidserv - ok
22:16:27.0524 4432 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:16:27.0568 4432 HidUsb - ok
22:16:27.0607 4432 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:16:27.0725 4432 hkmsvc - ok
22:16:27.0773 4432 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:16:27.0851 4432 HomeGroupListener - ok
22:16:27.0893 4432 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:16:27.0961 4432 HomeGroupProvider - ok
22:16:27.0992 4432 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:16:28.0029 4432 HpSAMD - ok
22:16:28.0212 4432 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:16:28.0367 4432 HTTP - ok
22:16:28.0403 4432 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:16:28.0436 4432 hwpolicy - ok
22:16:28.0476 4432 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:16:28.0513 4432 i8042prt - ok
22:16:28.0563 4432 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:16:28.0612 4432 iaStorV - ok
22:16:28.0674 4432 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:16:28.0761 4432 idsvc - ok
22:16:28.0794 4432 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:16:28.0828 4432 iirsp - ok
22:16:28.0888 4432 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:16:29.0023 4432 IKEEXT - ok
22:16:29.0124 4432 [ 76877DD763A2287F58908795F3F5CCCB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:16:29.0280 4432 IntcAzAudAddService - ok
22:16:29.0302 4432 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:16:29.0335 4432 intelide - ok
22:16:29.0354 4432 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:16:29.0400 4432 intelppm - ok
22:16:29.0435 4432 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:16:29.0550 4432 IPBusEnum - ok
22:16:29.0597 4432 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:29.0688 4432 IpFilterDriver - ok
22:16:29.0737 4432 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:16:29.0863 4432 iphlpsvc - ok
22:16:29.0904 4432 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:16:29.0940 4432 IPMIDRV - ok
22:16:29.0963 4432 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:16:30.0079 4432 IPNAT - ok
22:16:30.0104 4432 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:16:30.0190 4432 IRENUM - ok
22:16:30.0213 4432 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:16:30.0247 4432 isapnp - ok
22:16:30.0285 4432 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:16:30.0331 4432 iScsiPrt - ok
22:16:30.0357 4432 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:16:30.0392 4432 kbdclass - ok
22:16:30.0435 4432 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:16:30.0514 4432 kbdhid - ok
22:16:30.0539 4432 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:16:30.0578 4432 KeyIso - ok
22:16:30.0650 4432 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
22:16:30.0700 4432 kl1 - ok
22:16:30.0775 4432 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
22:16:30.0851 4432 KLIF - ok
22:16:30.0903 4432 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
22:16:30.0932 4432 KLIM6 - ok
22:16:30.0945 4432 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
22:16:30.0974 4432 klkbdflt - ok
22:16:30.0996 4432 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
22:16:31.0028 4432 klmouflt - ok
22:16:31.0044 4432 [ 45ECF097BC6330C2054D7D43B7AD822B ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
22:16:31.0097 4432 kltdi - ok
22:16:31.0129 4432 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys
22:16:31.0165 4432 kneps - ok
22:16:31.0205 4432 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:16:31.0240 4432 KSecDD - ok
22:16:31.0255 4432 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:16:31.0292 4432 KSecPkg - ok
22:16:31.0325 4432 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:16:31.0451 4432 ksthunk - ok
22:16:31.0491 4432 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:16:31.0613 4432 KtmRm - ok
22:16:31.0674 4432 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:16:31.0736 4432 LanmanServer - ok
22:16:31.0778 4432 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:16:31.0855 4432 LanmanWorkstation - ok
22:16:31.0937 4432 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:16:31.0970 4432 lirsgt - ok
22:16:31.0992 4432 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:16:32.0100 4432 lltdio - ok
22:16:32.0154 4432 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:16:32.0256 4432 lltdsvc - ok
22:16:32.0275 4432 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:16:32.0370 4432 lmhosts - ok
22:16:32.0418 4432 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:16:32.0455 4432 LSI_FC - ok
22:16:32.0473 4432 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:16:32.0509 4432 LSI_SAS - ok
22:16:32.0523 4432 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:16:32.0558 4432 LSI_SAS2 - ok
22:16:32.0578 4432 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:16:32.0614 4432 LSI_SCSI - ok
22:16:32.0642 4432 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:16:32.0754 4432 luafv - ok
22:16:32.0822 4432 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
22:16:32.0866 4432 LVRS64 - ok
22:16:33.0102 4432 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
22:16:33.0384 4432 LVUVC64 - ok
22:16:33.0445 4432 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:16:33.0484 4432 Mcx2Svc - ok
22:16:33.0519 4432 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:16:33.0536 4432 megasas - ok
22:16:33.0556 4432 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:16:33.0578 4432 MegaSR - ok
22:16:33.0630 4432 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:16:33.0743 4432 MMCSS - ok
22:16:33.0765 4432 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:16:33.0895 4432 Modem - ok
22:16:33.0928 4432 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:16:34.0002 4432 monitor - ok
22:16:34.0052 4432 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:16:34.0085 4432 mouclass - ok
22:16:34.0101 4432 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:16:34.0140 4432 mouhid - ok
22:16:34.0182 4432 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:16:34.0218 4432 mountmgr - ok
22:16:34.0344 4432 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
22:16:34.0390 4432 MozillaMaintenance - ok
22:16:34.0434 4432 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:16:34.0494 4432 mpio - ok
22:16:34.0510 4432 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:16:34.0612 4432 mpsdrv - ok
22:16:34.0663 4432 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:16:34.0802 4432 MpsSvc - ok
22:16:34.0847 4432 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:16:34.0910 4432 MRxDAV - ok
22:16:34.0945 4432 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:35.0015 4432 mrxsmb - ok
22:16:35.0039 4432 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:35.0093 4432 mrxsmb10 - ok
22:16:35.0131 4432 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:35.0184 4432 mrxsmb20 - ok
22:16:35.0211 4432 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:16:35.0246 4432 msahci - ok
22:16:35.0273 4432 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:16:35.0311 4432 msdsm - ok
22:16:35.0334 4432 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:16:35.0385 4432 MSDTC - ok
22:16:35.0434 4432 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:16:35.0528 4432 Msfs - ok
22:16:35.0548 4432 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:16:35.0656 4432 mshidkmdf - ok
22:16:35.0677 4432 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:16:35.0711 4432 msisadrv - ok
22:16:35.0794 4432 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:16:35.0916 4432 MSiSCSI - ok
22:16:35.0925 4432 msiserver - ok
22:16:35.0961 4432 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:16:36.0055 4432 MSKSSRV - ok
22:16:36.0107 4432 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:36.0215 4432 MSPCLOCK - ok
22:16:36.0240 4432 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:16:36.0349 4432 MSPQM - ok
22:16:36.0385 4432 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:16:36.0433 4432 MsRPC - ok
22:16:36.0479 4432 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:16:36.0512 4432 mssmbios - ok
22:16:36.0526 4432 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:16:36.0632 4432 MSTEE - ok
22:16:36.0653 4432 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:16:36.0702 4432 MTConfig - ok
22:16:36.0741 4432 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:16:36.0777 4432 Mup - ok
22:16:36.0825 4432 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:16:36.0959 4432 napagent - ok
22:16:36.0994 4432 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:16:37.0070 4432 NativeWifiP - ok
22:16:37.0122 4432 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:16:37.0205 4432 NDIS - ok
22:16:37.0236 4432 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:16:37.0332 4432 NdisCap - ok
22:16:37.0354 4432 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:37.0462 4432 NdisTapi - ok
22:16:37.0496 4432 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:37.0554 4432 Ndisuio - ok
22:16:37.0610 4432 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:37.0705 4432 NdisWan - ok
22:16:37.0769 4432 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:16:37.0917 4432 NDProxy - ok
22:16:37.0985 4432 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:16:38.0089 4432 NetBIOS - ok
22:16:38.0145 4432 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:16:38.0243 4432 NetBT - ok
22:16:38.0263 4432 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:16:38.0297 4432 Netlogon - ok
22:16:38.0344 4432 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:16:38.0461 4432 Netman - ok
22:16:38.0505 4432 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:16:38.0641 4432 netprofm - ok
22:16:38.0685 4432 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:16:38.0717 4432 NetTcpPortSharing - ok
22:16:38.0770 4432 [ 2D5297BDED9B0E811C6C894EC5A7FAB8 ] networx C:\Windows\system32\drivers\networx.sys
22:16:38.0803 4432 networx - ok
22:16:38.0856 4432 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:16:38.0890 4432 nfrd960 - ok
22:16:38.0936 4432 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:16:39.0038 4432 NlaSvc - ok
22:16:39.0078 4432 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:16:39.0124 4432 Npfs - ok
22:16:39.0157 4432 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:16:39.0216 4432 nsi - ok
22:16:39.0233 4432 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:16:39.0293 4432 nsiproxy - ok
22:16:39.0461 4432 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:16:39.0565 4432 Ntfs - ok
22:16:39.0593 4432 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:16:39.0701 4432 Null - ok
22:16:39.0747 4432 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
22:16:39.0784 4432 nusb3hub - ok
22:16:39.0821 4432 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:16:39.0852 4432 nusb3xhc - ok
22:16:39.0894 4432 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:16:39.0931 4432 nvraid - ok
22:16:39.0978 4432 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:16:40.0015 4432 nvstor - ok
22:16:40.0049 4432 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:16:40.0085 4432 nv_agp - ok
22:16:40.0120 4432 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:16:40.0154 4432 ohci1394 - ok
22:16:40.0337 4432 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:40.0426 4432 ose64 - ok
22:16:40.0681 4432 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:16:40.0974 4432 osppsvc - ok
22:16:41.0023 4432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:16:41.0100 4432 p2pimsvc - ok
22:16:41.0145 4432 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:16:41.0189 4432 p2psvc - ok
22:16:41.0238 4432 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:16:41.0273 4432 Parport - ok
22:16:41.0323 4432 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:16:41.0357 4432 partmgr - ok
22:16:41.0384 4432 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:16:41.0449 4432 PcaSvc - ok
22:16:41.0475 4432 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:16:41.0514 4432 pci - ok
22:16:41.0558 4432 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:16:41.0589 4432 pciide - ok
22:16:41.0613 4432 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:16:41.0665 4432 pcmcia - ok
22:16:41.0688 4432 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:16:41.0722 4432 pcw - ok
22:16:41.0763 4432 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:16:41.0892 4432 PEAUTH - ok
22:16:42.0077 4432 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:16:42.0126 4432 PerfHost - ok
22:16:42.0203 4432 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:16:42.0379 4432 pla - ok
22:16:42.0447 4432 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:16:42.0502 4432 PlugPlay - ok
22:16:42.0517 4432 PnkBstrA - ok
22:16:42.0551 4432 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:16:42.0614 4432 PNRPAutoReg - ok
22:16:42.0646 4432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:16:42.0688 4432 PNRPsvc - ok
22:16:42.0717 4432 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:16:42.0821 4432 PolicyAgent - ok
22:16:42.0865 4432 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:16:42.0976 4432 Power - ok
22:16:43.0009 4432 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:16:43.0115 4432 PptpMiniport - ok
22:16:43.0138 4432 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:16:43.0186 4432 Processor - ok
22:16:43.0217 4432 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
22:16:43.0326 4432 ProfSvc - ok
22:16:43.0350 4432 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:43.0383 4432 ProtectedStorage - ok
22:16:43.0420 4432 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:16:43.0514 4432 Psched - ok
22:16:43.0582 4432 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:16:43.0682 4432 ql2300 - ok
22:16:43.0705 4432 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:16:43.0742 4432 ql40xx - ok
22:16:43.0849 4432 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:16:43.0945 4432 QWAVE - ok
22:16:43.0961 4432 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:16:44.0018 4432 QWAVEdrv - ok
22:16:44.0038 4432 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:16:44.0132 4432 RasAcd - ok
22:16:44.0192 4432 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:44.0285 4432 RasAgileVpn - ok
22:16:44.0304 4432 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:16:44.0415 4432 RasAuto - ok
22:16:44.0450 4432 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:44.0561 4432 Rasl2tp - ok
22:16:44.0673 4432 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:16:44.0784 4432 RasMan - ok
22:16:44.0822 4432 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:44.0931 4432 RasPppoe - ok
22:16:44.0960 4432 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:16:45.0072 4432 RasSstp - ok
22:16:45.0099 4432 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:16:45.0210 4432 rdbss - ok
22:16:45.0238 4432 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:16:45.0278 4432 rdpbus - ok
22:16:45.0293 4432 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:45.0405 4432 RDPCDD - ok
22:16:45.0449 4432 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:16:45.0554 4432 RDPENCDD - ok
22:16:45.0568 4432 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:16:45.0660 4432 RDPREFMP - ok
22:16:45.0693 4432 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:16:45.0759 4432 RDPWD - ok
22:16:45.0819 4432 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:16:45.0859 4432 rdyboost - ok
22:16:45.0891 4432 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:16:46.0006 4432 RemoteAccess - ok
22:16:46.0048 4432 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:16:46.0166 4432 RemoteRegistry - ok
22:16:46.0196 4432 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:16:46.0310 4432 RpcEptMapper - ok
22:16:46.0345 4432 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:16:46.0410 4432 RpcLocator - ok
22:16:46.0453 4432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:16:46.0565 4432 RpcSs - ok
22:16:46.0609 4432 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:16:46.0713 4432 rspndr - ok
22:16:46.0791 4432 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:16:46.0824 4432 RTHDMIAzAudService - ok
22:16:46.0871 4432 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:16:46.0962 4432 RTL8167 - ok
22:16:46.0979 4432 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:16:47.0012 4432 SamSs - ok
22:16:47.0047 4432 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:16:47.0082 4432 sbp2port - ok
22:16:47.0117 4432 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:16:47.0233 4432 SCardSvr - ok
22:16:47.0274 4432 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:16:47.0376 4432 scfilter - ok
22:16:47.0435 4432 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:16:47.0571 4432 Schedule - ok
22:16:47.0600 4432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:16:47.0692 4432 SCPolicySvc - ok
22:16:47.0732 4432 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:16:47.0780 4432 SDRSVC - ok
22:16:47.0842 4432 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:16:47.0883 4432 SeaPort - ok
22:16:47.0927 4432 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:16:48.0018 4432 secdrv - ok
22:16:48.0050 4432 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:16:48.0157 4432 seclogon - ok
22:16:48.0195 4432 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:16:48.0301 4432 SENS - ok
22:16:48.0328 4432 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:16:48.0394 4432 SensrSvc - ok
22:16:48.0412 4432 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:16:48.0458 4432 Serenum - ok
22:16:48.0507 4432 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:16:48.0559 4432 Serial - ok
22:16:48.0583 4432 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:16:48.0634 4432 sermouse - ok
22:16:48.0690 4432 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:16:48.0802 4432 SessionEnv - ok
22:16:48.0843 4432 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:16:48.0896 4432 sffdisk - ok
22:16:48.0917 4432 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:16:48.0979 4432 sffp_mmc - ok
22:16:49.0001 4432 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:16:49.0060 4432 sffp_sd - ok
22:16:49.0093 4432 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:16:49.0126 4432 sfloppy - ok
22:16:49.0170 4432 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:16:49.0284 4432 SharedAccess - ok
22:16:49.0350 4432 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:49.0470 4432 ShellHWDetection - ok
22:16:49.0501 4432 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:16:49.0535 4432 SiSRaid2 - ok
22:16:49.0561 4432 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:16:49.0596 4432 SiSRaid4 - ok
22:16:49.0663 4432 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:16:49.0697 4432 SkypeUpdate - ok
22:16:49.0722 4432 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:16:49.0829 4432 Smb - ok
22:16:49.0912 4432 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:16:50.0059 4432 SNMPTRAP - ok
22:16:50.0183 4432 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
22:16:50.0224 4432 Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
22:16:50.0224 4432 Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
22:16:50.0253 4432 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:16:50.0286 4432 spldr - ok
22:16:50.0340 4432 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
22:16:50.0449 4432 Spooler - ok
22:16:50.0576 4432 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:16:50.0842 4432 sppsvc - ok
22:16:50.0893 4432 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:16:50.0990 4432 sppuinotify - ok
22:16:51.0042 4432 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:16:51.0114 4432 srv - ok
22:16:51.0152 4432 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:16:51.0210 4432 srv2 - ok
22:16:51.0263 4432 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:16:51.0314 4432 srvnet - ok
22:16:51.0346 4432 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:16:51.0477 4432 SSDPSRV - ok
22:16:51.0494 4432 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:16:51.0591 4432 SstpSvc - ok
22:16:51.0631 4432 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:16:51.0663 4432 stexstor - ok
22:16:51.0724 4432 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:16:51.0800 4432 stisvc - ok
22:16:51.0845 4432 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:16:51.0876 4432 swenum - ok
22:16:51.0906 4432 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:16:52.0029 4432 swprv - ok
22:16:52.0098 4432 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:16:52.0227 4432 SysMain - ok
22:16:52.0260 4432 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:52.0312 4432 TabletInputService - ok
22:16:52.0357 4432 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:16:52.0475 4432 TapiSrv - ok
22:16:52.0516 4432 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:16:52.0612 4432 TBS - ok
22:16:52.0688 4432 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:16:52.0807 4432 Tcpip - ok
22:16:52.0869 4432 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:16:52.0972 4432 TCPIP6 - ok
22:16:53.0015 4432 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:16:53.0119 4432 tcpipreg - ok
22:16:53.0181 4432 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:16:53.0242 4432 TDPIPE - ok
22:16:53.0278 4432 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:16:53.0323 4432 TDTCP - ok
22:16:53.0371 4432 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:16:53.0461 4432 tdx - ok
22:16:53.0489 4432 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:16:53.0522 4432 TermDD - ok
22:16:53.0558 4432 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:16:53.0685 4432 TermService - ok
22:16:53.0722 4432 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:16:53.0783 4432 Themes - ok
22:16:53.0815 4432 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:16:53.0911 4432 THREADORDER - ok
22:16:53.0947 4432 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:16:54.0064 4432 TrkWks - ok
22:16:54.0171 4432 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:54.0274 4432 TrustedInstaller - ok
22:16:54.0312 4432 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:54.0415 4432 tssecsrv - ok
22:16:54.0471 4432 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:16:54.0514 4432 TsUsbFlt - ok
22:16:54.0561 4432 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:16:54.0651 4432 tunnel - ok
22:16:54.0794 4432 [ 06BCCB3BF0D06ADCCC4EBC8EF682DD59 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
22:16:54.0889 4432 TVersityMediaServer - ok
22:16:54.0923 4432 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:16:54.0957 4432 uagp35 - ok
22:16:55.0001 4432 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:16:55.0110 4432 udfs - ok
22:16:55.0168 4432 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:16:55.0206 4432 UI0Detect - ok
22:16:55.0253 4432 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:16:55.0288 4432 uliagpkx - ok
22:16:55.0336 4432 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:16:55.0388 4432 umbus - ok
22:16:55.0409 4432 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:16:55.0454 4432 UmPass - ok
22:16:55.0589 4432 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:16:55.0633 4432 UMVPFSrv - ok
22:16:55.0662 4432 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:16:55.0768 4432 upnphost - ok
22:16:55.0793 4432 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:16:55.0835 4432 usbaudio - ok
22:16:55.0880 4432 [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
22:16:55.0940 4432 usbbus - ok
22:16:55.0979 4432 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:56.0044 4432 usbccgp - ok
22:16:56.0090 4432 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:16:56.0131 4432 usbcir - ok
22:16:56.0158 4432 [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
22:16:56.0184 4432 UsbDiag - ok
22:16:56.0221 4432 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:16:56.0264 4432 usbehci - ok
22:16:56.0303 4432 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:16:56.0354 4432 usbhub - ok
22:16:56.0390 4432 [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
22:16:56.0417 4432 USBModem - ok
22:16:56.0453 4432 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:16:56.0500 4432 usbohci - ok
22:16:56.0553 4432 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:16:56.0607 4432 usbprint - ok
22:16:56.0658 4432 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:16:56.0698 4432 usbscan - ok
22:16:56.0728 4432 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:56.0792 4432 USBSTOR - ok
22:16:56.0832 4432 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:16:56.0876 4432 usbuhci - ok
22:16:56.0919 4432 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:16:57.0045 4432 UxSms - ok
22:16:57.0055 4432 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:16:57.0087 4432 VaultSvc - ok
22:16:57.0139 4432 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:16:57.0171 4432 vdrvroot - ok
22:16:57.0220 4432 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:16:57.0329 4432 vds - ok
22:16:57.0379 4432 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:57.0418 4432 vga - ok
22:16:57.0447 4432 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:16:57.0554 4432 VgaSave - ok
22:16:57.0586 4432 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:16:57.0626 4432 vhdmp - ok
22:16:57.0646 4432 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:16:57.0688 4432 viaide - ok
22:16:57.0713 4432 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:16:57.0747 4432 volmgr - ok
22:16:57.0790 4432 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:16:57.0836 4432 volmgrx - ok
22:16:57.0859 4432 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:16:57.0901 4432 volsnap - ok
22:16:57.0935 4432 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:16:57.0973 4432 vsmraid - ok
22:16:58.0041 4432 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:16:58.0213 4432 VSS - ok
22:16:58.0255 4432 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:16:58.0319 4432 vwifibus - ok
22:16:58.0357 4432 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:16:58.0469 4432 W32Time - ok
22:16:58.0515 4432 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:16:58.0567 4432 WacomPen - ok
22:16:58.0624 4432 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:16:58.0727 4432 WANARP - ok
22:16:58.0735 4432 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:16:58.0824 4432 Wanarpv6 - ok
22:16:58.0894 4432 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:16:59.0000 4432 wbengine - ok
22:16:59.0022 4432 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:16:59.0073 4432 WbioSrvc - ok
22:16:59.0116 4432 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:16:59.0194 4432 wcncsvc - ok
22:16:59.0220 4432 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:59.0269 4432 WcsPlugInService - ok
22:16:59.0307 4432 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:16:59.0339 4432 Wd - ok
22:16:59.0371 4432 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:16:59.0436 4432 Wdf01000 - ok
22:16:59.0453 4432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:16:59.0553 4432 WdiServiceHost - ok
22:16:59.0561 4432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:16:59.0610 4432 WdiSystemHost - ok
22:16:59.0678 4432 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:16:59.0754 4432 WebClient - ok
22:16:59.0780 4432 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:16:59.0895 4432 Wecsvc - ok
22:16:59.0921 4432 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:17:00.0029 4432 wercplsupport - ok
22:17:00.0057 4432 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:17:00.0156 4432 WerSvc - ok
22:17:00.0219 4432 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:17:00.0310 4432 WfpLwf - ok
22:17:00.0330 4432 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:17:00.0381 4432 WIMMount - ok
22:17:00.0400 4432 WinDefend - ok
22:17:00.0412 4432 WinHttpAutoProxySvc - ok
22:17:00.0482 4432 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:17:00.0601 4432 Winmgmt - ok
22:17:00.0688 4432 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:17:00.0852 4432 WinRM - ok
22:17:00.0940 4432 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:17:00.0994 4432 WinUsb - ok
22:17:01.0045 4432 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:17:01.0135 4432 Wlansvc - ok
22:17:01.0192 4432 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:17:01.0226 4432 WmiAcpi - ok
22:17:01.0269 4432 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:17:01.0325 4432 wmiApSrv - ok
22:17:01.0341 4432 WMPNetworkSvc - ok
22:17:01.0361 4432 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:17:01.0407 4432 WPCSvc - ok
22:17:01.0448 4432 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:17:01.0491 4432 WPDBusEnum - ok
22:17:01.0532 4432 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:17:01.0632 4432 ws2ifsl - ok
22:17:01.0653 4432 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:17:01.0695 4432 wscsvc - ok
22:17:01.0699 4432 WSearch - ok
22:17:01.0765 4432 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:17:01.0878 4432 wuauserv - ok
22:17:01.0901 4432 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:17:01.0992 4432 WudfPf - ok
22:17:02.0043 4432 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:17:02.0156 4432 WUDFRd - ok
22:17:02.0199 4432 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:17:02.0292 4432 wudfsvc - ok
22:17:02.0331 4432 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:17:02.0383 4432 WwanSvc - ok
22:17:02.0399 4432 ================ Scan global ===============================
22:17:02.0430 4432 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:17:02.0467 4432 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:17:02.0492 4432 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:17:02.0544 4432 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:17:02.0588 4432 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:17:02.0599 4432 [Global] - ok
22:17:02.0600 4432 ================ Scan MBR ==================================
22:17:02.0641 4432 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:17:02.0950 4432 \Device\Harddisk0\DR0 - ok
22:17:02.0951 4432 ================ Scan VBR ==================================
22:17:02.0957 4432 [ FBCFDAA4D777DA9BCB39FFEC733F02B3 ] \Device\Harddisk0\DR0\Partition1
22:17:02.0960 4432 \Device\Harddisk0\DR0\Partition1 - ok
22:17:02.0962 4432 ============================================================
22:17:02.0962 4432 Scan finished
22:17:02.0963 4432 ============================================================
22:17:02.0989 3732 Detected object count: 2
22:17:02.0989 3732 Actual detected object count: 2
22:20:24.0176 3732 acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:24.0176 3732 acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:24.0180 3732 Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:24.0180 3732 Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.07.2013, 21:26
| #8 |
| /// Malware-holic | Deal Finder auf amazon + stij.exe Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.07.2013, 21:40
| #9 |
| | Deal Finder auf amazon + stij.exe Hallo, was ist combofix? Hab bisher nur negatives darüber gelesen. Ist auf meinem PC noch ein Virus o.ä. oben? |
|
08.07.2013, 22:01
| #10 |
| /// Malware-holic | Deal Finder auf amazon + stij.exe wir nutzen Combofix täglich und es läuft auf 99,99 % aller pcs, bitte ausführen da uns die Tools immer nur Ausschnitte zeigen ist weitere Analyse nötig
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.07.2013, 22:07
| #11 |
| | Deal Finder auf amazon + stij.exe Wie lange dauert der scan c.a.? |
|
08.07.2013, 22:12
| #12 |
| /// Malware-holic | Deal Finder auf amazon + stij.exe ist immer unterschiedlich. 30 Min in etwa
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Deal Finder auf amazon + stij.exe |
| 64bit, amazon, deal finder, dealfinder, finder, gefunde, gestern, heute, kaspersky, laufe, laufen, morgen, namens, rojaner gefunden, suche, sucht, troja, trojaner, trojaner gefunden, win, win7, win7 64bit |
WARNUNG an die MITLESER: 
Linear-Darstellung
