| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.07.2013, 13:49
| #1 |
 |  Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hallo Leute! Ich habe irgendwie dieses Programm, Virus, was auch immer bekommen und würde es gerne loswerden! Ich hoffe jemand kann mir helfen. Ich bin ein ziemlicher Anfänger, was sowas angeht, also erschreckt nicht  Ich hab schon ein paar Treads gelesen und dachte:Hier kennen sich die Leute aber aus! Deshalb hab ich gedacht, ich stell meine Frage hier. Bitte helft mit  Danke schon mal im voraus! |
|
09.07.2013, 13:53
| #2 |
| /// Malware-holic   |  Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
09.07.2013, 14:53
| #3 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! OTL.txt:
__________________Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 49,28% Memory free 7,81 Gb Paging File | 5,32 Gb Available in Paging File | 68,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 653,44 Gb Total Space | 536,68 Gb Free Space | 82,13% Space Free | Partition Type: NTFS Drive D: | 25,47 Gb Total Space | 22,20 Gb Free Space | 87,16% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: ***-PC | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.09 14:57:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.07.01 14:39:42 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.07.01 14:38:45 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.07.01 14:38:45 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.06.28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2013.06.07 14:39:25 | 004,150,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.06.07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2013.05.23 11:09:59 | 002,827,728 | ---- | M] () -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe PRC - [2013.04.01 18:16:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.09.01 00:42:22 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2012.05.21 09:26:28 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.05.01 16:00:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.04.28 10:20:06 | 000,163,456 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2012.02.28 11:20:02 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.02.28 11:19:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.02.28 11:19:46 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2011.12.09 15:45:00 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE PRC - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.11.29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011.08.25 20:43:44 | 000,337,776 | ---- | M] ( ) -- C:\Program Files (x86)\LockKey\LockKey.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.01.28 23:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe ========== Modules (No Company Name) ========== MOD - [2013.06.07 00:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2013.05.23 11:09:59 | 002,827,728 | ---- | M] () -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe MOD - [2013.05.23 11:09:01 | 002,521,040 | ---- | M] () -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll MOD - [2013.05.16 01:16:27 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013.05.16 01:16:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll MOD - [2013.05.16 01:16:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013.05.07 03:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2013.02.05 19:17:17 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll MOD - [2013.02.05 19:17:17 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll MOD - [2013.02.05 17:29:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.02.05 17:29:02 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.02.05 17:28:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.02.05 17:28:29 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.02.05 17:28:08 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012.09.01 00:42:21 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2012.08.10 16:50:56 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll MOD - [2012.05.01 16:00:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.12.17 10:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV - [2013.07.01 14:39:42 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.07.01 14:38:45 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2013.06.27 23:46:34 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service) SRV - [2013.06.07 14:39:25 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.05.23 11:09:59 | 002,827,728 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert) SRV - [2013.04.01 18:16:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013.02.28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.07 06:03:02 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.05.01 16:00:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.04.28 10:20:06 | 000,163,456 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2012.04.28 09:57:54 | 000,119,424 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2012.03.26 14:41:18 | 000,572,976 | ---- | M] (Lenovo (Beijing) Limited) [Auto | Running] -- C:\Programme\Lenovo\Instant Reset\DamageGuardSvc.exe -- (DamageGuardSvc) SRV - [2012.02.28 11:20:02 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.02.28 11:19:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.02.28 11:19:46 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.05.12 17:56:23 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013.05.12 17:47:27 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2013.03.30 21:22:54 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AVIPBB.sys -- (avipbb) DRV:64bit: - [2013.03.30 21:22:54 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.03.30 21:22:54 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AVKMGR.sys -- (avkmgr) DRV:64bit: - [2013.02.17 17:53:06 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2013.02.17 17:53:06 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2012.09.01 09:47:24 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.09.01 00:45:12 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon) DRV:64bit: - [2012.09.01 00:45:12 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv) DRV:64bit: - [2012.09.01 00:44:30 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2012.09.01 00:44:30 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2012.06.22 12:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner) DRV:64bit: - [2012.06.07 05:49:08 | 014,760,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.05.31 17:06:50 | 002,811,904 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2012.05.21 09:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.05.21 09:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.05.21 09:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.05.01 16:00:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012.04.28 10:09:24 | 000,550,528 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.04.28 10:08:30 | 000,281,472 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2012.04.28 10:08:12 | 000,068,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2012.04.28 10:07:36 | 000,168,064 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2012.04.28 10:07:18 | 000,036,480 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2012.04.28 10:07:00 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.04.28 10:06:42 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2012.04.28 10:06:18 | 000,341,120 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2012.03.02 12:49:18 | 000,104,048 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2012.02.10 17:36:26 | 000,217,392 | ---- | M] (Lenovo) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DamageGuardX64.sys -- (DamageGuard) DRV:64bit: - [2012.02.06 10:31:00 | 000,958,800 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs) DRV:64bit: - [2012.01.31 07:17:44 | 001,601,152 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2012.01.16 00:21:04 | 000,208,168 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2011.12.13 11:04:52 | 000,023,648 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dgfltrX64.sys -- (dgFltr) DRV:64bit: - [2011.12.06 13:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.11.29 13:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.11.15 12:24:20 | 000,313,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:64bit: - [2011.11.09 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.10.10 09:56:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.10.10 09:56:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.28 23:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009.07.21 14:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2011.03.02 18:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=602874E543D879A4&affID=119357&tsp=4937 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=602874E543D879A4&affID=119357&tsp=4937 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=602874E543D879A4&affID=119357&tsp=4937 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.07.08 20:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=602874E543D879A4&affID=119357&tsp=4937 CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.17_0\crossrider CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.17_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Plus-HD-2.3) - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\athbttray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\btvstack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( ) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Del20946238] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [Del20946238] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68065F07-AAC9-4AD6-BD2C-C43F7E57A200}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\progra~3\browserdefender\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll () O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.07.09 13:43:26 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sh4native Sh4Removal) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.07.09 15:00:25 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\system32 [2013.07.09 14:58:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.07.09 13:58:33 | 000,000,000 | ---D | C] -- C:\Windows\System\system32 [2013.07.09 13:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013.07.09 13:57:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter [2013.07.09 13:57:34 | 000,000,000 | ---D | C] -- C:\sh4ldr [2013.07.09 13:44:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\system32 [2013.07.08 20:20:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\CrashRpt [2013.07.08 20:18:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013.07.08 20:18:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013.07.08 20:18:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [2013.07.08 20:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.07.08 20:18:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.07.08 20:17:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps [2013.07.08 20:17:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Allmyapps [2013.07.08 20:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.3 [2013.07.08 20:17:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\DealPlyLive [2013.07.08 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DealPlyLive [2013.07.08 20:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPlyLive [2013.07.08 20:17:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Dealply [2013.07.08 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly [2013.07.08 20:16:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Babylon [2013.07.08 20:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013.07.08 18:13:49 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Filme [2013.07.05 23:41:20 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Klei [2013.07.05 19:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Don't Starve [2013.07.05 19:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DontStarve [2013.07.03 14:39:26 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2013.07.03 14:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.07.03 14:39:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.07.02 16:40:42 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\To-Do-List [2013.07.01 17:18:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft [2013.06.24 18:56:29 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Square Enix [2013.06.19 20:27:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Logs [2013.06.12 20:15:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TeamViewer [2013.06.12 20:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2013.06.10 19:12:54 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Server# [2013.06.10 18:52:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LogMeIn Hamachi [2013.06.10 18:52:17 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys [2013.06.09 22:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E8523F19-3D22-49A6-8B0D-DFAF1D85DC18} [2013.06.09 22:44:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{0FCEC850-3894-4C2A-9E0E-B27B916AE2AA} [2013.06.09 22:28:54 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Youcam [2013.06.09 22:28:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\CyberLink [2013.06.09 22:28:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\CyberLink [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.09 14:57:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Klemens\Desktop\OTL.exe [2013.07.09 14:49:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.09 14:22:01 | 000,001,910 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job [2013.07.09 14:17:03 | 000,001,198 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-updater.job [2013.07.09 14:17:01 | 000,001,202 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-codedownloader.job [2013.07.09 14:17:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-enabler.job [2013.07.09 14:17:01 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\Dealply.job [2013.07.09 13:43:26 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2013.07.09 13:39:38 | 000,000,089 | ---- | M] () -- C:\spyhunter.fix [2013.07.09 13:15:19 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.09 13:15:19 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.09 13:15:19 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.09 13:15:19 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.09 13:15:19 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.09 13:13:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.08 22:15:04 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job [2013.07.08 14:30:57 | 000,621,867 | ---- | M] () -- C:\Windows\SysNative\fastboot.set [2013.07.08 14:30:28 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.08 14:28:09 | 3144,433,664 | -HS- | M] () -- C:\hiberfil.sys [2013.07.01 14:40:02 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.06.12 20:46:38 | 000,008,062 | ---- | M] () -- C:\Users\***\Documents\gmx kundennummer.odt [2013.06.12 20:14:46 | 000,000,191 | ---- | M] () -- C:\Windows\wininit.ini [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.09 13:57:37 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys [2013.07.09 13:43:26 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2013.07.09 13:39:38 | 000,285,747 | ---- | C] () -- C:\shldr [2013.07.09 13:39:38 | 000,014,680 | ---- | C] () -- C:\Windows\SysNative\sh4native.exe [2013.07.09 13:39:38 | 000,000,089 | ---- | C] () -- C:\spyhunter.fix [2013.07.08 20:17:49 | 000,001,198 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-updater.job [2013.07.08 20:17:46 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-enabler.job [2013.07.08 20:17:45 | 000,001,202 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-codedownloader.job [2013.07.08 20:17:29 | 000,001,910 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job [2013.07.08 20:17:05 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\Dealply.job [2013.06.12 20:29:50 | 000,008,062 | ---- | C] () -- C:\Users\***\Documents\gmx kundennummer.odt [2013.06.12 20:14:38 | 000,001,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.03.31 21:50:50 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.03.31 21:50:45 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.03.20 15:29:37 | 000,000,191 | ---- | C] () -- C:\Windows\wininit.ini [2013.02.13 16:08:18 | 000,263,186 | ---- | C] () -- C:\Program Files (x86)\Minecraft.exe [2013.02.01 16:08:17 | 000,000,658 | ---- | C] () -- C:\Users\***\Klemens - Verknüpfung.lnk [2013.01.31 20:07:31 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat [2012.09.01 00:42:31 | 002,086,240 | ---- | C] () -- C:\Windows\SysWow64\LenovoVeriface.Interface.dll [2012.09.01 00:42:31 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll [2012.09.01 00:42:31 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll [2012.09.01 00:42:31 | 000,472,416 | ---- | C] () -- C:\Windows\SysWow64\Lenovo.VerifaceStub.dll [2012.09.01 00:42:19 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll [2012.09.01 00:28:42 | 000,001,779 | ---- | C] () -- C:\Windows\vm332Rmv.ini [2012.09.01 00:28:42 | 000,001,779 | ---- | C] () -- C:\Windows\SysWow64\vm332Rmv.ini [2012.07.11 03:13:17 | 000,755,572 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012.07.11 03:13:15 | 000,559,972 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012.07.11 03:13:12 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.07.11 03:13:11 | 013,026,816 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.31 20:08:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech [2013.07.07 21:04:00 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\.minecraft [2013.07.08 20:21:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Allmyapps [2013.07.08 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Babylon [2013.05.21 00:04:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools [2013.05.12 22:11:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite [2013.07.08 20:17:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dealply [2013.02.01 15:32:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lenovo [2013.05.23 10:56:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2013.01.31 20:26:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LSC [2013.05.12 17:56:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy [2013.04.13 09:46:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2013.03.20 15:59:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin [2013.07.08 14:38:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify [2013.06.12 20:35:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2013.04.12 14:33:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2013.05.15 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2013.01.31 20:08:03 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.02.24 19:03:40 | 000,000,000 | -HSD | M] -- C:\Boot [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2013.01.31 20:06:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.09.01 00:08:44 | 000,000,000 | ---D | M] -- C:\Intel [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2013.07.09 13:58:33 | 000,000,000 | R--D | M] -- C:\Program Files [2013.05.12 17:56:23 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2013.01.31 21:08:01 | 000,000,000 | -H-D | M] -- C:\ProgramData [2013.01.31 20:06:28 | 000,000,000 | -HSD | M] -- C:\Programme [2013.01.31 20:06:29 | 000,000,000 | -HSD | M] -- C:\Recovery [2013.01.31 20:07:42 | 000,000,000 | -H-D | M] -- C:\SWTOOLS [2013.01.31 20:10:08 | 000,000,000 | -HSD | M] -- C:\SysPart [2012.08.31 23:58:54 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.09.01 00:38:51 | 000,000,000 | -HSD | M] -- C:\UserGuidePDF [2013.01.31 20:06:40 | 000,000,000 | ---D | M] -- C:\Users [2013.02.05 17:20:08 | 000,000,000 | ---D | M] -- C:\Windows [2013.03.28 21:36:09 | 000,000,000 | ---D | M] -- C:\ldiag [2013.05.22 23:41:24 | 000,000,000 | ---D | M] -- C:\Riot Games [2013.07.09 13:57:43 | 000,000,000 | ---D | M] -- C:\sh4ldr < %PROGRAMFILES%\*.exe > [2013.02.13 16:08:21 | 000,263,186 | ---- | M] () -- C:\Program Files (x86)\Minecraft.exe < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [1601.01.02 06:16:30 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,006,420 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.09.01 00:42:51 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.09.01 00:42:51 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2013.03.18 18:33:12 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job [2013.07.08 20:17:05 | 000,000,298 | ---- | C] () -- C:\Windows\Tasks\Dealply.job [2013.07.08 20:17:29 | 000,001,910 | ---- | C] () -- C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job [2013.07.08 20:17:45 | 000,001,202 | ---- | C] () -- C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job [2013.07.08 20:17:46 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\Plus-HD-2.3-enabler.job [2013.07.08 20:17:49 | 000,001,198 | ---- | C] () -- C:\Windows\Tasks\Plus-HD-2.3-updater.job < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTOR.SYS > [2011.11.29 13:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys [2011.11.29 13:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys [2011.11.29 13:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_b6f2349de4a55e89\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2013.01.31 20:09:36 | 000,786,432 | -HS- | M] () -- C:\Users\***\NTUSER.DAT [2013.01.31 20:09:36 | 000,262,144 | -HS- | M] () -- C:\Users\***\ntuser.dat.LOG1 [2013.01.31 20:06:41 | 000,000,000 | -HS- | M] () -- C:\Users\***\ntuser.dat.LOG2 [2013.01.31 20:09:36 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2013.01.31 20:09:36 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2013.01.31 20:09:36 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2013.01.31 20:06:41 | 000,000,020 | -HS- | M] () -- C:\Users\***\ntuser.ini [2013.02.01 16:08:17 | 000,000,658 | ---- | M] () -- C:\Users\***\***- Verknüpfung.lnk < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Extras.txt: OTL Extras logfile created on: 09.07.2013 14:59:28 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 49,28% Memory free 7,81 Gb Paging File | 5,32 Gb Available in Paging File | 68,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 653,44 Gb Total Space | 536,68 Gb Free Space | 82,13% Space Free | Partition Type: NTFS Drive D: | 25,47 Gb Total Space | 22,20 Gb Free Space | 87,16% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: ***-PC | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1FB884A2-185C-47F2-8126-BFBD5460DFFA}" = rport=445 | protocol=6 | dir=out | app=system | "{2C595EE9-6CC8-4D3D-9958-C4F6EC1B4B7C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2CDEA62E-D091-4C85-A795-7806BDC610E4}" = rport=138 | protocol=17 | dir=out | app=system | "{2DFB9605-6C52-448E-B6C7-25D06D56E2FB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{34B75A67-64D7-48B8-A33D-0843BC9B70FA}" = lport=137 | protocol=17 | dir=in | app=system | "{40DCB18A-8053-4901-849C-682460F13914}" = lport=139 | protocol=6 | dir=in | app=system | "{46E27A8A-8691-4EA5-AA4B-5946AEFFF662}" = rport=137 | protocol=17 | dir=out | app=system | "{5D8E0182-5DC9-42D6-AF26-0C6DDB66B98B}" = rport=139 | protocol=6 | dir=out | app=system | "{5F34FF34-92DA-4B51-B943-C7921F53C390}" = lport=138 | protocol=17 | dir=in | app=system | "{980B614B-B10D-43C9-ADDE-63BED9EE438C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{A9E249D3-0A4C-4137-8E05-53FD7880FC31}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AEA1F979-AA72-4A1A-9ECA-2021991F85C2}" = lport=445 | protocol=6 | dir=in | app=system | "{BE7ED03A-067A-4802-874B-2E427216AC4E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{FF0C41AA-FEC9-4E7C-BBC2-9C1E8F2B6F2D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{028F74E0-03A9-436B-923D-84C0A9CC7862}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{0516C9DF-2937-4CE1-B370-C21774841BEC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0A5BCC36-EA5C-47A8-905D-16AFF31DE0B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{0BC89A8D-5EF8-436E-B91D-6ADFF6E1D2E6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{0FC77CA8-E011-4268-BF2F-B21F9CB9D73B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{11F62537-5B28-4892-86BD-ADDB5FB5C6D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashersdemo\castle.exe | "{14ED1350-719E-4256-900B-AAE3BA9A82BA}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{2640D129-2D17-46A5-BA22-74E73D94AE49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{26FFC1AA-9979-49E4-A397-F086F00D2FA9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | "{2C04C12F-EAB1-44B3-8A1D-6E20056F6FEA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | "{2DF66577-00BC-4CC1-90EB-B76FC733A790}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2F256819-4EA9-4EFB-9602-C4D79873923E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{3A74A9E6-413C-4954-B647-4815D20DACCD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{3BDAC13A-E6D4-4D15-806D-CB5623AE9F60}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{45D53DA9-27CF-4606-8896-5C314BD97633}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{4C83CCAE-8AA9-4287-B4DF-3B3971BBB6C3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{532CB117-BAE0-4108-96F0-61DF10500DD8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{55271E50-FF05-4809-A088-1B7990F497D6}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{5B2A5EA7-9579-48FE-97DD-13ABA78A3457}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{5CC46B0A-EA0D-46DF-8233-80B201DE0D3C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{63DEED13-65A0-483D-8DDC-55090513AC1E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6499FCB6-6D5F-4A6A-A4E3-595063F5CC3B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "{6BDA62CC-8DAD-4CE4-BC88-A25E5CB22FA4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | "{70CF607C-3A4D-413D-9D8C-4981118DDB98}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{76B4E21A-29EF-4495-B12B-F0848767E7F3}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{7965DE3D-EFD7-4397-B810-07F8DC19FF27}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{7C8D5D90-5DAD-44D9-B571-D6F8C2F6EAF5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{7FD587C1-43F2-4021-BC92-9ADBA5DFDE9F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashersdemo\castle.exe | "{82E75D9B-8154-46AB-AF8E-A4523C74EF3E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{87633564-2CAA-4E21-9065-77A693CD613D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{8794B0D1-1C4D-4E9E-A8F1-24AB9C15F707}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{89357E8E-0A0B-49F8-8EB4-7E7C0DB57AC6}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | "{94340F0F-79BD-40B2-B6A6-672CB6BD0E52}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{9598E40B-BEFE-4A82-A6B3-E7AF7E30ECA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | "{9C4EC72E-06D6-4E6C-ADC6-980A211E29A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{9EE1DE5F-A833-4936-B197-E819AFAB652D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{A1AA77EC-11C7-4CBE-BB8B-835F40AEB8BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe | "{A39EC5CE-C8FC-4AF0-92B1-3B7C09E0B5C0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{A8928539-D994-4791-AA56-D9ABAD075BBF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "{B44BB02A-DEC8-42FB-896A-14CDBAC9B624}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{B90CA592-C212-4C7C-9E68-7FFD49048E02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BA557991-4993-4F3A-B76B-724EA99BB447}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe | "{BA9BC163-3F0D-460D-AB2B-7D2688CF8093}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{CB43DBB5-F932-4229-9D86-599D54459621}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | "{CBA5B493-C11C-42C1-9665-E0CE28803A4F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{CEF42E40-802B-4723-8198-340D0131971D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | "{CEF8D6F1-B998-4884-BA05-1C90679DB55C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{CFB2C70D-86B3-4198-8AA9-48FAAC0A8130}" = dir=in | app=c:\users\klemens\appdata\roaming\allmyapps\allmyapps.exe | "{D60588AE-9FA7-4675-8FE4-515601D00D5A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{D9552644-FD56-45EB-B2FD-04016A6159D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DBCE7ED7-2F42-497E-8615-9A97DEF7DF54}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{E2C3B403-A4A2-4C2E-B5F9-A2CA2A63623E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe | "{E3BB7571-FC48-4EA0-8ED1-B1C6E83A2D65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E5681FE3-1C26-42EE-A4CE-BDAFF2995CE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E846DE17-1987-4DBE-9755-D4F5EC1BF84E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{ECB55413-1B73-4E34-8D5D-0270AE914755}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | "{ECBA93AA-C922-4B6E-A2E5-BC423E4BB366}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe | "{ECFB61FD-276A-49A4-8DDE-5E96BCE91D69}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{F0F064E3-DD56-495A-A4BE-1CD5C0FB3891}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F45D5D80-10B7-4AF5-954F-2B9F3007EC8F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "TCP Query User{37EF3642-4898-47B1-9841-462D35343703}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{9DB15688-9082-41BC-9E7C-2D8FFB13DA83}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | "TCP Query User{B8A6D2CC-2792-4A70-9747-BDF3473C02EC}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | "UDP Query User{2855328A-3BD8-443F-805C-227ED77A3825}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{98B6AB84-191E-4A51-BF26-5627A95EE70D}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | "UDP Query User{9D1D143E-3198-45CD-8E15-4D0D9806ACF0}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64) "{4041B18B-DE30-4D78-9D60-6ADC586C5E00}" = Lenovo Solution Center "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}" = SpyHunter "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) "CNXT_AUDIO_HDA" = Conexant HD Audio "Elantech" = Lenovo pointing device "Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros WLAN Client Installation Program "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera "{AF192694-4B15-4AC1-92F3-1B02E98C08BD}" = LockKey "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070 "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™ "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "Adobe AIR" = Adobe AIR "Avira AntiVir Desktop" = Avira Free Antivirus "Battlelog Web Plugins" = Battlelog Web Plugins "DAEMON Tools Lite" = DAEMON Tools Lite "DontStarve" = Don't Starve "ESN Sonar-0.70.4" = ESN Sonar "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}" = LockKey "InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide "Intel AppUp(SM) center 38645" = Intel AppUp(SM) center "LogMeIn Hamachi" = LogMeIn Hamachi "Origin" = Origin "Plus-HD-2.3" = Plus-HD-2.3 "PunkBusterSvc" = PunkBuster Services "StarCraft II" = StarCraft II "Steam App 207100" = Castle Crashers Demo "Steam App 35110" = Just Cause 2 Demo "Steam App 39160" = Dungeon Siege III "SugarSync" = SugarSync Manager "TeamViewer 8" = TeamViewer 8 "VeriFace" = VeriFace "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SOE-C:/Users/***/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater "SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG" = gamelauncher-ps2-psg "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 07.07.2013 13:00:23 | Computer Name = Klemens-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . Error - 07.07.2013 13:00:24 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . Error - 07.07.2013 13:00:43 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . Error - 07.07.2013 13:00:44 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . Error - 07.07.2013 13:00:46 | Computer Name = ***-PC | Source = Windows Backup | ID = 4104 Description = Error - 07.07.2013 13:00:45 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . Error - 08.07.2013 08:30:00 | Computer Name = ***-PC | Source = WinMgmt | ID = 10 Description = Error - 08.07.2013 14:17:18 | Computer Name = ***-PC | Source = MsiInstaller | ID = 11316 Description = Error - 09.07.2013 07:44:47 | Computer Name = ***-PC | Source = Application Hang | ID = 1002 Description = Programm dontstarve.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1858 Startzeit: 01ce7c99ab0b2e47 Endzeit: 214 Anwendungspfad: C:\Program Files (x86)\DontStarve\bin\dontstarve.exe Berichts-ID: efb744cc-e88c-11e2-b842-74e543d879a4 Error - 09.07.2013 09:01:10 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: TraverseDir : Unable to push subdirectory. System Error: Unbekannter Fehler . [ System Events ] Error - 22.06.2013 04:40:00 | Computer Name = ***-PC | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.8 registriert werden. Der Computer mit IP-Adresse 192.168.0.9 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 22.06.2013 05:55:50 | Computer Name = ***-PC | Source = sptd | ID = 262148 Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt. Error - 22.06.2013 05:58:20 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sptd Error - 22.06.2013 07:46:26 | Computer Name = ***-PC | Source = bowser | ID = 8003 Description = Error - 22.06.2013 08:18:38 | Computer Name = ***-PC | Source = BROWSER | ID = 8032 Description = Error - 22.06.2013 19:19:50 | Computer Name = ****-PC | Source = DCOM | ID = 10010 Description = Error - 22.06.2013 19:20:28 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte Systeme Error - 23.06.2013 06:02:56 | Computer Name = ****-PC | Source = sptd | ID = 262148 Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt. Error - 23.06.2013 06:03:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sptd Error - 23.06.2013 06:08:05 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte Systeme Und ihr könnt damit was anfangen? Ich blick nich mal 1/10 .... Ich hab statt meinem RL-Namen *** eingegeben. Ist das richtig? Geändert von Noob:( (09.07.2013 um 15:43 Uhr) |
|
09.07.2013, 17:07
| #4 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2013, 17:56
| #5 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! 18:51:32.0478 4620 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 18:51:32.0790 4620 ============================================================ 18:51:32.0790 4620 Current date / time: 2013/07/09 18:51:32.0790 18:51:32.0790 4620 SystemInfo: 18:51:32.0790 4620 18:51:32.0790 4620 OS Version: 6.1.7601 ServicePack: 1.0 18:51:32.0790 4620 Product type: Workstation 18:51:32.0790 4620 ComputerName: ***-PC 18:51:32.0790 4620 UserName: *** 18:51:32.0790 4620 Windows directory: C:\Windows 18:51:32.0790 4620 System windows directory: C:\Windows 18:51:32.0790 4620 Running under WOW64 18:51:32.0790 4620 Processor architecture: Intel x64 18:51:32.0790 4620 Number of processors: 8 18:51:32.0790 4620 Page size: 0x1000 18:51:32.0790 4620 Boot type: Normal boot 18:51:32.0790 4620 ============================================================ 18:51:33.0040 4620 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:51:33.0040 4620 ============================================================ 18:51:33.0040 4620 \Device\Harddisk0\DR0: 18:51:33.0040 4620 MBR partitions: 18:51:33.0040 4620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000 18:51:33.0040 4620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51AE1000 18:51:33.0040 4620 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x51B45800, BlocksNum 0x32F0000 18:51:33.0040 4620 ============================================================ 18:51:33.0086 4620 C: <-> \Device\Harddisk0\DR0\Partition2 18:51:33.0133 4620 D: <-> \Device\Harddisk0\DR0\Partition3 18:51:33.0133 4620 ============================================================ 18:51:33.0133 4620 Initialize success 18:51:33.0133 4620 ============================================================ 18:51:37.0064 6988 ============================================================ 18:51:37.0064 6988 Scan started 18:51:37.0064 6988 Mode: Manual; SigCheck; TDLFS; 18:51:37.0064 6988 ============================================================ 18:51:37.0283 6988 ================ Scan system memory ======================== 18:51:37.0283 6988 System memory - ok 18:51:37.0283 6988 ================ Scan services ============================= 18:51:37.0829 6988 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:51:37.0922 6988 1394ohci - ok 18:51:37.0969 6988 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:51:38.0000 6988 ACPI - ok 18:51:38.0032 6988 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:51:38.0047 6988 AcpiPmi - ok 18:51:38.0141 6988 [ 5E813B11629007309E4FC0F0FD2B7C30 ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys 18:51:38.0172 6988 ACPIVPC - ok 18:51:38.0297 6988 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:51:38.0328 6988 AdobeARMservice - ok 18:51:38.0422 6988 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:51:38.0453 6988 adp94xx - ok 18:51:38.0500 6988 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:51:38.0531 6988 adpahci - ok 18:51:38.0546 6988 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:51:38.0562 6988 adpu320 - ok 18:51:38.0593 6988 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:51:38.0640 6988 AeLookupSvc - ok 18:51:38.0734 6988 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:51:38.0780 6988 AFD - ok 18:51:38.0843 6988 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:51:38.0874 6988 agp440 - ok 18:51:38.0983 6988 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:51:39.0014 6988 ALG - ok 18:51:39.0061 6988 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:51:39.0077 6988 aliide - ok 18:51:39.0092 6988 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:51:39.0108 6988 amdide - ok 18:51:39.0155 6988 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:51:39.0170 6988 AmdK8 - ok 18:51:39.0186 6988 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 18:51:39.0202 6988 AmdPPM - ok 18:51:39.0233 6988 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:51:39.0248 6988 amdsata - ok 18:51:39.0248 6988 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 18:51:39.0264 6988 amdsbs - ok 18:51:39.0280 6988 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:51:39.0295 6988 amdxata - ok 18:51:39.0311 6988 AntiVirSchedulerService - ok 18:51:39.0311 6988 AntiVirService - ok 18:51:39.0358 6988 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:51:39.0389 6988 AppID - ok 18:51:39.0420 6988 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:51:39.0451 6988 AppIDSvc - ok 18:51:39.0498 6988 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 18:51:39.0529 6988 Appinfo - ok 18:51:39.0529 6988 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 18:51:39.0545 6988 arc - ok 18:51:39.0560 6988 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:51:39.0576 6988 arcsas - ok 18:51:39.0607 6988 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:51:39.0670 6988 AsyncMac - ok 18:51:39.0732 6988 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:51:39.0763 6988 atapi - ok 18:51:39.0841 6988 [ 78B183A794A08978EA0A8D017054352B ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys 18:51:39.0872 6988 AthBTPort - ok 18:51:40.0028 6988 [ 42EF52D591A53CBE43D82C6C96F50A59 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe 18:51:40.0060 6988 AtherosSvc - ok 18:51:40.0169 6988 [ FA196131665C0517EF5516EE64C2CB4D ] athr C:\Windows\system32\DRIVERS\athrx.sys 18:51:40.0200 6988 athr - ok 18:51:40.0231 6988 atksgt - ok 18:51:40.0340 6988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:51:40.0372 6988 AudioEndpointBuilder - ok 18:51:40.0387 6988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:51:40.0418 6988 AudioSrv - ok 18:51:40.0496 6988 avgntflt - ok 18:51:40.0528 6988 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:51:40.0528 6988 Suspicious file (Forged): C:\Windows\system32\DRIVERS\avipbb.sys. Real md5: F74D86A9FB35FA5F24627B8DBBF3A9A4, Fake md5: 488486DAD09A5B6C6DBB8B990A8B2307 18:51:40.0528 6988 avipbb ( ForgedFile.Multi.Generic ) - warning 18:51:40.0528 6988 avipbb - detected ForgedFile.Multi.Generic (1) 18:51:40.0559 6988 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:51:40.0559 6988 Suspicious file (Forged): C:\Windows\system32\DRIVERS\avkmgr.sys. Real md5: CD0E732347BF09717E0BDDC0C66699AB, Fake md5: 490FA25161BF3E51993EB724ECF0ACEB 18:51:40.0559 6988 avkmgr ( ForgedFile.Multi.Generic ) - warning 18:51:40.0559 6988 avkmgr - detected ForgedFile.Multi.Generic (1) 18:51:40.0606 6988 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:51:40.0652 6988 AxInstSV - ok 18:51:40.0746 6988 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 18:51:40.0777 6988 b06bdrv - ok 18:51:40.0808 6988 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:51:40.0824 6988 b57nd60a - ok 18:51:40.0918 6988 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:51:40.0949 6988 BDESVC - ok 18:51:40.0980 6988 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:51:41.0042 6988 Beep - ok 18:51:41.0089 6988 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:51:41.0136 6988 BFE - ok 18:51:41.0183 6988 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 18:51:41.0214 6988 BITS - ok 18:51:41.0245 6988 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:51:41.0261 6988 blbdrive - ok 18:51:41.0292 6988 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:51:41.0308 6988 bowser - ok 18:51:41.0354 6988 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys 18:51:41.0386 6988 BPntDrv - ok 18:51:41.0432 6988 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 18:51:41.0448 6988 BrFiltLo - ok 18:51:41.0448 6988 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 18:51:41.0479 6988 BrFiltUp - ok 18:51:41.0510 6988 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 18:51:41.0526 6988 Browser - ok 18:51:41.0573 6988 BrowserDefendert - ok 18:51:41.0651 6988 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:51:41.0698 6988 Brserid - ok 18:51:41.0713 6988 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:51:41.0729 6988 BrSerWdm - ok 18:51:41.0744 6988 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:51:41.0760 6988 BrUsbMdm - ok 18:51:41.0760 6988 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:51:41.0776 6988 BrUsbSer - ok 18:51:41.0807 6988 [ EDEBD26DF631A78483707C3F7429027F ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys 18:51:41.0822 6988 BTATH_A2DP - ok 18:51:41.0838 6988 [ 2F22177BFEA75326DC0C535D71985A4E ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys 18:51:41.0854 6988 btath_avdt - ok 18:51:41.0885 6988 [ D438A33D568C76C24E8D7394981F42DC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys 18:51:41.0916 6988 BTATH_BUS - ok 18:51:41.0947 6988 [ 6EFA8C93009E0BE0886C2422C7D20BC5 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys 18:51:41.0978 6988 BTATH_HCRP - ok 18:51:41.0994 6988 [ 168506D0F0C8DF588F8A7E25C58A2DE6 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys 18:51:41.0994 6988 BTATH_LWFLT - ok 18:51:42.0025 6988 [ 7C8FB1D73BD279DD914CCA6ED0F4F62B ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys 18:51:42.0041 6988 BTATH_RCP - ok 18:51:42.0088 6988 [ 58D67C18894F96E89C076150BB76AD40 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys 18:51:42.0119 6988 BtFilter - ok 18:51:42.0166 6988 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 18:51:42.0181 6988 BthEnum - ok 18:51:42.0212 6988 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:51:42.0228 6988 BTHMODEM - ok 18:51:42.0259 6988 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 18:51:42.0275 6988 BthPan - ok 18:51:42.0337 6988 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 18:51:42.0368 6988 BTHPORT - ok 18:51:42.0415 6988 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:51:42.0446 6988 bthserv - ok 18:51:42.0446 6988 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 18:51:42.0462 6988 BTHUSB - ok 18:51:42.0493 6988 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:51:42.0524 6988 cdfs - ok 18:51:42.0571 6988 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:51:42.0602 6988 cdrom - ok 18:51:42.0665 6988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:51:42.0712 6988 CertPropSvc - ok 18:51:42.0743 6988 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 18:51:42.0758 6988 circlass - ok 18:51:42.0790 6988 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:51:42.0805 6988 CLFS - ok 18:51:43.0133 6988 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:51:43.0148 6988 clr_optimization_v2.0.50727_32 - ok 18:51:43.0226 6988 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:51:43.0258 6988 clr_optimization_v2.0.50727_64 - ok 18:51:43.0429 6988 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:51:43.0460 6988 clr_optimization_v4.0.30319_32 - ok 18:51:43.0601 6988 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:51:43.0632 6988 clr_optimization_v4.0.30319_64 - ok 18:51:43.0679 6988 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 18:51:43.0694 6988 clwvd - ok 18:51:43.0757 6988 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:51:43.0788 6988 CmBatt - ok 18:51:43.0819 6988 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:51:43.0835 6988 cmdide - ok 18:51:43.0866 6988 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:51:43.0897 6988 CNG - ok 18:51:43.0991 6988 [ 9F6DE1995A188615CEEE908E750A34ED ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 18:51:44.0022 6988 CnxtHdAudService - ok 18:51:44.0069 6988 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 18:51:44.0100 6988 Compbatt - ok 18:51:44.0131 6988 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 18:51:44.0147 6988 CompositeBus - ok 18:51:44.0162 6988 COMSysApp - ok 18:51:44.0428 6988 [ C30FBFDB0A1B298C3D9A5EE1BBDFCB14 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 18:51:44.0459 6988 cphs - ok 18:51:44.0474 6988 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:51:44.0490 6988 crcdisk - ok 18:51:44.0537 6988 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:51:44.0568 6988 CryptSvc - ok 18:51:44.0630 6988 [ F160B26B26BA4AFE8CECC12ED5AC231E ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 18:51:44.0646 6988 CxAudMsg - ok 18:51:44.0693 6988 [ 56F4750B7F0CE969E43DE2A76DDA5A5F ] DamageGuard C:\Windows\system32\DRIVERS\DamageGuardX64.sys 18:51:44.0693 6988 DamageGuard - ok 18:51:44.0771 6988 [ 75974DA59BA3D2E3DCE9386493A31F54 ] DamageGuardSvc C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe 18:51:44.0802 6988 DamageGuardSvc - ok 18:51:44.0833 6988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:51:44.0864 6988 DcomLaunch - ok 18:51:44.0911 6988 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:51:44.0942 6988 defragsvc - ok 18:51:45.0005 6988 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:51:45.0052 6988 DfsC - ok 18:51:45.0083 6988 [ 5014042B07FE6CBE0E6C737AA3F1EBFC ] dgFltr C:\Windows\system32\drivers\dgFltrX64.sys 18:51:45.0083 6988 dgFltr - ok 18:51:45.0161 6988 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:51:45.0192 6988 Dhcp - ok 18:51:45.0223 6988 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:51:45.0254 6988 discache - ok 18:51:45.0286 6988 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 18:51:45.0301 6988 Disk - ok 18:51:45.0332 6988 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:51:45.0348 6988 Dnscache - ok 18:51:45.0379 6988 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:51:45.0410 6988 dot3svc - ok 18:51:45.0473 6988 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:51:45.0520 6988 DPS - ok 18:51:45.0551 6988 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:51:45.0566 6988 drmkaud - ok 18:51:45.0613 6988 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 18:51:45.0644 6988 dtsoftbus01 - ok 18:51:45.0707 6988 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:51:45.0738 6988 DXGKrnl - ok 18:51:45.0800 6988 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:51:45.0832 6988 EapHost - ok 18:51:45.0941 6988 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 18:51:46.0003 6988 ebdrv - ok 18:51:46.0019 6988 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:51:46.0034 6988 EFS - ok 18:51:46.0097 6988 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:51:46.0128 6988 ehRecvr - ok 18:51:46.0144 6988 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:51:46.0159 6988 ehSched - ok 18:51:46.0222 6988 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:51:46.0253 6988 elxstor - ok 18:51:46.0253 6988 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:51:46.0284 6988 ErrDev - ok 18:51:46.0331 6988 esgiguard - ok 18:51:46.0346 6988 EsgScanner - ok 18:51:46.0393 6988 [ 4B18C33EEDD15BD2AAF99807D36555B3 ] ETD C:\Windows\system32\DRIVERS\ETD.sys 18:51:46.0424 6988 ETD - ok 18:51:46.0456 6988 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:51:46.0487 6988 EventSystem - ok 18:51:46.0518 6988 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:51:46.0549 6988 exfat - ok 18:51:46.0565 6988 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:51:46.0596 6988 fastfat - ok 18:51:46.0643 6988 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:51:46.0674 6988 Fax - ok 18:51:46.0674 6988 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB ] fbfmon C:\Windows\system32\drivers\fbfmon.sys 18:51:46.0690 6988 fbfmon - ok 18:51:46.0690 6988 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 18:51:46.0705 6988 fdc - ok 18:51:46.0736 6988 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:51:46.0768 6988 fdPHost - ok 18:51:46.0783 6988 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:51:46.0814 6988 FDResPub - ok 18:51:46.0814 6988 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:51:46.0830 6988 FileInfo - ok 18:51:46.0846 6988 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:51:46.0877 6988 Filetrace - ok 18:51:46.0908 6988 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 18:51:46.0924 6988 flpydisk - ok 18:51:46.0939 6988 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:51:46.0955 6988 FltMgr - ok 18:51:47.0017 6988 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 18:51:47.0048 6988 FontCache - ok 18:51:47.0126 6988 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:51:47.0158 6988 FontCache3.0.0.0 - ok 18:51:47.0189 6988 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:51:47.0220 6988 FsDepends - ok 18:51:47.0267 6988 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 18:51:47.0298 6988 fssfltr - ok 18:51:47.0345 6988 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:51:47.0376 6988 fsssvc - ok 18:51:47.0438 6988 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:51:47.0470 6988 Fs_Rec - ok 18:51:47.0532 6988 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:51:47.0563 6988 fvevol - ok 18:51:47.0594 6988 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:51:47.0594 6988 gagp30kx - ok 18:51:47.0657 6988 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:51:47.0704 6988 gpsvc - ok 18:51:47.0797 6988 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:51:47.0813 6988 gupdate - ok 18:51:47.0828 6988 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:51:47.0828 6988 gupdatem - ok 18:51:47.0844 6988 hamachi - ok 18:51:47.0875 6988 Hamachi2Svc - ok 18:51:47.0891 6988 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:51:47.0906 6988 hcw85cir - ok 18:51:47.0938 6988 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:51:47.0969 6988 HdAudAddService - ok 18:51:47.0984 6988 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:51:48.0000 6988 HDAudBus - ok 18:51:48.0000 6988 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 18:51:48.0016 6988 HidBatt - ok 18:51:48.0031 6988 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:51:48.0047 6988 HidBth - ok 18:51:48.0047 6988 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 18:51:48.0062 6988 HidIr - ok 18:51:48.0094 6988 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 18:51:48.0125 6988 hidserv - ok 18:51:48.0156 6988 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:51:48.0187 6988 HidUsb - ok 18:51:48.0203 6988 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:51:48.0265 6988 hkmsvc - ok 18:51:48.0281 6988 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:51:48.0296 6988 HomeGroupListener - ok 18:51:48.0328 6988 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:51:48.0343 6988 HomeGroupProvider - ok 18:51:48.0359 6988 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:51:48.0374 6988 HpSAMD - ok 18:51:48.0437 6988 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:51:48.0484 6988 HTTP - ok 18:51:48.0499 6988 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:51:48.0515 6988 hwpolicy - ok 18:51:48.0530 6988 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:51:48.0546 6988 i8042prt - ok 18:51:48.0608 6988 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys 18:51:48.0640 6988 iaStor - ok 18:51:48.0718 6988 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 18:51:48.0749 6988 IAStorDataMgrSvc - ok 18:51:48.0780 6988 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:51:48.0811 6988 iaStorV - ok 18:51:48.0905 6988 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:51:48.0936 6988 idsvc - ok 18:51:49.0201 6988 [ 937CB7CC3E71A93771B72C8C52B9EA81 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 18:51:49.0326 6988 igfx - ok 18:51:49.0373 6988 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:51:49.0373 6988 iirsp - ok 18:51:49.0435 6988 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:51:49.0498 6988 IKEEXT - ok 18:51:49.0576 6988 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 18:51:49.0607 6988 IntcDAud - ok 18:51:49.0669 6988 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 18:51:49.0716 6988 Intel(R) Capability Licensing Service Interface - ok 18:51:49.0716 6988 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:51:49.0732 6988 intelide - ok 18:51:49.0763 6988 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:51:49.0810 6988 intelppm - ok 18:51:49.0825 6988 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:51:49.0856 6988 IPBusEnum - ok 18:51:49.0872 6988 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:51:49.0903 6988 IpFilterDriver - ok 18:51:49.0934 6988 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:51:49.0950 6988 iphlpsvc - ok 18:51:49.0966 6988 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:51:49.0981 6988 IPMIDRV - ok 18:51:49.0981 6988 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:51:50.0012 6988 IPNAT - ok 18:51:50.0044 6988 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:51:50.0059 6988 IRENUM - ok 18:51:50.0075 6988 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:51:50.0090 6988 isapnp - ok 18:51:50.0106 6988 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:51:50.0122 6988 iScsiPrt - ok 18:51:50.0168 6988 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 18:51:50.0200 6988 iusb3hcs - ok 18:51:50.0215 6988 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 18:51:50.0231 6988 iusb3hub - ok 18:51:50.0262 6988 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 18:51:50.0278 6988 iusb3xhc - ok 18:51:50.0340 6988 [ 09CA717536671E0896E07D239EE6740F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 18:51:50.0356 6988 jhi_service - ok 18:51:50.0402 6988 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:51:50.0434 6988 kbdclass - ok 18:51:50.0465 6988 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 18:51:50.0496 6988 kbdhid - ok 18:51:50.0512 6988 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:51:50.0527 6988 KeyIso - ok 18:51:50.0543 6988 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:51:50.0558 6988 KSecDD - ok 18:51:50.0574 6988 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:51:50.0590 6988 KSecPkg - ok 18:51:50.0605 6988 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:51:50.0636 6988 ksthunk - ok 18:51:50.0668 6988 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:51:50.0699 6988 KtmRm - ok 18:51:50.0730 6988 [ FC741259B7C22379EE83257D7CF91151 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 18:51:50.0746 6988 L1C - ok 18:51:50.0777 6988 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:51:50.0808 6988 LanmanServer - ok 18:51:50.0855 6988 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:51:50.0886 6988 LanmanWorkstation - ok 18:51:50.0917 6988 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys 18:51:50.0933 6988 LHDmgr - ok 18:51:50.0948 6988 lirsgt - ok 18:51:50.0964 6988 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:51:50.0995 6988 lltdio - ok 18:51:51.0042 6988 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:51:51.0089 6988 lltdsvc - ok 18:51:51.0136 6988 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:51:51.0182 6988 lmhosts - ok 18:51:51.0229 6988 [ A60D56228FF3EE7EC1A56A908924680E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 18:51:51.0260 6988 LMS - ok 18:51:51.0307 6988 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:51:51.0338 6988 LSI_FC - ok 18:51:51.0338 6988 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:51:51.0354 6988 LSI_SAS - ok 18:51:51.0370 6988 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 18:51:51.0385 6988 LSI_SAS2 - ok 18:51:51.0401 6988 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:51:51.0416 6988 LSI_SCSI - ok 18:51:51.0432 6988 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:51:51.0463 6988 luafv - ok 18:51:51.0494 6988 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:51:51.0510 6988 Mcx2Svc - ok 18:51:51.0510 6988 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 18:51:51.0526 6988 megasas - ok 18:51:51.0557 6988 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 18:51:51.0572 6988 MegaSR - ok 18:51:51.0588 6988 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:51:51.0604 6988 MEIx64 - ok 18:51:51.0635 6988 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:51:51.0666 6988 MMCSS - ok 18:51:51.0666 6988 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:51:51.0697 6988 Modem - ok 18:51:51.0713 6988 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:51:51.0744 6988 monitor - ok 18:51:51.0760 6988 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:51:51.0775 6988 mouclass - ok 18:51:51.0806 6988 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:51:51.0822 6988 mouhid - ok 18:51:51.0838 6988 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:51:51.0853 6988 mountmgr - ok 18:51:51.0869 6988 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:51:51.0916 6988 mpio - ok 18:51:51.0931 6988 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:51:51.0962 6988 mpsdrv - ok 18:51:51.0978 6988 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:51:52.0025 6988 MpsSvc - ok 18:51:52.0025 6988 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:51:52.0040 6988 MRxDAV - ok 18:51:52.0072 6988 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:51:52.0087 6988 mrxsmb - ok 18:51:52.0087 6988 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:51:52.0118 6988 mrxsmb10 - ok 18:51:52.0118 6988 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:51:52.0134 6988 mrxsmb20 - ok 18:51:52.0150 6988 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:51:52.0165 6988 msahci - ok 18:51:52.0165 6988 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:51:52.0181 6988 msdsm - ok 18:51:52.0196 6988 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:51:52.0212 6988 MSDTC - ok 18:51:52.0243 6988 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:51:52.0274 6988 Msfs - ok 18:51:52.0306 6988 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:51:52.0337 6988 mshidkmdf - ok 18:51:52.0337 6988 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:51:52.0352 6988 msisadrv - ok 18:51:52.0384 6988 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:51:52.0415 6988 MSiSCSI - ok 18:51:52.0415 6988 msiserver - ok 18:51:52.0430 6988 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:51:52.0462 6988 MSKSSRV - ok 18:51:52.0508 6988 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:51:52.0555 6988 MSPCLOCK - ok 18:51:52.0571 6988 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:51:52.0602 6988 MSPQM - ok 18:51:52.0618 6988 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:51:52.0633 6988 MsRPC - ok 18:51:52.0649 6988 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:51:52.0664 6988 mssmbios - ok 18:51:52.0696 6988 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:51:52.0727 6988 MSTEE - ok 18:51:52.0742 6988 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 18:51:52.0758 6988 MTConfig - ok 18:51:52.0789 6988 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:51:52.0820 6988 Mup - ok 18:51:52.0852 6988 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:51:52.0883 6988 napagent - ok 18:51:52.0945 6988 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:51:52.0992 6988 NativeWifiP - ok 18:51:53.0054 6988 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 18:51:53.0086 6988 NDIS - ok 18:51:53.0117 6988 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:51:53.0148 6988 NdisCap - ok 18:51:53.0179 6988 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:51:53.0210 6988 NdisTapi - ok 18:51:53.0242 6988 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:51:53.0273 6988 Ndisuio - ok 18:51:53.0288 6988 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:51:53.0320 6988 NdisWan - ok 18:51:53.0335 6988 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:51:53.0366 6988 NDProxy - ok 18:51:53.0398 6988 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:51:53.0429 6988 NetBIOS - ok 18:51:53.0444 6988 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:51:53.0476 6988 NetBT - ok 18:51:53.0476 6988 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:51:53.0491 6988 Netlogon - ok 18:51:53.0538 6988 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:51:53.0585 6988 Netman - ok 18:51:53.0600 6988 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:51:53.0632 6988 netprofm - ok 18:51:53.0647 6988 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:51:53.0663 6988 NetTcpPortSharing - ok 18:51:53.0694 6988 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:51:53.0694 6988 nfrd960 - ok 18:51:53.0725 6988 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:51:53.0741 6988 NlaSvc - ok 18:51:53.0756 6988 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:51:53.0788 6988 Npfs - ok 18:51:53.0819 6988 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:51:53.0850 6988 nsi - ok 18:51:53.0866 6988 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:51:53.0897 6988 nsiproxy - ok 18:51:53.0975 6988 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:51:54.0022 6988 Ntfs - ok 18:51:54.0037 6988 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:51:54.0068 6988 Null - ok 18:51:54.0365 6988 [ 2CCA18C2B3CF18201B0F6204A4BC5A52 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:51:54.0521 6988 nvlddmkm - ok 18:51:54.0536 6988 [ D70BC3FE775AAFB58FE353B5965657DF ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 18:51:54.0552 6988 nvpciflt - ok 18:51:54.0599 6988 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:51:54.0614 6988 nvraid - ok 18:51:54.0614 6988 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:51:54.0630 6988 nvstor - ok 18:51:54.0692 6988 [ 3ADFA793E3A5E465EA362E38C598ED71 ] nvsvc C:\Windows\system32\nvvsvc.exe 18:51:54.0739 6988 nvsvc - ok 18:51:54.0833 6988 [ 3E186CE5CB2A95B7E5E15C3FBE681A34 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 18:51:54.0880 6988 nvUpdatusService - ok 18:51:54.0895 6988 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:51:54.0911 6988 nv_agp - ok 18:51:54.0926 6988 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:51:54.0942 6988 ohci1394 - ok 18:51:54.0973 6988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:51:54.0989 6988 p2pimsvc - ok 18:51:55.0036 6988 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:51:55.0067 6988 p2psvc - ok 18:51:55.0098 6988 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 18:51:55.0114 6988 Parport - ok 18:51:55.0145 6988 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:51:55.0145 6988 partmgr - ok 18:51:55.0160 6988 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:51:55.0192 6988 PcaSvc - ok 18:51:55.0223 6988 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:51:55.0238 6988 pci - ok 18:51:55.0238 6988 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:51:55.0254 6988 pciide - ok 18:51:55.0270 6988 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:51:55.0285 6988 pcmcia - ok 18:51:55.0301 6988 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:51:55.0316 6988 pcw - ok 18:51:55.0332 6988 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:51:55.0363 6988 PEAUTH - ok 18:51:55.0394 6988 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:51:55.0410 6988 PerfHost - ok 18:51:55.0472 6988 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:51:55.0535 6988 pla - ok 18:51:55.0582 6988 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:51:55.0628 6988 PlugPlay - ok 18:51:55.0675 6988 PnkBstrA - ok 18:51:55.0691 6988 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:51:55.0722 6988 PNRPAutoReg - ok 18:51:55.0738 6988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:51:55.0753 6988 PNRPsvc - ok 18:51:55.0784 6988 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:51:55.0831 6988 PolicyAgent - ok 18:51:55.0831 6988 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:51:55.0862 6988 Power - ok 18:51:55.0909 6988 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:51:55.0956 6988 PptpMiniport - ok 18:51:55.0972 6988 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 18:51:55.0987 6988 Processor - ok 18:51:56.0018 6988 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:51:56.0034 6988 ProfSvc - ok 18:51:56.0034 6988 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:51:56.0050 6988 ProtectedStorage - ok 18:51:56.0081 6988 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:51:56.0112 6988 Psched - ok 18:51:56.0159 6988 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:51:56.0190 6988 ql2300 - ok 18:51:56.0221 6988 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:51:56.0221 6988 ql40xx - ok 18:51:56.0252 6988 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:51:56.0268 6988 QWAVE - ok 18:51:56.0299 6988 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:51:56.0315 6988 QWAVEdrv - ok 18:51:56.0315 6988 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:51:56.0346 6988 RasAcd - ok 18:51:56.0377 6988 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:51:56.0408 6988 RasAgileVpn - ok 18:51:56.0424 6988 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:51:56.0455 6988 RasAuto - ok 18:51:56.0471 6988 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:51:56.0502 6988 Rasl2tp - ok 18:51:56.0533 6988 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:51:56.0564 6988 RasMan - ok 18:51:56.0580 6988 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:51:56.0611 6988 RasPppoe - ok 18:51:56.0658 6988 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:51:56.0705 6988 RasSstp - ok 18:51:56.0720 6988 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:51:56.0752 6988 rdbss - ok 18:51:56.0767 6988 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 18:51:56.0783 6988 rdpbus - ok 18:51:56.0798 6988 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:51:56.0830 6988 RDPCDD - ok 18:51:56.0861 6988 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:51:56.0892 6988 RDPENCDD - ok 18:51:56.0892 6988 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:51:56.0923 6988 RDPREFMP - ok 18:51:56.0954 6988 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:51:56.0970 6988 RDPWD - ok 18:51:57.0001 6988 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:51:57.0017 6988 rdyboost - ok 18:51:57.0064 6988 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:51:57.0095 6988 RemoteAccess - ok 18:51:57.0126 6988 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:51:57.0204 6988 RemoteRegistry - ok 18:51:57.0251 6988 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 18:51:57.0282 6988 RFCOMM - ok 18:51:57.0313 6988 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:51:57.0360 6988 RpcEptMapper - ok 18:51:57.0376 6988 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:51:57.0391 6988 RpcLocator - ok 18:51:57.0407 6988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:51:57.0438 6988 RpcSs - ok 18:51:57.0485 6988 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:51:57.0516 6988 rspndr - ok 18:51:57.0532 6988 [ 88AB579F407A3D02918B8DCC4E6E34B3 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys 18:51:57.0547 6988 RSUSBVSTOR - ok 18:51:57.0578 6988 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:51:57.0594 6988 SamSs - ok 18:51:57.0610 6988 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:51:57.0625 6988 sbp2port - ok 18:51:57.0656 6988 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:51:57.0734 6988 SCardSvr - ok 18:51:57.0750 6988 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:51:57.0781 6988 scfilter - ok 18:51:57.0797 6988 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:51:57.0844 6988 Schedule - ok 18:51:57.0875 6988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:51:57.0906 6988 SCPolicySvc - ok 18:51:57.0922 6988 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:51:57.0937 6988 SDRSVC - ok 18:51:57.0984 6988 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:51:58.0000 6988 secdrv - ok 18:51:58.0015 6988 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:51:58.0046 6988 seclogon - ok 18:51:58.0078 6988 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 18:51:58.0109 6988 SENS - ok 18:51:58.0140 6988 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:51:58.0156 6988 SensrSvc - ok 18:51:58.0171 6988 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 18:51:58.0187 6988 Serenum - ok 18:51:58.0202 6988 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 18:51:58.0218 6988 Serial - ok 18:51:58.0234 6988 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:51:58.0249 6988 sermouse - ok 18:51:58.0280 6988 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:51:58.0312 6988 SessionEnv - ok 18:51:58.0312 6988 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:51:58.0327 6988 sffdisk - ok 18:51:58.0343 6988 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:51:58.0358 6988 sffp_mmc - ok 18:51:58.0358 6988 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:51:58.0374 6988 sffp_sd - ok 18:51:58.0374 6988 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:51:58.0390 6988 sfloppy - ok 18:51:58.0421 6988 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:51:58.0452 6988 SharedAccess - ok 18:51:58.0483 6988 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:51:58.0514 6988 ShellHWDetection - ok 18:51:58.0546 6988 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 18:51:58.0561 6988 SiSRaid2 - ok 18:51:58.0561 6988 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:51:58.0577 6988 SiSRaid4 - ok 18:51:58.0577 6988 SkypeUpdate - ok 18:51:58.0592 6988 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:51:58.0624 6988 Smb - ok 18:51:58.0655 6988 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:51:58.0670 6988 SNMPTRAP - ok 18:51:58.0686 6988 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:51:58.0702 6988 spldr - ok 18:51:58.0733 6988 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 18:51:58.0764 6988 Spooler - ok 18:51:58.0842 6988 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:51:58.0904 6988 sppsvc - ok 18:51:58.0920 6988 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:51:58.0951 6988 sppuinotify - ok 18:51:59.0029 6988 [ 9AB59CF736981ED1F83C6AB5FAA8BA5C ] sptd C:\Windows\system32\Drivers\sptd.sys 18:51:59.0060 6988 sptd - ok 18:51:59.0060 6988 SpyHunter 4 Service - ok 18:51:59.0092 6988 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:51:59.0107 6988 srv - ok 18:51:59.0138 6988 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:51:59.0154 6988 srv2 - ok 18:51:59.0170 6988 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:51:59.0185 6988 srvnet - ok 18:51:59.0216 6988 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:51:59.0248 6988 SSDPSRV - ok 18:51:59.0279 6988 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:51:59.0310 6988 SstpSvc - ok 18:51:59.0341 6988 Steam Client Service - ok 18:51:59.0372 6988 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 18:51:59.0388 6988 stexstor - ok 18:51:59.0435 6988 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:51:59.0482 6988 stisvc - ok 18:51:59.0497 6988 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:51:59.0513 6988 swenum - ok 18:51:59.0544 6988 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:51:59.0575 6988 swprv - ok 18:51:59.0653 6988 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:51:59.0700 6988 SysMain - ok 18:51:59.0731 6988 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:51:59.0747 6988 TabletInputService - ok 18:51:59.0794 6988 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:51:59.0825 6988 TapiSrv - ok 18:51:59.0856 6988 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:51:59.0918 6988 TBS - ok 18:51:59.0996 6988 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:52:00.0059 6988 Tcpip - ok 18:52:00.0090 6988 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:52:00.0121 6988 TCPIP6 - ok 18:52:00.0137 6988 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:52:00.0152 6988 tcpipreg - ok 18:52:00.0184 6988 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:52:00.0199 6988 TDPIPE - ok 18:52:00.0230 6988 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:52:00.0277 6988 TDTCP - ok 18:52:00.0277 6988 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:52:00.0308 6988 tdx - ok 18:52:00.0340 6988 TeamViewer8 - ok 18:52:00.0371 6988 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:52:00.0402 6988 TermDD - ok 18:52:00.0433 6988 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:52:00.0464 6988 TermService - ok 18:52:00.0480 6988 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:52:00.0496 6988 Themes - ok 18:52:00.0511 6988 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:52:00.0542 6988 THREADORDER - ok 18:52:00.0574 6988 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 18:52:00.0589 6988 TPM - ok 18:52:00.0605 6988 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:52:00.0636 6988 TrkWks - ok 18:52:00.0683 6988 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:52:00.0714 6988 TrustedInstaller - ok 18:52:00.0714 6988 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:52:00.0745 6988 tssecsrv - ok 18:52:00.0761 6988 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:52:00.0776 6988 TsUsbFlt - ok 18:52:00.0776 6988 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 18:52:00.0792 6988 TsUsbGD - ok 18:52:00.0823 6988 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:52:00.0854 6988 tunnel - ok 18:52:00.0854 6988 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:52:00.0870 6988 uagp35 - ok 18:52:00.0901 6988 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:52:00.0932 6988 udfs - ok 18:52:00.0964 6988 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:52:00.0979 6988 UI0Detect - ok 18:52:01.0010 6988 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:52:01.0026 6988 uliagpkx - ok 18:52:01.0073 6988 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:52:01.0088 6988 umbus - ok 18:52:01.0088 6988 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 18:52:01.0104 6988 UmPass - ok 18:52:01.0166 6988 [ A0153CC9D28568A10BDAEE5EC612CFC8 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 18:52:01.0198 6988 UNS - ok 18:52:01.0244 6988 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:52:01.0291 6988 upnphost - ok 18:52:01.0307 6988 usbaudio - ok 18:52:01.0322 6988 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:52:01.0338 6988 usbccgp - ok 18:52:01.0354 6988 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:52:01.0369 6988 usbcir - ok 18:52:01.0385 6988 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:52:01.0400 6988 usbehci - ok 18:52:01.0432 6988 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:52:01.0447 6988 usbhub - ok 18:52:01.0463 6988 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:52:01.0478 6988 usbohci - ok 18:52:01.0494 6988 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 18:52:01.0510 6988 usbprint - ok 18:52:01.0510 6988 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:52:01.0525 6988 USBSTOR - ok 18:52:01.0541 6988 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:52:01.0556 6988 usbuhci - ok 18:52:01.0572 6988 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:52:01.0603 6988 usbvideo - ok 18:52:01.0619 6988 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:52:01.0650 6988 UxSms - ok 18:52:01.0666 6988 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:52:01.0681 6988 VaultSvc - ok 18:52:01.0712 6988 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:52:01.0728 6988 vdrvroot - ok 18:52:01.0744 6988 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:52:01.0775 6988 vds - ok 18:52:01.0790 6988 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:52:01.0806 6988 vga - ok 18:52:01.0822 6988 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:52:01.0853 6988 VgaSave - ok 18:52:01.0868 6988 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:52:01.0884 6988 vhdmp - ok 18:52:01.0900 6988 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:52:01.0900 6988 viaide - ok 18:52:01.0962 6988 [ BEEC7DB99737B083C62A84D1328571D2 ] vm332avs C:\Windows\system32\Drivers\vm332avs.sys 18:52:01.0993 6988 vm332avs - ok 18:52:02.0009 6988 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:52:02.0024 6988 volmgr - ok 18:52:02.0040 6988 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:52:02.0056 6988 volmgrx - ok 18:52:02.0071 6988 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:52:02.0087 6988 volsnap - ok 18:52:02.0118 6988 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:52:02.0134 6988 vsmraid - ok 18:52:02.0196 6988 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:52:02.0274 6988 VSS - ok 18:52:02.0290 6988 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:52:02.0305 6988 vwifibus - ok 18:52:02.0305 6988 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:52:02.0336 6988 vwififlt - ok 18:52:02.0352 6988 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:52:02.0383 6988 W32Time - ok 18:52:02.0399 6988 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:52:02.0414 6988 WacomPen - ok 18:52:02.0446 6988 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0477 6988 WANARP - ok 18:52:02.0477 6988 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:52:02.0508 6988 Wanarpv6 - ok 18:52:02.0570 6988 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:52:02.0586 6988 wbengine - ok 18:52:02.0602 6988 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:52:02.0617 6988 WbioSrvc - ok 18:52:02.0648 6988 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:52:02.0664 6988 wcncsvc - ok 18:52:02.0680 6988 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:52:02.0695 6988 WcsPlugInService - ok 18:52:02.0726 6988 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 18:52:02.0726 6988 Wd - ok 18:52:02.0773 6988 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:52:02.0804 6988 Wdf01000 - ok 18:52:02.0820 6988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:52:02.0836 6988 WdiServiceHost - ok 18:52:02.0836 6988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:52:02.0867 6988 WdiSystemHost - ok 18:52:02.0882 6988 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:52:02.0898 6988 WebClient - ok 18:52:02.0914 6988 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:52:02.0945 6988 Wecsvc - ok 18:52:02.0960 6988 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:52:02.0992 6988 wercplsupport - ok 18:52:03.0023 6988 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:52:03.0054 6988 WerSvc - ok 18:52:03.0101 6988 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:52:03.0148 6988 WfpLwf - ok 18:52:03.0163 6988 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:52:03.0163 6988 WIMMount - ok 18:52:03.0194 6988 WinDefend - ok 18:52:03.0194 6988 WinHttpAutoProxySvc - ok 18:52:03.0335 6988 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:52:03.0382 6988 Winmgmt - ok 18:52:03.0460 6988 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:52:03.0522 6988 WinRM - ok 18:52:03.0553 6988 WinUsb - ok 18:52:03.0600 6988 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:52:03.0616 6988 Wlansvc - ok 18:52:03.0647 6988 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:52:03.0662 6988 wlcrasvc - ok 18:52:03.0772 6988 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:52:03.0834 6988 wlidsvc - ok 18:52:03.0865 6988 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:52:03.0881 6988 WmiAcpi - ok 18:52:03.0912 6988 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:52:03.0928 6988 wmiApSrv - ok 18:52:03.0959 6988 WMPNetworkSvc - ok 18:52:03.0990 6988 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:52:04.0006 6988 WPCSvc - ok 18:52:04.0021 6988 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:52:04.0037 6988 WPDBusEnum - ok 18:52:04.0052 6988 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:52:04.0084 6988 ws2ifsl - ok 18:52:04.0084 6988 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 18:52:04.0115 6988 wscsvc - ok 18:52:04.0115 6988 WSearch - ok 18:52:04.0130 6988 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys 18:52:04.0146 6988 wsvd - ok 18:52:04.0224 6988 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:52:04.0271 6988 wuauserv - ok 18:52:04.0302 6988 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:52:04.0318 6988 WudfPf - ok 18:52:04.0349 6988 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:52:04.0364 6988 WUDFRd - ok 18:52:04.0380 6988 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:52:04.0396 6988 wudfsvc - ok 18:52:04.0427 6988 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 18:52:04.0442 6988 WwanSvc - ok 18:52:04.0458 6988 xnacc - ok 18:52:04.0583 6988 [ D65B42FBF19C676AA01AE95EC62F7764 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe 18:52:04.0598 6988 ZAtheros Bt&Wlan Coex Agent - ok 18:52:04.0630 6988 ================ Scan global =============================== 18:52:04.0661 6988 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:52:04.0708 6988 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 18:52:04.0708 6988 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 18:52:04.0739 6988 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:52:04.0786 6988 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:52:04.0786 6988 [Global] - ok 18:52:04.0786 6988 ================ Scan MBR ================================== 18:52:04.0801 6988 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:52:05.0004 6988 \Device\Harddisk0\DR0 - ok 18:52:05.0004 6988 ================ Scan VBR ================================== 18:52:05.0004 6988 [ FA532ED33E365B89A9BB9E32AF7DD042 ] \Device\Harddisk0\DR0\Partition1 18:52:05.0004 6988 \Device\Harddisk0\DR0\Partition1 - ok 18:52:05.0051 6988 [ 66F6D6B16E74482E722E3893619AB949 ] \Device\Harddisk0\DR0\Partition2 18:52:05.0051 6988 \Device\Harddisk0\DR0\Partition2 - ok 18:52:05.0066 6988 [ FB97965F681D364C5FBE6C4F0AA08E17 ] \Device\Harddisk0\DR0\Partition3 18:52:05.0066 6988 \Device\Harddisk0\DR0\Partition3 - ok 18:52:05.0082 6988 ============================================================ 18:52:05.0082 6988 Scan finished 18:52:05.0082 6988 ============================================================ 18:52:05.0082 2592 Detected object count: 2 18:52:05.0082 2592 Actual detected object count: 2 18:52:07.0110 2592 avipbb ( ForgedFile.Multi.Generic ) - skipped by user 18:52:07.0110 2592 avipbb ( ForgedFile.Multi.Generic ) - User select action: Skip 18:52:07.0126 2592 avkmgr ( ForgedFile.Multi.Generic ) - skipped by user 18:52:07.0126 2592 avkmgr ( ForgedFile.Multi.Generic ) - User select action: Skip ich finds echt toll hier  |
|
09.07.2013, 17:57
| #6 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hi, Scan mit Combofix
__________________ --> Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! |
|
09.07.2013, 18:30
| #7 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Ich hab Combofix arbeiten lassen und bei Stufe 32 hieß es "Fertiggestellt". Ich hab aber kein Combofix.txt gefunden. Hab ich was falsch gemacht? Muss ich erst neustarten? ... ... ... Ich komm mir vor wie der letzte Depp :P |
|
09.07.2013, 18:37
| #8 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hi, na bei den vorherigen stufen steht doch auch fertig gestellt, oder hat sich Combofix geschlossen? starte es noch mal, und cscha was da im ende genau steht.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2013, 19:18
| #9 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Es ging nur darum, dass ich kein Combofix.txt finde. Ich probiers noch mal aus! |
|
09.07.2013, 19:19
| #10 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! wo das Log zu finden is, steht auch in der Anleitung. aber führ es noch mal aus
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2013, 20:02
| #11 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! es hängt bei 32, danach kommt nichts von logfile ich probiers nochmal |
|
09.07.2013, 20:06
| #12 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Nein. Starte neu, drücke f8 wähle abgesicherter Modus. wähle dein Nutzerkonto, führe combofix aus, starte in den normalen Modus, und poste, bwenn es diesmal geklappt hatte das Log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2013, 21:10
| #13 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Wenn ich Windos im abgesicherten Modus öffne, finde ich ComboFix nicht mehr. Kannst du mir da auch helfen? |
|
09.07.2013, 21:13
| #14 |
| /// Malware-holic | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! Hi hast du windows, wie ich geschrieben hatte, im selben Konto gestartet? wenn ja, und du konntest cf nicht finden, legs erst mal direkt auf c: ab da findest du es auf jeden fall
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2013, 21:17
| #15 |
| | Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! wie mach ich das? muss ich das einfach reinziehen? |
|
| Themen zu Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren! |
| anfänger, deinstalliere, deinstallieren, facebook, frage, helft, hilfe, hoffe, instant, instant saving app, leute, loswerden, programm, saving, virus, werbung, würde, youtube |
WARNUNG an die MITLESER: 
Linear-Darstellung
