| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unbekannter SchädlingWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.08.2013, 22:32
| #1 |
 |  Unbekannter Schädling Hallo! Ich habe seit einiger Zeit ein Problem mit meiner Windows Firewall. Wenn ich versuche Windows-Firewall mit erweiterter Sicherheit zu starten, bekomme ich eine Meldung die mir sagt, dass "Beim Öffnen des Snap-Ins -Windows-Firewall mit erweiterter Sicherheit- ein Fehler aufgetreten ist." Fehlercode: 0x6D9 Kann also NICHTS an meiner Firewall ändern. Weder ein noch aus schalten oder Regeln setzen. Außerdem kann ich oft Internetnutzung feststellen, obwohl ich nur meinen PC an habe ohne irgendwelche Programme die Internet benötigen. Ein weiteres Problem ist Windows Updates. Wenn ich ein Update installieren möchte, schlägt es meistens fehl, vorallem wenn es sich um Security handelt. Sehr verdächtig. -------------------------- Windows 7 SP1 12 GB Ram Intel Core I5 CPU 750 @ 2.67 GTX 660 Graka Wenn mehr Daten benötigt werden bitte sagen. Ich hab mich bis jetzt nicht getraut großartig was zu Scannen oder zu löschen. Bitte dringend um Hilfe! Grüße und Danke im Vorraus. |
|
07.08.2013, 22:36
| #2 |
| /// Malware-holic   | Unbekannter Schädling Hi, gleich wird eine Anweisung für FRST folgen, bitte beachte folgene Zusatzaufgabe für die Additions.txt
__________________Empfehlungen fürs Deinstallieren Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.08.2013, 22:56
| #3 |
| | Unbekannter Schädling Danke für die schnelle Antwort.
__________________Ich markiere grade alle installierten Programme in der additions.txt. Habe einen Haufen Games auf meinem Rechner. Bin mir da nicht sicher ob ich für die unnötig oder nötig dranschreiben soll  Hier aber schonmal meine FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 06
Ran by Max (administrator) on 07-08-2013 23:52:23
Running from C:\Users\Max\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
() C:\Users\Max\Local Settings\Apps\F.lux\flux.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKCU\...\Run: [fsm] - [x]
HKCU\...\Run: [RDReminder] - [x]
HKCU\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe [338296 2011-10-20] (Uniblue Systems Limited)
HKCU\...\Run: [mapdisk] - C:\Users\Max\Documents\ArmAWork\mapdisk.bat [46 2013-01-14] ()
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKCU\...\Run: [QtraxNotification] - C:\Users\Max\Qtrax\Player\Notification.exe [116008 2013-08-06] ()
HKCU\...\Run: [F.lux] - C:\Users\Max\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
MountPoints2: G - G:\autorun.exe
MountPoints2: I - I:\Password.exe
MountPoints2: {8d7a7f10-990f-11e1-b964-4061867d9184} - K:\pushinst.exe
MountPoints2: {a951fa5b-f14e-11e2-b8aa-4061867d9184} - I:\autorun.exe
MountPoints2: {ea0aa7b3-dd4a-11e0-a4e0-4061867d9184} - I:\setup.exe
MountPoints2: {ff8cbcda-96bb-11e2-9829-4061867d9184} - G:\autorun.exe
MountPoints2: {ff8cbcde-96bb-11e2-9829-4061867d9184} - H:\autorun.exe
HKLM-x32\...\Run: [TaskTray] - [x]
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\UpdatusUser\...\Run: [fsm] - [x]
HKU\UpdatusUser\...\Run: [RDReminder] - [x]
HKU\UpdatusUser\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe [338296 2011-10-20] (Uniblue Systems Limited)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.privitize.com/?aff=7&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.privitize.com/?aff=7&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18826
SearchScopes: HKCU - {55861E1C-A576-45C7-B1A5-8E2C14D40F8F} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - No File
BHO-x32: ICQ Sparberater - {5A0D6E4B-B0DF-4148-8B1E-F7A430FF5E24} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTo0.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: LyricsContainer - {DA3D98A6-868D-4E1B-BB78-0887230DA405} - C:\Program Files (x86)\LyricsContainer\125.dll (RYD Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM-x32 - Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTo0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: [NameServer]192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\user.js
FF SelectedSearchEngine: uTorrentBar_DE Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2851647&ctid=CT2851647&SearchSource=2&CUI=UN00719041435812883&UM=false&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - D:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @coreonline.com/run3d,version=1.0 - C:\Users\Max\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Startpins.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Babylon - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ffxtlbr@babylon.com
FF Extension: Yahoo! Toolbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: DownloadHelper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: uTorrentBar_DE - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF Extension: ciuvo-extension - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: plugin - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\plugin@yontoo.com.xpi
FF Extension: No Name - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] C:\Program Files (x86)\LyricsContainer\125.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsContainer\125.xpi
Chrome:
=======
CHR DefaultSearchURL: (Conduit) - hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2851647
CHR DefaultSuggestURL: (Conduit) - hxxp://search.conduit.com/
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Virtual Keyboard) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (uTorrentBar_DE) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.15.10_0
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM-x32\...\Chrome\Extension: [abfmigjiaapipflmopkaaooigcjjdojh] - C:\Program Files (x86)\LyricsContainer\125.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Max\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Max\AppData\Local\Temp\YontooLayers.crx
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Max\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-30] ()
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-02] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-08-02] ()
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]
S4 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
==================== Drivers (Whitelisted) ====================
R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-06-05] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-03-27] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fsRamDsk; C:\Windows\System32\DRIVERS\fsRamDsk.sys [53656 2007-04-01] ()
R0 FVXSCSI; C:\Windows\System32\DRIVERS\fvxscsi.sys [118360 2009-12-23] (FarStone Inc.)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-06-05] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-23] (Duplex Secure Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va007; \??\C:\Users\Max\AppData\Local\Temp\0079E18.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:18 - 2013-08-07 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 14:15 - 2013-08-07 14:16 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 03:16 - 2013-08-07 04:26 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 02:55 - 2013-08-07 03:14 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:53 - 2013-08-07 02:54 - 00018397 _____ C:\Windows\DirectX.log
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:57 - 2013-08-06 20:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:12 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:22 - 2013-08-06 18:35 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:21 - 2013-03-23 22:31 - 61788395 _____ (Introversion Software Ltd ) C:\Users\Max\Desktop\defcon-win32-v1.6.exe
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 00:42 - 2013-08-06 01:02 - 259091339 _____ (Media Contact LLC ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-05 22:15 - 2013-08-04 17:41 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:32 - 2013-08-04 01:37 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-07-31 16:01 - 2013-07-31 16:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 14:20 - 2013-07-26 19:43 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 14:20 - 2013-07-26 17:14 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 08:54 - 2013-07-25 09:17 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-23 14:21 - 2013-08-07 14:02 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:11 - 2013-08-07 14:03 - 00022864 _____ C:\Windows\PFRO.log
2013-07-20 13:04 - 2013-07-20 13:06 - 00000000 ____D C:\Users\Max\AppData\Roaming\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:04 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 12:07 - 2013-07-19 12:11 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-15 14:32 - 2013-07-15 14:32 - 00002383 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Users\Max\Qtrax
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Program Files (x86)\FLV Media Player
2013-07-15 14:31 - 2013-08-07 23:11 - 00000404 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-07-15 14:31 - 2013-07-15 14:31 - 00003048 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-07-11 23:46 - 2013-07-12 01:24 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-11 20:39 - 2013-07-19 16:33 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-11 16:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 16:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 16:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 16:06 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 20:57 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 20:57 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 20:57 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 20:57 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 20:56 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 20:55 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 20:55 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 15:51 - 2013-08-07 23:09 - 00001817 _____ C:\Windows\setupact.log
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
120
==================== One Month Modified Files and Folders =======
2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:18 - 2013-08-07 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 23:16 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 23:16 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 23:13 - 2011-05-21 13:35 - 01697213 _____ C:\Windows\WindowsUpdate.log
2013-08-07 23:11 - 2013-07-15 14:31 - 00000404 _____ C:\Windows\Tasks\LyricsContainer Update.job
2013-08-07 23:11 - 2012-12-02 21:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2013-08-07 23:11 - 2012-10-08 17:02 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 23:11 - 2012-06-26 21:24 - 00000000 ____D C:\Users\Max\AppData\Local\LogMeIn Hamachi
2013-08-07 23:11 - 2011-12-30 21:19 - 00000336 _____ C:\Windows\Tasks\DriverScanner.job
2013-08-07 23:09 - 2013-07-10 15:51 - 00001817 _____ C:\Windows\setupact.log
2013-08-07 23:09 - 2011-12-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-07 23:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-07 23:07 - 2012-10-08 17:02 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 23:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-07 23:01 - 2012-01-05 19:29 - 00000252 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-08-07 22:56 - 2012-03-29 18:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-07 22:56 - 2012-01-11 17:20 - 00000000 __SHD C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
2013-08-07 19:00 - 2011-12-30 20:26 - 00000262 _____ C:\Windows\Tasks\RMSchedule.job
2013-08-07 16:26 - 2012-12-02 21:29 - 00000000 ___RD C:\Users\Max\Dropbox
2013-08-07 14:16 - 2013-08-07 14:15 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 14:03 - 2013-07-20 17:11 - 00022864 _____ C:\Windows\PFRO.log
2013-08-07 14:02 - 2013-07-23 14:21 - 00000000 ____D C:\Program Files (x86)\LyricsContainer
2013-08-07 13:53 - 2012-11-02 13:08 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2013-08-07 10:51 - 2011-10-21 15:58 - 00000288 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
2013-08-07 04:26 - 2013-08-07 03:16 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 03:14 - 2013-08-07 02:55 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:54 - 2013-08-07 02:53 - 00018397 _____ C:\Windows\DirectX.log
2013-08-07 02:20 - 2012-02-08 22:34 - 00000000 ___RD C:\Users\Max\Desktop\Games
2013-08-06 21:57 - 2011-05-21 17:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:58 - 2013-08-06 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:44 - 2011-11-02 00:19 - 00000000 ____D C:\Users\Max\AppData\Local\Akamai
2013-08-06 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 20:12 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:12 - 2013-01-14 02:13 - 00000000 ____D C:\Users\Max\Documents\ArmAWork
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 20:10 - 2012-12-25 11:16 - 00000840 _____ C:\Windows\system32\config\afw_hm.conf
2013-08-06 20:10 - 2012-12-25 11:16 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:35 - 2013-08-06 18:22 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:22 - 2011-06-18 11:23 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-06 14:52 - 2012-04-28 09:30 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2 OA
2013-08-06 14:15 - 2009-07-14 19:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-06 14:15 - 2009-07-14 19:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-06 14:15 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 01:02 - 2013-08-06 00:42 - 259091339 _____ (Media Contact LLC ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-04 17:41 - 2013-08-05 22:15 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:37 - 2013-08-04 01:32 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 15:00 - 2011-05-21 15:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2013-08-02 14:49 - 2013-06-30 13:33 - 00000000 ____D C:\Users\Max\Documents\ProjectReality
2013-08-02 14:34 - 2013-03-27 13:35 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-08-02 14:33 - 2013-03-27 13:35 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-02 14:17 - 2013-03-27 13:35 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-02 14:17 - 2011-08-14 15:15 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-02 14:14 - 2012-10-10 22:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\uTorrent
2013-08-02 14:11 - 2013-06-29 21:53 - 00001188 _____ C:\Users\Max\Desktop\Project Reality BF2.lnk
2013-08-01 23:28 - 2011-09-06 17:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Mumble
2013-07-31 16:05 - 2013-07-31 16:01 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 21:28 - 2013-06-16 18:00 - 00000000 ____D C:\Users\Max\Desktop\@JSRS
2013-07-27 09:31 - 2011-12-27 18:58 - 00000402 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-07-26 19:43 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 17:14 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 14:18 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2
2013-07-25 09:17 - 2013-07-25 08:54 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-25 03:06 - 2011-07-30 23:00 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-24 11:11 - 2012-06-25 18:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2013-07-23 16:38 - 2011-08-29 13:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:13 - 2011-05-21 14:31 - 00000000 ____D C:\Windows\Panther
2013-07-20 17:12 - 2009-07-14 06:45 - 04946728 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-20 17:10 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-20 14:29 - 2013-07-07 12:35 - 00000000 ____D C:\Users\Max\Desktop\Cube
2013-07-20 13:06 - 2013-07-20 13:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-20 13:04 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:01 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:03 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 16:33 - 2013-07-11 20:39 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-19 12:11 - 2013-07-19 12:07 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 23:41 - 2011-05-21 13:41 - 00000000 ____D C:\Users\Max
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-17 19:27 - 2012-10-27 13:21 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-07-17 19:17 - 2011-05-21 14:11 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-15 14:33 - 2012-10-10 22:57 - 00000000 ____D C:\Program Files (x86)\uTorrentBar_DE
2013-07-15 14:32 - 2013-07-15 14:32 - 00002383 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Users\Max\Qtrax
2013-07-15 14:32 - 2013-07-15 14:32 - 00000000 ____D C:\Program Files (x86)\FLV Media Player
2013-07-15 14:31 - 2013-07-15 14:31 - 00003048 _____ C:\Windows\System32\Tasks\LyricsContainer Update
2013-07-12 01:24 - 2013-07-11 23:46 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
ZeroAccess:
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}\L\00000004.@
C:\Windows\Installer\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}\L\201d3dde
ZeroAccess:
C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
Files to move or delete:
====================
C:\Users\Max\jagex_cl_runescape_LIVE.dat
C:\Users\Max\random.dat
C:\Windows\Tasks\At1.job
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 01:33
==================== End Of Log ============================
--- --- --- Hier noch die additions.txt Ich hänge an keinem Programm, bin mir aber auch nicht sicher welche Essenziell sind. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-07 23:53:23
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==========================================================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-07 23:53:23
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
unbekannt
nötig
unnötig
"Sudden Strike - Release 1.0" (x32) unnötig
"Wings of Prey" (Unistall) (x32 Version: 1.0.3.2) unnötig
µTorrent (x32 Version: 3.2.1.28086) unnötig
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) nötig
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Download Assistant (x32 Version: 1.0.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.3.300.257)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
Akamai NetSession Interface (HKCU) unbekannt
Akamai NetSession Interface Service (x32) unbekannt
Alan Wake (x32) unnötig
Allied Intent Xtended 2.0 (x32 Version: 2.0) unbekannt
Altitude (x32) unnötig
Anno 1404 (x32 Version: 1.00.0000) unnötig
ANNO 1404 (x32 Version: 1.03.0000) unnötig
ANNO 2070 (x32 Version: 1.0.0.0) unnötig
APB Reloaded (x32) unnötig
Apple Application Support (x32 Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (x32 Version: 2.1.3.127)
applicationupdater (HKCU) unbekannt
ARMA 2 (x32) unnötig
ARMA 2: British Armed Forces - Data cache removal (x32) unnötig
ARMA 2: British Armed Forces (x32) unnötig
ARMA 2: Operation Arrowhead (x32) unnötig
ARMA 2: Private Military Company - Data cache removal (x32) unnötig
Arma 2: Private Military Company (x32) unnötig
Arma 3 Alpha (x32) unnötig
ArmA II Launcher (x32 Version: 1.4.1.0) unnötig
Audacity 2.0 (x32) unnötig
Bamboo Dock (x32 Version: 3.9) unnötig
Bamboo Dock (x32 Version: 3.9.0) unnötig
Battlefield 1942™ (x32 Version: 1.6.20.0) unnötig
Battlefield 2 (x32) unnötig
Battlefield 3™ (x32 Version: 1.4.0.0) unnötig
Battlefield Play4Free (x32) unnötig
Battlefield: Bad Company 2 (x32) unnötig
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32) unnötig
be Flash Player 11 Plugin 64-bit (Version: 11.2.202.235) unbekannt
BF2 Editor (x32 Version: 1.00.0000) unnötig
Bing Bar (x32 Version: 7.1.391.0) unnötig
BinMake Uninstall (x32) unbekannt
BinPBO Personal Edition Uninstall (x32) unbekannt
BI's Tools drive Uninstall (x32) unbekannt
Camtasia Studio 7 (x32 Version: 7.0.1)
CCleaner (Version: 3.14)
Command & Conquer™ 3 Kane's Wrath (x32 Version: 1.0.0.0) unnötig
Company of Heroes 2 (x32) unnötig
Counter-Strike: Source (x32) unnötig
Counter-Strike: Source Beta (x32) unnötig
DAEMON Tools Ultra (x32 Version: 1.0.0.0068) unnötig
DayZ Commander (x32 Version: 0.92.69) unnötig
Dead Space™ 2 (x32 Version: 1.0.941.0) unnötig
Defcon v1.6 (x32) unnötig
Die Gilde Gold-Edition (x32 Version: 2.06) unnötig
Die*Sims™*3 (x32 Version: 1.0.631) unnötig
DivX-Setup (x32 Version: 2.6.1.22)
Dota 2 (x32) unnötig
Driver Sweeper Version 3.0.0 (x32 Version: 3.0.0) unbekannt
Driver Whiz (x32 Version: 8.0.1) unbekannt
DriverEasy 3.11.2 (Version: 3.11.2.0) unbekannt
Dropbox (HKCU Version: 2.0.22) unnötig
Dxtory version 2.0.116 (x32 Version: 2.0.116)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
F.lux (HKCU)
Fallout 3 (HKCU Version: 1.00.0000) unnötig
Fallout: New Vegas (x32) unnötig
FileZilla Client 3.5.0 (x32 Version: 3.5.0)
FLV Media Player version 1.3 (x32 Version: 1.3)
Forgoten Hope 2 (2 of 2) (dummy) (x32) unnötig
Fraps (remove only) (x32) unnötig
Free YouTube Uploader version 3.3.25.1228 (x32)
FSM Editor Personal Edition Uninstall (x32) unbekannt
gamelauncher-code4344-beta (HKCU)
GameRanger (HKCU) unnötig
GameSpy Arcade (x32) unnötig
GameSpy Comrade (x32 Version: 3.2.17.236) unnötig
GameXN GO (HKCU) unnötig
Garry's Mod (x32) unnötig
GIMP 2.6.8 unnötig
Google Earth (x32 Version: 5.2.1.1588) unnötig
Google Update Helper (x32 Version: 1.3.21.123) unbekannt
Grand Theft Auto IV (x32) unnötig
Grand Theft Auto: San Andreas (x32) unnötig
Guild Wars 2 (x32) unnötig
Heroes & Generals (x32 Version: 1.0.4.6) unnötig
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (Version: 23.0.504.0)
HP Deskjet 3070 B611 series Hilfe (x32 Version: 140.0.2.2)
HP Photo Creations (x32 Version: 1.0.0.5192)
HP Update (x32 Version: 5.002.007.004)
ICQ Sparberater (x32 Version: 1.0.601) unnötig
ICQ7.5 (x32 Version: 7.5) unnötig
IL-2 Sturmovik: Cliffs of Dover (x32) unnötig
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004) unnötig!
iTunes (Version: 11.0.1.12) unnötig
Java 7 Update 9 (x32 Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Java(TM) 6 Update 25 (x32 Version: 6.0.250)
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
L&H TTS3000 British English (x32) unbekannt
L&H TTS3000 Deutsch (x32) unbekannt
L&H TTS3000 Español (x32) unbekannt
L&H TTS3000 Français (x32) unbekannt
L&H TTS3000 Italiano (x32) unbekannt
L&H TTS3000 Nederlands (x32 unbekannt)
L&H TTS3000 Português (Brasil) (x32) unbekannt
L&H TTS3000 Russian (x32) unbekannt
League of Legends (x32 Version: 1.02.0000) unnötig
Left 4 Dead 2 (x32) unnötig
Lernout & Hauspie TruVoice American English TTS Engine (x32) unbekannt
Logitech G35 (Version: 1.1.178)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
MAGIX Web Designer 7 Premium Download-Version (x32 Version: 7.0.4.16490)
MechWarrior Online (HKCU Version: 1.2.0.0) unnötig
MechWarrior Online (x32 Version: 1.2.0.0) unnötig
Medal of Honor™ Warfighter (x32 Version: 1.0.0.2) unnötig
MediaGet2 version 2.1.780.0 (x32 Version: 2.1.780.0) unbekannt
MediaGet2 version 2.1.890.0 (HKCU Version: 2.1.890.0) unbekannt
Metro 2033 (x32) unnötig
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MiniTool Partition Wizard Home Edition 6.0 (x32) unbekannt
MISERY for S.T.A.L.K.E.R - Call of Pripyat (x32)
MorphVOX Junior (x32 Version: 2.7.8)
Mozilla Firefox 5.0.1 (x86 de) (x32 Version: 5.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mumble 1.2.3 (x32 Version: 1.2.3)
NetObjects Fusion Essentials (x32) unbekannt
Nokia Connectivity Cable Driver (Version: 7.1.32.64)
Notepad++ (x32 Version: 5.9)
NVIDIA 3D Vision Controller-Treiber 285.62 (Version: 285.62)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5715)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Opera 12.16 (x32 Version: 12.16.1860)
Origin (x32 Version: 9.0.15.65) unnötig
Oxygen 2 Personal Edition Uninstall (x32) unnötig
Pando Media Booster (x32 Version: 2.6.0.1) unnötig
PDF Settings CS5 (x32 Version: 10.0)
PlanetSide 2 Beta (HKCU) unnötig
Play withSIX (x32 Version: 1.20.0318) unnötig
Portal 2 (x32) unnötig
PR Mumble 1.0.0 (x32 Version: 1.0.0) unnötig
PrivitizeVPN (x32 Version: 1.0.0)
Project Normandy (x32) unnötig
Project Reality Christmas Map Pack (x32 Version: 0957) unnötig
Project Reality: ARMA2 (x32 Version: v0.15 BETA) unnötig
Project Reality: BF2 (pr_beta) (Version: v1.0) unnötig
Project Reality: BF2 (Version: v1.0) unnötig
Project Reality: BF2 (x32 Version: v0.981) unnötig
Project Reality: BF2 (x32 Version: v1.0) unnötig
PunkBuster Services (x32 Version: 0.993) unnötig
PVSonyDll (Version: 1.00.0001) unbekannt
Qtrax (HKCU Version: 20.13.06.24) unbekannt
Qtrax Player (HKCU) unbekannt
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0) unbekannt
RealPlayer (x32)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Red Orchestra 2 SDK (x32) unnötig
Red Orchestra 2: Heroes of Stalingrad (x32) unnötig
S.T.A.L.K.E.R.: Call of Pripyat (x32) unnötig
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
SecondLifeViewer (remove only) (x32)
ShiftWindow 1.02 (x32) unbekannt
Six Updater (x32 Version: 2.09.7034) unnötig
Skype Click to Call (x32 Version: 5.6.8442) unnötig
Skype™ 5.10 (x32 Version: 5.10.116) unnötig
Software Informer 1.1 (x32) unbekannt
Sound Tools Uninstall (x32) unbekannt
Source SDK (x32) unnötig
Source SDK Base 2007 (x32) unnötig
SpeedFan (remove only) (x32) unnötig
Square Enix Secure Launcher (HKCU Version: 1.0.0.108) unbekannt
StarCraft II (x32 Version: 1.4.2.20141) unnötig
Steam (x32 Version: 1.0.0.0) unnötig
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (Version: 23.0.504.0)
Sudden Strike 2 (x32 Version: 1.0) unnötig
Sudden Strike 3 (x32) unnötig
Sven 004 XS (x32) unbekannt
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007) unbekannt
SweetPacks bundle uninstaller (x32 Version: 1.0.0000) unbekannt
Team Fortress 2 (x32) unnötig
TeamSpeak 3 Client (Version: 3.0.10) unnötig
Terraria (x32) unnötig
TexView 2 Uninstall (x32) unbekannt
The Elder Scrolls V: Skyrim (x32) unnötig
The War Z (x32) unnötig
The War Z version alpha (x32 Version: alpha) unnötig
TNG 2.0 Installer Part 1 (HKCU) unbekannt
TNG 2.0 Installer Part 2 (HKCU) unbekannt
Total Commander (Remove or Repair) (x32 Version: 7.56a) unbekannt
Ubisoft Game Launcher (x32 Version: 1.0.0.0) unnötig
Uniblue DriverScanner (x32 Version: 4.0.3.4) unbekannt
Unity Web Player (HKCU Version: ) unbekannt
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
Uplay (x32 Version: 2.0) unnötig
uTorrentBar_DE Toolbar (x32 Version: 6.13.3.505)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) unbekannt
VirtualCloneDrive (x32)
Visitor 3 Uninstall (x32) unbekannt
War Rock (x32) unnötig
War Thunder Launcher 1.0.1.148 (x32) unnötig
Webcam Spy v2.1 (x32 Version: 2.1) unbekannt
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
World in Conflict: Soviet Assault (x32) unnötig
World of Tanks (x32) unnötig
World of Warcraft (x32 Version: 4.3.0.15050) unnötig
Worms 4 Mayhem (x32 Version: 1.00.0000) unnötig
Worms Ultimate Mayhem (x32) unnötig
Yahoo! Messenger (x32) unnötig
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32) unnötig
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01) unbekannt
yuPlay client 0.7.32 (x32)
==================== Restore Points =========================
02-08-2013 12:33:16 DirectX wurde installiert
06-08-2013 18:11:54 Removed Bonjour
07-08-2013 00:52:29 DirectX wurde installiert
07-08-2013 12:14:16 Windows Update
07-08-2013 20:59:14 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00E0768F-5B04-402A-AB6E-CFE604C2C527} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19] (Adobe Systems Incorporated)
Task: {38CDD424-5770-4D39-B02C-9FC2071C7CBC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {41469CE4-657F-4FAC-987E-214DDE5E979E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe No File
Task: {446ABDB1-1EED-447C-93D3-E9AACB4E6A6E} - System32\Tasks\RMSchedule => C:\Program Files (x86)\Registry Mechanic\RegMech.exe No File
Task: {4AF26527-E3C1-4809-AA6A-FADE114CF707} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {4EAF8025-96E7-4F85-B92F-37262272AF55} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2015333589-2609546115-2474780110-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {72D655FB-1CFD-4966-AF55-953E582FBE6F} - System32\Tasks\AdobeAAMUpdater-1.0-MaxPc-Max => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {739C48F9-599F-4388-9A62-76352240804B} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2011-11-22] (Easeware)
Task: {783B5AB7-4BD9-442A-B4C7-F3B2A3875E1E} - System32\Tasks\DLL-files.com Fixer_UPDATES => C:\Program Files (x86)\Dll-Files.com No File
Task: {813A69B0-A7C0-4772-902B-42F3F32B6F5F} - System32\Tasks\At1 => C:\Windows\SysWOW64\cmd.exe [2010-11-20] (Microsoft Corporation)
Task: {9F88452D-415E-4CD3-AEA6-9D607EA319A3} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {B2ADE055-5138-4903-AB1C-E1E1CC41A038} - System32\Tasks\LyricsContainer Update => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe No File
Task: {BE2FD9C2-40AE-4A0A-9A14-461DAD8B8C1B} - System32\Tasks\{C7915BC9-1BA2-411C-B3EF-4C3B0A356141} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {C93BE47F-A8D2-42A4-AFF9-22CAE4EFF8FC} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\Registry Mechanic\update.exe No File
Task: {D4B82667-B894-40CE-8753-444BAE22CC7C} - System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-20] (Uniblue Systems Limited)
Task: {D6A5DB1E-B7DA-4C47-83C6-441A9C7F5607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe No File
Task: {EB759432-30F5-4CF1-87E7-817DDF082D8B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {EF855525-975B-4A0D-A219-3F01EDCA63E2} - System32\Tasks\DLL-files.com Fixer => C:\Program Files (x86)\Dll-Files.com No File
Task: {F2F2EB16-CF39-4EC2-9470-77E991ECC975} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F495F25A-D55D-49E3-AEB4-E93AA2AEC659} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2015333589-2609546115-2474780110-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {FAC3E7DD-2578-4504-8EA5-89205C7A9CEA} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
Task: {FAF2C78E-293D-45D3-8BE0-9FF8F492F39A} - System32\Tasks\{45F5085A-E32C-45F6-921D-E984AB3C9311} => c:\program files (x86)\opera\opera.exe [2013-07-17] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Users\Max\Desktop\driver whiz serial key download txt.exe
Task: C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\Registry Mechanic\RegMech.exe
==================== Faulty Device Manager Devices =============
Name: TeamViewer VPN Adapter
Description: TeamViewer VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TeamViewer GmbH
Service: teamviewervpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2013 11:18:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/07/2013 11:18:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/07/2013 11:17:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/07/2013 07:51:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 3.3.9556.500, Zeitstempel: 0x4d061efd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Error: (08/07/2013 02:16:02 PM) (Source: Microsoft Security Client Setup) (User: MaxPc)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.
Error: (08/07/2013 11:02:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error: (08/07/2013 03:07:45 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.1, Zeitstempel: 0x3db54418
Name des fehlerhaften Moduls: WINMM.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba42
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011e4b
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0xgame.exe0
Pfad der fehlerhaften Anwendung: game.exe1
Pfad des fehlerhaften Moduls: game.exe2
Berichtskennung: game.exe3
Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldFilterDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/07/2013 02:49:37 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (08/07/2013 11:12:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2592687)
Error: (08/07/2013 11:12:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0826 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2709981)
Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/07/2013 11:11:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/07/2013 11:11:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (08/07/2013 11:11:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/07/2013 11:09:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/07/2013 11:09:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.
Error: (08/07/2013 11:06:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Microsoft Office Sessions:
=========================
Error: (08/07/2013 11:18:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe
Error: (08/07/2013 11:18:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe
Error: (08/07/2013 11:17:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Desktop\esetsmartinstaller_enu.exe
Error: (08/07/2013 07:51:49 PM) (Source: Application Error)(User: )
Description: soffice.bin3.3.9556.5004d061efdntdll.dll6.1.7601.177254ec49b8fc00000050002e3be56001ce9395c39a59b9C:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Windows\SysWOW64\ntdll.dll0884370f-ff8a-11e2-9e33-4061867d9184
Error: (08/07/2013 02:16:02 PM) (Source: Microsoft Security Client Setup)(User: MaxPc)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.
Error: (08/07/2013 11:02:19 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2
Error: (08/07/2013 03:07:45 AM) (Source: Application Error)(User: )
Description: game.exe1.0.0.13db54418WINMM.dll6.1.7601.175144ce7ba42c000000500011e4b10f001ce9309c795c70eD:\SS2\game.exeC:\Windows\system32\WINMM.dllc45ba2ea-fefd-11e2-8420-4061867d9184
Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/07/2013 02:52:29 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldFilterDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (08/07/2013 02:49:37 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary NovaShieldTDIDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2011-12-30 18:05:53.566
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Max\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-12-30 18:05:53.541
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Max\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-12-30 18:05:53.209
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-12-30 18:05:53.184
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 12279.11 MB
Available physical RAM: 9843.57 MB
Total Pagefile: 25277.3 MB
Available Pagefile: 22770.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:122.65 GB) (Free:11.31 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:1273.51 GB) (Free:101.69 GB) NTFS (Disk=0 Partition=2)
Drive e: (COH2) (CDROM) (Total:5.15 GB) (Free:0 GB) UDF
Drive g: (PRBF2) (CDROM) (Total:6.03 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 2BAB359D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-831603785728) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=123 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Geändert von Quobble (07.08.2013 um 23:09 Uhr) |
|
08.08.2013, 00:09
| #4 |
| /// Malware-holic | Unbekannter Schädling Hi, es sind 3 Logs zu erstellen, poste diese gleichzeitig. 1. Fix mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Windows\Tasks\At1.job
Wings of µTorrent Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Alan Allied Intent Xtended Altitude ANNO : alle APB applicationupdater Arma : alle ArmA Audacity Bamboo Dock : beide Battlefield : alle Battlelog BattlEye BF2 Bing Command Company Counter-Strike: alle DAEMON DayZ Dead Defcon Die Gilde Die* Dota Driver Sweeper Driver Whiz DriverEasy : instaliere driver nur vom hersteller! Dropbox ESET ESN Fallout : beide Forgoten Fraps GameRanger GameSpy : alle GameXN Garry's GIMP Google Earth Grand Theft : beide Guild Heroes ICQ : beide IL Internet Explorer Toolbar iTunes Java 7 Java(TM) : alle downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: League Left 4 Lernout MechWarrior : alle Medal Metro Mozilla Firefox Webbrowser Mozilla Firefox ? Kostenloser Download ? mozilla.org Version 23 instalieren. Deinstaliere: Origin Oxygen Pando PlanetSide Play withSIX Portal PR Project : alle unnötigen PunkBuster Qtrax : falls von dir nicht verwendet, beide RealPlayer Red Orchestra : beide S.T.A.L ShiftWindow Six Updater Skype : beide Software Informer SpeedFan StarCraft Steam Sudden : beide Sven SweetIM SweetPacks TeamSpeak Team Fortress Terraria The Elder The War : beide Total Commander Ubisoft Uniblue Unity Update Manager Uplay uTorrentBar_DE : bitte weg War Rock War Thunder Webcam Spy World : alle Worms : beide Yahoo: alle Yontoo Starte neu. 3. Scan mit Combofix
4. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 00:46
| #5 |
| | Unbekannter Schädling Okay. Arbeite dran. Hier schonmal die Fixlog.txt Steht sehr wenig drin. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-08-2013 06
Ran by Max at 2013-08-08 01:42:11 Run:1
Running from C:\Users\Max\Desktop
Boot Mode: Normal
==============================================
C:\Windows\Tasks\At1.job => Moved successfully.
==== End of Fixlog ====
/Edit Kann keins der SweetIM Programme Deinstallieren. Wirft mir nen Error aus. Hier die Combofix Logs: Code:
ATTFilter ComboFix 13-08-07.01 - Max 08.08.2013 2:17.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.12279.9318 [GMT 2:00]
ausgeführt von:: c:\users\Max\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsContainer\125.dll
c:\users\Max\AppData\Roaming\technic-launcher.jar
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\frapsvid.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-08 bis 2013-08-08 ))))))))))))))))))))))))))))))
.
.
2013-08-08 00:24 . 2013-08-08 00:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-08 00:24 . 2013-08-08 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 23:57 . 2013-08-07 23:57 0 ----a-w- c:\windows\SysWow64\REN3B6D.tmp
2013-08-07 21:52 . 2013-08-07 21:52 -------- d-----w- C:\FRST
2013-08-07 12:26 . 2013-08-07 12:26 941720 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{286C14BD-7101-4E5F-AB9C-2CFD86EDC7EA}\gapaengine.dll
2013-08-07 12:26 . 2013-07-01 23:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E44A8976-04B9-422C-9162-A1A807FF485C}\mpengine.dll
2013-08-07 12:15 . 2013-08-07 12:15 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-08-07 12:15 . 2013-08-07 12:15 -------- d-----w- c:\program files\Microsoft Security Client
2013-08-06 18:59 . 2013-08-06 18:59 -------- d-----w- c:\users\Max\AppData\Roaming\Malwarebytes
2013-08-06 18:59 . 2013-08-06 18:59 -------- d-----w- c:\programdata\Malwarebytes
2013-08-06 18:12 . 2013-08-07 23:55 -------- d-----w- c:\windows\system32\appmgmt
2013-08-06 16:38 . 2013-08-06 16:38 -------- d-----w- c:\program files (x86)\JoWooD
2013-08-06 16:22 . 2013-08-06 16:35 -------- d-----w- c:\program files (x86)\Defcon
2013-07-31 14:01 . 2013-07-31 14:05 -------- d-----w- c:\windows\system32\MRT
2013-07-26 12:20 . 2013-07-26 17:43 -------- d-----w- c:\users\Max\AppData\Local\Arma 3
2013-07-26 12:20 . 2013-07-26 12:20 -------- d-----w- c:\programdata\Bohemia Interactive
2013-07-23 12:21 . 2013-08-08 00:23 -------- d-----w- c:\program files (x86)\LyricsContainer
2013-07-20 11:04 . 2013-08-08 00:12 -------- d-----w- c:\programdata\Yahoo!
2013-07-20 11:01 . 2013-08-08 00:25 -------- d-----w- c:\program files (x86)\Yahoo!
2013-07-16 20:31 . 2013-07-16 20:31 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-07-10 18:57 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 18:57 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 18:57 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-10 18:57 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-10 18:57 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-10 18:57 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 18:57 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 18:57 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 18:57 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 18:57 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-10 18:57 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 18:56 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 18:56 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 18:56 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:56 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 18:56 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 18:56 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:55 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 18:55 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 12:34 . 2013-03-27 11:35 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-02 12:33 . 2013-03-27 11:35 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-02 12:17 . 2013-03-27 11:35 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-02 12:17 . 2011-08-14 13:15 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-25 01:06 . 2011-07-30 21:00 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-07-03 00:53 . 2012-02-09 20:44 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-03 00:52 . 2012-02-09 20:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-06-23 22:57 . 2011-08-25 06:55 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-18 19:50 . 2013-06-18 19:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2013-06-18 19:50 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-17 06:38 . 2012-02-22 08:52 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-17 06:37 . 2012-02-22 08:52 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-17 06:37 . 2012-02-22 08:52 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-06-14 06:01 . 2012-02-09 20:43 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-05-21 14:06 . 2013-05-21 14:06 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-21 14:06 . 2013-05-21 14:06 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-21 14:06 . 2013-05-21 14:06 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-21 14:06 . 2013-05-21 14:06 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-21 14:06 . 2013-05-21 14:06 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-21 14:06 . 2013-05-21 14:06 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-21 14:06 . 2013-05-21 14:06 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-21 14:06 . 2013-05-21 14:06 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-21 14:06 . 2013-05-21 14:06 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-21 14:06 . 2013-05-21 14:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-21 14:06 . 2013-05-21 14:06 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-21 14:06 . 2013-05-21 14:06 441856 ----a-w- c:\windows\system32\html.iec
2013-05-21 14:06 . 2013-05-21 14:06 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-21 14:06 . 2013-05-21 14:06 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-21 14:06 . 2013-05-21 14:06 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-21 14:06 . 2013-05-21 14:06 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-21 14:06 . 2013-05-21 14:06 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-21 14:06 . 2013-05-21 14:06 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-21 14:06 . 2013-05-21 14:06 235008 ----a-w- c:\windows\system32\url.dll
2013-05-21 14:06 . 2013-05-21 14:06 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-21 14:06 . 2013-05-21 14:06 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-21 14:06 . 2013-05-21 14:06 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-21 14:06 . 2013-05-21 14:06 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-21 14:06 . 2013-05-21 14:06 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-21 14:06 . 2013-05-21 14:06 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-21 14:06 . 2013-05-21 14:06 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-21 14:06 . 2013-05-21 14:06 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-21 14:06 . 2013-05-21 14:06 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-21 14:06 . 2013-05-21 14:06 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-21 14:06 . 2013-05-21 14:06 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-21 14:06 . 2013-05-21 14:06 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-21 14:06 . 2013-05-21 14:06 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-21 14:06 . 2013-05-21 14:06 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-21 14:06 . 2013-05-21 14:06 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-21 14:06 . 2013-05-21 14:06 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-21 14:06 . 2013-05-21 14:06 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-21 14:06 . 2013-05-21 14:06 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-21 14:06 . 2013-05-21 14:06 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-21 14:06 . 2013-05-21 14:06 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-21 14:06 . 2013-05-21 14:06 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-21 14:06 . 2013-05-21 14:06 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-21 14:06 . 2013-05-21 14:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-21 14:06 . 2013-05-21 14:06 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-21 14:06 . 2013-05-21 14:06 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-21 14:06 . 2013-05-21 14:06 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-21 14:06 . 2013-05-21 14:06 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-21 14:06 . 2013-05-21 14:06 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-21 14:06 . 2013-05-21 14:06 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-21 14:06 . 2013-05-21 14:06 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-13 05:51 . 2013-06-12 16:05 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 16:05 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 16:05 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 16:05 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 16:05 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 16:05 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 16:05 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 16:05 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:05 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:05 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 16:05 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 16:05 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
"DAEMON Tools Ultra Agent"="c:\program files (x86)\DAEMON Tools Ultra\DTAgent.exe" [2013-03-06 3088448]
"F.lux"="c:\users\Max\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
R3 X6va007;X6va007;c:\users\Max\AppData\Local\Temp\0079E18.tmp;c:\users\Max\AppData\Local\Temp\0079E18.tmp [x]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
R4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe;c:\program files\Tablet\Pen\Pen_Tablet.exe [x]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe;c:\program files\Tablet\Pen\Pen_TouchService.exe [x]
S3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtscsibus.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-08 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: NameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
BHO-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
BHO-{DA3D98A6-868D-4E1B-BB78-0887230DA405} - c:\program files (x86)\LyricsContainer\125.dll
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Wow6432Node-HKCU-Run-RDReminder - (no file)
Wow6432Node-HKCU-Run-Messenger (Yahoo!) - ~c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe
Wow6432Node-HKLM-Run-TaskTray - (no file)
SafeBoot-BsScanner
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
AddRemove-Forgotten Hope 2 - d:\steam\steamapps\common\Battlefield 2\uninstall.exe
AddRemove-NetObjects Fusion Essentials - c:\windows\IsUn0407.exe
AddRemove-Project Reality: BF2 Sandbox_is1 - d:\steam\steamapps\common\Battlefield 2\mods\pr\uninst\unins001.exe
AddRemove-{3F673FAB-262C-429F-AC28-674AD43DE6EE}_is1 - d:\steam\steamapps\common\battlefield 2\mods\pr\unins000.exe
AddRemove-TNG 2.0 Installer Part 1 - d:\steam\SteamApps\common\battlefield 2\mods\AIX2\TNG 2.0 Part 1 Uninstallexe
AddRemove-TNG 2.0 Installer Part 2 - d:\steam\SteamApps\common\battlefield 2\mods\AIX2\TNG 2.0 Part 2 Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\Max\AppData\Local\Temp\0079E18.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2015333589-2609546115-2474780110-1001\Software\SecuROM\License information*]
"datasecu"=hex:b0,76,7f,82,ab,76,ae,d4,ea,b5,49,ff,77,86,c1,81,ed,63,49,f0,bb,
f9,e1,e3,c5,48,05,57,a9,9a,8a,1f,dd,07,aa,d7,21,26,23,9c,37,31,ce,8b,e4,55,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-08 02:30:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-08-08 00:30
.
Vor Suchlauf: 12 Verzeichnis(se), 14.158.352.384 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 13.897.601.024 Bytes frei
.
- - End Of File - - CE80A74C2E985D2AF8A34C4ABACF2ADC
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter 02:39:04.0911 2036 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
02:39:05.0109 2036 ============================================================
02:39:05.0110 2036 Current date / time: 2013/08/08 02:39:05.0109
02:39:05.0110 2036 SystemInfo:
02:39:05.0110 2036
02:39:05.0110 2036 OS Version: 6.1.7601 ServicePack: 1.0
02:39:05.0110 2036 Product type: Workstation
02:39:05.0110 2036 ComputerName: MAXPC
02:39:05.0110 2036 UserName: Max
02:39:05.0110 2036 Windows directory: C:\Windows
02:39:05.0110 2036 System windows directory: C:\Windows
02:39:05.0110 2036 Running under WOW64
02:39:05.0110 2036 Processor architecture: Intel x64
02:39:05.0110 2036 Number of processors: 4
02:39:05.0110 2036 Page size: 0x1000
02:39:05.0110 2036 Boot type: Normal boot
02:39:05.0110 2036 ============================================================
02:39:07.0762 2036 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2F509, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
02:39:07.0769 2036 ============================================================
02:39:07.0769 2036 \Device\Harddisk0\DR0:
02:39:07.0769 2036 MBR partitions:
02:39:07.0769 2036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:39:07.0769 2036 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9F3046A0
02:39:07.0769 2036 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9F336EA0, BlocksNum 0xF54F160
02:39:07.0769 2036 ============================================================
02:39:07.0796 2036 D: <-> \Device\Harddisk0\DR0\Partition2
02:39:07.0833 2036 C: <-> \Device\Harddisk0\DR0\Partition3
02:39:07.0833 2036 ============================================================
02:39:07.0833 2036 Initialize success
02:39:07.0833 2036 ============================================================
02:40:59.0279 2792 ============================================================
02:40:59.0279 2792 Scan started
02:40:59.0279 2792 Mode: Manual; SigCheck; TDLFS;
02:40:59.0279 2792 ============================================================
02:41:00.0083 2792 ================ Scan system memory ========================
02:41:00.0083 2792 System memory - ok
02:41:00.0084 2792 ================ Scan services =============================
02:41:00.0259 2792 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:41:00.0339 2792 1394ohci - ok
02:41:00.0373 2792 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:41:00.0408 2792 ACPI - ok
02:41:00.0437 2792 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:41:00.0527 2792 AcpiPmi - ok
02:41:00.0572 2792 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:41:00.0600 2792 adp94xx - ok
02:41:00.0625 2792 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:41:00.0638 2792 adpahci - ok
02:41:00.0650 2792 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:41:00.0661 2792 adpu320 - ok
02:41:00.0686 2792 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:41:00.0836 2792 AeLookupSvc - ok
02:41:00.0892 2792 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
02:41:00.0959 2792 AFD - ok
02:41:00.0986 2792 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
02:41:00.0998 2792 agp440 - ok
02:41:01.0260 2792 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
02:41:01.0260 2792 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
02:41:01.0266 2792 Akamai ( HiddenFile.Multi.Generic ) - warning
02:41:01.0266 2792 Akamai - detected HiddenFile.Multi.Generic (1)
02:41:01.0284 2792 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
02:41:01.0351 2792 ALG - ok
02:41:01.0370 2792 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
02:41:01.0389 2792 aliide - ok
02:41:01.0420 2792 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
02:41:01.0479 2792 Alpham1 - ok
02:41:01.0515 2792 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
02:41:01.0554 2792 Alpham2 - ok
02:41:01.0579 2792 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
02:41:01.0598 2792 amdide - ok
02:41:01.0627 2792 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:41:01.0698 2792 AmdK8 - ok
02:41:01.0716 2792 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:41:01.0751 2792 AmdPPM - ok
02:41:01.0782 2792 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:41:01.0792 2792 amdsata - ok
02:41:01.0816 2792 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:41:01.0827 2792 amdsbs - ok
02:41:01.0845 2792 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:41:01.0853 2792 amdxata - ok
02:41:01.0884 2792 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
02:41:01.0965 2792 AppID - ok
02:41:02.0002 2792 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:41:02.0058 2792 AppIDSvc - ok
02:41:02.0141 2792 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
02:41:02.0186 2792 Appinfo - ok
02:41:02.0250 2792 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:41:02.0269 2792 Apple Mobile Device - ok
02:41:02.0305 2792 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
02:41:02.0357 2792 AppMgmt - ok
02:41:02.0371 2792 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
02:41:02.0392 2792 arc - ok
02:41:02.0409 2792 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:41:02.0430 2792 arcsas - ok
02:41:02.0533 2792 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:41:02.0551 2792 aspnet_state - ok
02:41:02.0581 2792 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:41:02.0652 2792 AsyncMac - ok
02:41:02.0674 2792 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
02:41:02.0682 2792 atapi - ok
02:41:02.0715 2792 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
02:41:02.0751 2792 atksgt - ok
02:41:02.0794 2792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:41:02.0870 2792 AudioEndpointBuilder - ok
02:41:02.0878 2792 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:41:02.0906 2792 AudioSrv - ok
02:41:02.0983 2792 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
02:41:02.0999 2792 AxAutoMntSrv - ok
02:41:03.0025 2792 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:41:03.0101 2792 AxInstSV - ok
02:41:03.0151 2792 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:41:03.0196 2792 b06bdrv - ok
02:41:03.0228 2792 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:41:03.0260 2792 b57nd60a - ok
02:41:03.0290 2792 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
02:41:03.0339 2792 BDESVC - ok
02:41:03.0357 2792 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
02:41:03.0430 2792 Beep - ok
02:41:03.0492 2792 [ B1359701847FF1FF415FA083F1610F48 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
02:41:03.0553 2792 BEService ( UnsignedFile.Multi.Generic ) - warning
02:41:03.0553 2792 BEService - detected UnsignedFile.Multi.Generic (1)
02:41:03.0604 2792 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
02:41:03.0652 2792 BFE - ok
02:41:03.0701 2792 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
02:41:03.0765 2792 BITS - ok
02:41:03.0788 2792 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:41:03.0807 2792 blbdrive - ok
02:41:03.0846 2792 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:41:03.0877 2792 bowser - ok
02:41:03.0888 2792 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:41:03.0978 2792 BrFiltLo - ok
02:41:03.0989 2792 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:41:04.0009 2792 BrFiltUp - ok
02:41:04.0047 2792 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:41:04.0100 2792 BridgeMP - ok
02:41:04.0137 2792 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
02:41:04.0165 2792 Browser - ok
02:41:04.0185 2792 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:41:04.0237 2792 Brserid - ok
02:41:04.0257 2792 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:41:04.0287 2792 BrSerWdm - ok
02:41:04.0303 2792 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:41:04.0343 2792 BrUsbMdm - ok
02:41:04.0357 2792 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:41:04.0386 2792 BrUsbSer - ok
02:41:04.0417 2792 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:41:04.0438 2792 BTHMODEM - ok
02:41:04.0488 2792 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
02:41:04.0543 2792 bthserv - ok
02:41:04.0583 2792 catchme - ok
02:41:04.0615 2792 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:41:04.0678 2792 cdfs - ok
02:41:04.0730 2792 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:41:04.0768 2792 cdrom - ok
02:41:04.0819 2792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
02:41:04.0881 2792 CertPropSvc - ok
02:41:04.0894 2792 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:41:04.0924 2792 circlass - ok
02:41:04.0948 2792 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
02:41:04.0965 2792 CLFS - ok
02:41:05.0018 2792 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:41:05.0030 2792 clr_optimization_v2.0.50727_32 - ok
02:41:05.0076 2792 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:41:05.0087 2792 clr_optimization_v2.0.50727_64 - ok
02:41:05.0160 2792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:41:05.0177 2792 clr_optimization_v4.0.30319_32 - ok
02:41:05.0195 2792 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:41:05.0210 2792 clr_optimization_v4.0.30319_64 - ok
02:41:05.0234 2792 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:41:05.0268 2792 CmBatt - ok
02:41:05.0300 2792 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:41:05.0313 2792 cmdide - ok
02:41:05.0359 2792 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
02:41:05.0395 2792 CNG - ok
02:41:05.0411 2792 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:41:05.0424 2792 Compbatt - ok
02:41:05.0449 2792 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:41:05.0491 2792 CompositeBus - ok
02:41:05.0497 2792 COMSysApp - ok
02:41:05.0517 2792 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:41:05.0527 2792 crcdisk - ok
02:41:05.0576 2792 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:41:05.0620 2792 CryptSvc - ok
02:41:05.0655 2792 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
02:41:05.0730 2792 CSC - ok
02:41:05.0781 2792 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
02:41:05.0815 2792 CscService - ok
02:41:05.0839 2792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:41:05.0927 2792 DcomLaunch - ok
02:41:05.0987 2792 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
02:41:06.0046 2792 defragsvc - ok
02:41:06.0079 2792 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:41:06.0140 2792 DfsC - ok
02:41:06.0213 2792 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
02:41:06.0234 2792 dg_ssudbus - ok
02:41:06.0276 2792 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
02:41:06.0341 2792 Dhcp - ok
02:41:06.0410 2792 [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
02:41:06.0435 2792 Disc Soft Bus Service - ok
02:41:06.0456 2792 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
02:41:06.0491 2792 discache - ok
02:41:06.0520 2792 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:41:06.0533 2792 Disk - ok
02:41:06.0561 2792 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:41:06.0612 2792 Dnscache - ok
02:41:06.0634 2792 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
02:41:06.0691 2792 dot3svc - ok
02:41:06.0724 2792 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
02:41:06.0791 2792 DPS - ok
02:41:06.0821 2792 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:41:06.0839 2792 drmkaud - ok
02:41:06.0858 2792 [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus C:\Windows\system32\DRIVERS\dtscsibus.sys
02:41:06.0873 2792 dtscsibus - ok
02:41:06.0919 2792 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:41:06.0947 2792 DXGKrnl - ok
02:41:06.0960 2792 EagleX64 - ok
02:41:06.0989 2792 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
02:41:07.0042 2792 EapHost - ok
02:41:07.0145 2792 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:41:07.0263 2792 ebdrv - ok
02:41:07.0277 2792 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
02:41:07.0297 2792 EFS - ok
02:41:07.0344 2792 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:41:07.0416 2792 ehRecvr - ok
02:41:07.0460 2792 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
02:41:07.0491 2792 ehSched - ok
02:41:07.0530 2792 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:41:07.0563 2792 elxstor - ok
02:41:07.0588 2792 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
02:41:07.0606 2792 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
02:41:07.0606 2792 epmntdrv - detected UnsignedFile.Multi.Generic (1)
02:41:07.0639 2792 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:41:07.0674 2792 ErrDev - ok
02:41:07.0708 2792 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
02:41:07.0741 2792 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
02:41:07.0741 2792 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
02:41:07.0773 2792 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
02:41:07.0812 2792 EventSystem - ok
02:41:07.0857 2792 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
02:41:07.0885 2792 exfat - ok
02:41:07.0901 2792 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:41:07.0946 2792 fastfat - ok
02:41:08.0002 2792 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
02:41:08.0068 2792 Fax - ok
02:41:08.0109 2792 [ 240FF3619817B039198CDCD1E8DAE921 ] fcdabus C:\Windows\system32\DRIVERS\fcdabus.sys
02:41:08.0140 2792 fcdabus - ok
02:41:08.0148 2792 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:41:08.0168 2792 fdc - ok
02:41:08.0184 2792 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
02:41:08.0247 2792 fdPHost - ok
02:41:08.0261 2792 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
02:41:08.0296 2792 FDResPub - ok
02:41:08.0319 2792 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:41:08.0328 2792 FileInfo - ok
02:41:08.0338 2792 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:41:08.0384 2792 Filetrace - ok
02:41:08.0401 2792 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:41:08.0412 2792 flpydisk - ok
02:41:08.0435 2792 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:41:08.0447 2792 FltMgr - ok
02:41:08.0506 2792 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
02:41:08.0557 2792 FontCache - ok
02:41:08.0605 2792 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:41:08.0621 2792 FontCache3.0.0.0 - ok
02:41:08.0631 2792 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:41:08.0650 2792 FsDepends - ok
02:41:08.0680 2792 [ 7B64CBC4FDDAD2CB4F774E6B81052E98 ] fsRamDsk C:\Windows\system32\DRIVERS\fsRamDsk.sys
02:41:08.0699 2792 fsRamDsk - ok
02:41:08.0728 2792 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:41:08.0742 2792 Fs_Rec - ok
02:41:08.0781 2792 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:41:08.0805 2792 fvevol - ok
02:41:08.0821 2792 [ C4AE69B476A40C165B6E99D10E814D0F ] FVXSCSI C:\Windows\system32\DRIVERS\fvxscsi.sys
02:41:08.0855 2792 FVXSCSI - ok
02:41:08.0885 2792 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:41:08.0906 2792 gagp30kx - ok
02:41:08.0934 2792 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:41:08.0942 2792 GEARAspiWDM - ok
02:41:08.0979 2792 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
02:41:09.0042 2792 gpsvc - ok
02:41:09.0057 2792 gupdate - ok
02:41:09.0072 2792 gupdatem - ok
02:41:09.0094 2792 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
02:41:09.0103 2792 hamachi - ok
02:41:09.0233 2792 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
02:41:09.0347 2792 Hamachi2Svc - ok
02:41:09.0366 2792 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:41:09.0414 2792 hcw85cir - ok
02:41:09.0447 2792 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:41:09.0477 2792 HdAudAddService - ok
02:41:09.0500 2792 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
02:41:09.0533 2792 HDAudBus - ok
02:41:09.0551 2792 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:41:09.0583 2792 HidBatt - ok
02:41:09.0600 2792 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:41:09.0626 2792 HidBth - ok
02:41:09.0647 2792 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:41:09.0690 2792 HidIr - ok
02:41:09.0715 2792 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
02:41:09.0788 2792 hidserv - ok
02:41:09.0826 2792 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:41:09.0847 2792 HidUsb - ok
02:41:09.0859 2792 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:41:09.0909 2792 hkmsvc - ok
02:41:09.0952 2792 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:41:10.0007 2792 HomeGroupListener - ok
02:41:10.0032 2792 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:41:10.0065 2792 HomeGroupProvider - ok
02:41:10.0096 2792 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:41:10.0117 2792 HpSAMD - ok
02:41:10.0167 2792 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:41:10.0243 2792 HTTP - ok
02:41:10.0267 2792 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:41:10.0276 2792 hwpolicy - ok
02:41:10.0306 2792 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:41:10.0317 2792 i8042prt - ok
02:41:10.0357 2792 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:41:10.0387 2792 iaStorV - ok
02:41:10.0411 2792 ICQ Service - ok
02:41:10.0463 2792 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:41:10.0497 2792 idsvc - ok
02:41:10.0525 2792 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:41:10.0535 2792 iirsp - ok
02:41:10.0590 2792 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
02:41:10.0639 2792 IKEEXT - ok
02:41:10.0649 2792 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
02:41:10.0658 2792 intelide - ok
02:41:10.0678 2792 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:41:10.0708 2792 intelppm - ok
02:41:10.0732 2792 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:41:10.0786 2792 IPBusEnum - ok
02:41:10.0811 2792 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:41:10.0873 2792 IpFilterDriver - ok
02:41:10.0933 2792 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:41:11.0003 2792 iphlpsvc - ok
02:41:11.0031 2792 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:41:11.0053 2792 IPMIDRV - ok
02:41:11.0063 2792 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:41:11.0115 2792 IPNAT - ok
02:41:11.0182 2792 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
02:41:11.0216 2792 iPod Service - ok
02:41:11.0246 2792 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:41:11.0317 2792 IRENUM - ok
02:41:11.0329 2792 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:41:11.0340 2792 isapnp - ok
02:41:11.0365 2792 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:41:11.0381 2792 iScsiPrt - ok
02:41:11.0408 2792 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
02:41:11.0420 2792 kbdclass - ok
02:41:11.0436 2792 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
02:41:11.0466 2792 kbdhid - ok
02:41:11.0477 2792 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
02:41:11.0491 2792 KeyIso - ok
02:41:11.0516 2792 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:41:11.0530 2792 KSecDD - ok
02:41:11.0559 2792 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:41:11.0575 2792 KSecPkg - ok
02:41:11.0589 2792 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:41:11.0644 2792 ksthunk - ok
02:41:11.0689 2792 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
02:41:11.0738 2792 KtmRm - ok
02:41:11.0787 2792 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
02:41:11.0794 2792 LADF_DHP2 - ok
02:41:11.0818 2792 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
02:41:11.0828 2792 LADF_SBVM - ok
02:41:11.0854 2792 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
02:41:11.0920 2792 LanmanServer - ok
02:41:11.0947 2792 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:41:11.0997 2792 LanmanWorkstation - ok
02:41:12.0042 2792 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
02:41:12.0061 2792 lirsgt - ok
02:41:12.0072 2792 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:41:12.0133 2792 lltdio - ok
02:41:12.0163 2792 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:41:12.0207 2792 lltdsvc - ok
02:41:12.0217 2792 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:41:12.0242 2792 lmhosts - ok
02:41:12.0294 2792 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:41:12.0315 2792 LSI_FC - ok
02:41:12.0327 2792 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:41:12.0344 2792 LSI_SAS - ok
02:41:12.0354 2792 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:41:12.0366 2792 LSI_SAS2 - ok
02:41:12.0380 2792 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:41:12.0390 2792 LSI_SCSI - ok
02:41:12.0418 2792 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
02:41:12.0474 2792 luafv - ok
02:41:12.0522 2792 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
02:41:12.0573 2792 ManyCam - ok
02:41:12.0597 2792 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
02:41:12.0633 2792 mcaudrv_simple - ok
02:41:12.0659 2792 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:41:12.0689 2792 Mcx2Svc - ok
02:41:12.0710 2792 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:41:12.0724 2792 megasas - ok
02:41:12.0740 2792 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:41:12.0759 2792 MegaSR - ok
02:41:12.0809 2792 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
02:41:12.0856 2792 MMCSS - ok
02:41:12.0878 2792 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
02:41:12.0919 2792 Modem - ok
02:41:12.0950 2792 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:41:12.0971 2792 monitor - ok
02:41:13.0016 2792 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:41:13.0025 2792 mouclass - ok
02:41:13.0054 2792 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:41:13.0086 2792 mouhid - ok
02:41:13.0142 2792 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:41:13.0160 2792 mountmgr - ok
02:41:13.0215 2792 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
02:41:13.0242 2792 MpFilter - ok
02:41:13.0262 2792 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
02:41:13.0275 2792 mpio - ok
02:41:13.0291 2792 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:41:13.0345 2792 mpsdrv - ok
02:41:13.0404 2792 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:41:13.0476 2792 MpsSvc - ok
02:41:13.0510 2792 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:41:13.0552 2792 MRxDAV - ok
02:41:13.0579 2792 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:41:13.0624 2792 mrxsmb - ok
02:41:13.0649 2792 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:41:13.0686 2792 mrxsmb10 - ok
02:41:13.0709 2792 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:41:13.0737 2792 mrxsmb20 - ok
02:41:13.0759 2792 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
02:41:13.0775 2792 msahci - ok
02:41:13.0809 2792 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:41:13.0828 2792 msdsm - ok
02:41:13.0851 2792 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
02:41:13.0881 2792 MSDTC - ok
02:41:13.0904 2792 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:41:13.0934 2792 Msfs - ok
02:41:13.0946 2792 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:41:13.0990 2792 mshidkmdf - ok
02:41:14.0005 2792 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:41:14.0013 2792 msisadrv - ok
02:41:14.0045 2792 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:41:14.0114 2792 MSiSCSI - ok
02:41:14.0116 2792 msiserver - ok
02:41:14.0141 2792 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:41:14.0166 2792 MSKSSRV - ok
02:41:14.0267 2792 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
02:41:14.0290 2792 MsMpSvc - ok
02:41:14.0304 2792 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:41:14.0345 2792 MSPCLOCK - ok
02:41:14.0363 2792 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:41:14.0416 2792 MSPQM - ok
02:41:14.0450 2792 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:41:14.0463 2792 MsRPC - ok
02:41:14.0476 2792 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:41:14.0484 2792 mssmbios - ok
02:41:14.0487 2792 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:41:14.0522 2792 MSTEE - ok
02:41:14.0532 2792 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:41:14.0543 2792 MTConfig - ok
02:41:14.0558 2792 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
02:41:14.0567 2792 Mup - ok
02:41:14.0591 2792 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
02:41:14.0654 2792 napagent - ok
02:41:14.0686 2792 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:41:14.0732 2792 NativeWifiP - ok
02:41:14.0815 2792 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
02:41:14.0850 2792 NDIS - ok
02:41:14.0867 2792 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:41:14.0893 2792 NdisCap - ok
02:41:14.0915 2792 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:41:14.0953 2792 NdisTapi - ok
02:41:14.0976 2792 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:41:15.0001 2792 Ndisuio - ok
02:41:15.0020 2792 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:41:15.0056 2792 NdisWan - ok
02:41:15.0096 2792 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:41:15.0145 2792 NDProxy - ok
02:41:15.0155 2792 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:41:15.0198 2792 NetBIOS - ok
02:41:15.0219 2792 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:41:15.0253 2792 NetBT - ok
02:41:15.0270 2792 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
02:41:15.0280 2792 Netlogon - ok
02:41:15.0311 2792 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
02:41:15.0355 2792 Netman - ok
02:41:15.0399 2792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0409 2792 NetMsmqActivator - ok
02:41:15.0413 2792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0422 2792 NetPipeActivator - ok
02:41:15.0440 2792 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
02:41:15.0487 2792 netprofm - ok
02:41:15.0490 2792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0498 2792 NetTcpActivator - ok
02:41:15.0501 2792 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:41:15.0509 2792 NetTcpPortSharing - ok
02:41:15.0530 2792 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:41:15.0540 2792 nfrd960 - ok
02:41:15.0583 2792 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:41:15.0609 2792 NisDrv - ok
02:41:15.0668 2792 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
02:41:15.0700 2792 NisSrv - ok
02:41:15.0719 2792 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:41:15.0741 2792 NlaSvc - ok
02:41:15.0779 2792 [ 903681BAB213D5F84717C0FC42AFB28A ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
02:41:15.0849 2792 nmwcd - ok
02:41:15.0861 2792 [ EC4C5EBD003E0395BF4EA5A2EFD13CE6 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
02:41:15.0886 2792 nmwcdc - ok
02:41:15.0904 2792 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:41:15.0929 2792 Npfs - ok
02:41:15.0941 2792 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
02:41:15.0980 2792 nsi - ok
02:41:15.0996 2792 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:41:16.0034 2792 nsiproxy - ok
02:41:16.0090 2792 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:41:16.0131 2792 Ntfs - ok
02:41:16.0146 2792 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
02:41:16.0199 2792 Null - ok
02:41:16.0249 2792 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
02:41:16.0271 2792 NVHDA - ok
02:41:16.0557 2792 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:41:16.0670 2792 nvlddmkm - ok
02:41:16.0796 2792 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:41:16.0818 2792 nvraid - ok
02:41:16.0840 2792 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:41:16.0861 2792 nvstor - ok
02:41:16.0907 2792 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
02:41:16.0940 2792 nvsvc - ok
02:41:17.0030 2792 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
02:41:17.0078 2792 nvUpdatusService - ok
02:41:17.0117 2792 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:41:17.0139 2792 nv_agp - ok
02:41:17.0161 2792 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:41:17.0181 2792 ohci1394 - ok
02:41:17.0214 2792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:41:17.0256 2792 p2pimsvc - ok
02:41:17.0283 2792 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
02:41:17.0297 2792 p2psvc - ok
02:41:17.0320 2792 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:41:17.0330 2792 Parport - ok
02:41:17.0377 2792 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:41:17.0386 2792 partmgr - ok
02:41:17.0405 2792 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
02:41:17.0421 2792 PcaSvc - ok
02:41:17.0445 2792 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
02:41:17.0457 2792 pci - ok
02:41:17.0475 2792 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
02:41:17.0485 2792 pciide - ok
02:41:17.0497 2792 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:41:17.0509 2792 pcmcia - ok
02:41:17.0606 2792 [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
02:41:17.0638 2792 PCToolsSSDMonitorSvc - ok
02:41:17.0652 2792 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
02:41:17.0674 2792 pcw - ok
02:41:17.0698 2792 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:41:17.0745 2792 PEAUTH - ok
02:41:17.0797 2792 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
02:41:17.0847 2792 PeerDistSvc - ok
02:41:17.0911 2792 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:41:17.0929 2792 PerfHost - ok
02:41:17.0982 2792 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
02:41:18.0033 2792 pla - ok
02:41:18.0079 2792 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:41:18.0117 2792 PlugPlay - ok
02:41:18.0142 2792 PnkBstrA - ok
02:41:18.0155 2792 PnkBstrB - ok
02:41:18.0165 2792 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:41:18.0183 2792 PNRPAutoReg - ok
02:41:18.0210 2792 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:41:18.0222 2792 PNRPsvc - ok
02:41:18.0251 2792 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:41:18.0294 2792 PolicyAgent - ok
02:41:18.0341 2792 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
02:41:18.0402 2792 Power - ok
02:41:18.0426 2792 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:41:18.0468 2792 PptpMiniport - ok
02:41:18.0480 2792 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:41:18.0498 2792 Processor - ok
02:41:18.0533 2792 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
02:41:18.0548 2792 ProfSvc - ok
02:41:18.0558 2792 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:41:18.0567 2792 ProtectedStorage - ok
02:41:18.0598 2792 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:41:18.0623 2792 Psched - ok
02:41:18.0634 2792 [ DA3964D8FB8798DC741ABACA9ED1B99D ] pwdrvio C:\Windows\system32\pwdrvio.sys
02:41:18.0653 2792 pwdrvio - ok
02:41:18.0689 2792 [ A55ED5A63D0178A41EA05AC50A60F89A ] pwdspio C:\Windows\system32\pwdspio.sys
02:41:18.0705 2792 pwdspio - ok
02:41:18.0764 2792 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:41:18.0794 2792 ql2300 - ok
02:41:18.0808 2792 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:41:18.0818 2792 ql40xx - ok
02:41:18.0851 2792 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
02:41:18.0891 2792 QWAVE - ok
02:41:18.0906 2792 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:41:18.0939 2792 QWAVEdrv - ok
02:41:18.0958 2792 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:41:18.0994 2792 RasAcd - ok
02:41:19.0033 2792 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:41:19.0059 2792 RasAgileVpn - ok
02:41:19.0077 2792 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
02:41:19.0104 2792 RasAuto - ok
02:41:19.0121 2792 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:41:19.0165 2792 Rasl2tp - ok
02:41:19.0200 2792 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
02:41:19.0244 2792 RasMan - ok
02:41:19.0271 2792 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:41:19.0309 2792 RasPppoe - ok
02:41:19.0340 2792 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:41:19.0381 2792 RasSstp - ok
02:41:19.0399 2792 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:41:19.0440 2792 rdbss - ok
02:41:19.0459 2792 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:41:19.0472 2792 rdpbus - ok
02:41:19.0499 2792 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:41:19.0553 2792 RDPCDD - ok
02:41:19.0580 2792 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
02:41:19.0622 2792 RDPDR - ok
02:41:19.0638 2792 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:41:19.0683 2792 RDPENCDD - ok
02:41:19.0702 2792 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:41:19.0727 2792 RDPREFMP - ok
02:41:19.0745 2792 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:41:19.0791 2792 RDPWD - ok
02:41:19.0814 2792 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:41:19.0826 2792 rdyboost - ok
02:41:19.0858 2792 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:41:19.0899 2792 RemoteAccess - ok
02:41:19.0931 2792 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:41:19.0968 2792 RemoteRegistry - ok
02:41:19.0981 2792 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:41:20.0022 2792 RpcEptMapper - ok
02:41:20.0048 2792 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
02:41:20.0064 2792 RpcLocator - ok
02:41:20.0096 2792 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
02:41:20.0126 2792 RpcSs - ok
02:41:20.0139 2792 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:41:20.0164 2792 rspndr - ok
02:41:20.0214 2792 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
02:41:20.0226 2792 RTL8167 - ok
02:41:20.0247 2792 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
02:41:20.0268 2792 s3cap - ok
02:41:20.0274 2792 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
02:41:20.0284 2792 SamSs - ok
02:41:20.0304 2792 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:41:20.0313 2792 sbp2port - ok
02:41:20.0330 2792 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:41:20.0371 2792 SCardSvr - ok
02:41:20.0430 2792 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:41:20.0467 2792 scfilter - ok
02:41:20.0512 2792 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
02:41:20.0566 2792 Schedule - ok
02:41:20.0599 2792 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
02:41:20.0624 2792 SCPolicySvc - ok
02:41:20.0679 2792 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
02:41:20.0687 2792 ScreamBAudioSvc - ok
02:41:20.0698 2792 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:41:20.0734 2792 SDRSVC - ok
02:41:20.0759 2792 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:41:20.0784 2792 secdrv - ok
02:41:20.0799 2792 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
02:41:20.0836 2792 seclogon - ok
02:41:20.0849 2792 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
02:41:20.0876 2792 SENS - ok
02:41:20.0890 2792 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:41:20.0927 2792 SensrSvc - ok
02:41:20.0935 2792 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:41:20.0944 2792 Serenum - ok
02:41:20.0983 2792 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:41:21.0007 2792 Serial - ok
02:41:21.0039 2792 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:41:21.0079 2792 sermouse - ok
02:41:21.0119 2792 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
02:41:21.0177 2792 SessionEnv - ok
02:41:21.0235 2792 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:41:21.0268 2792 sffdisk - ok
02:41:21.0282 2792 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:41:21.0301 2792 sffp_mmc - ok
02:41:21.0318 2792 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:41:21.0344 2792 sffp_sd - ok
02:41:21.0357 2792 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:41:21.0367 2792 sfloppy - ok
02:41:21.0435 2792 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:41:21.0473 2792 SharedAccess - ok
02:41:21.0505 2792 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:41:21.0534 2792 ShellHWDetection - ok
02:41:21.0552 2792 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:41:21.0561 2792 SiSRaid2 - ok
02:41:21.0576 2792 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:41:21.0586 2792 SiSRaid4 - ok
02:41:21.0650 2792 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:41:21.0668 2792 SkypeUpdate - ok
02:41:21.0680 2792 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:41:21.0719 2792 Smb - ok
02:41:21.0748 2792 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:41:21.0779 2792 SNMPTRAP - ok
02:41:21.0808 2792 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
02:41:21.0816 2792 spldr - ok
02:41:21.0856 2792 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
02:41:21.0922 2792 Spooler - ok
02:41:22.0039 2792 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
02:41:22.0192 2792 sppsvc - ok
02:41:22.0208 2792 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:41:22.0250 2792 sppuinotify - ok
02:41:22.0317 2792 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys
02:41:22.0332 2792 sptd - ok
02:41:22.0366 2792 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
02:41:22.0417 2792 srv - ok
02:41:22.0459 2792 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:41:22.0499 2792 srv2 - ok
02:41:22.0519 2792 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:41:22.0552 2792 srvnet - ok
02:41:22.0575 2792 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:41:22.0637 2792 SSDPSRV - ok
02:41:22.0654 2792 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:41:22.0680 2792 SstpSvc - ok
02:41:22.0720 2792 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
02:41:22.0741 2792 ssudmdm - ok
02:41:22.0810 2792 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
02:41:22.0838 2792 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
02:41:22.0839 2792 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
02:41:22.0896 2792 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:41:22.0927 2792 Steam Client Service - ok
02:41:23.0008 2792 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
02:41:23.0035 2792 Stereo Service - ok
02:41:23.0060 2792 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:41:23.0073 2792 stexstor - ok
02:41:23.0123 2792 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
02:41:23.0162 2792 stisvc - ok
02:41:23.0185 2792 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
02:41:23.0195 2792 storflt - ok
02:41:23.0210 2792 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
02:41:23.0252 2792 StorSvc - ok
02:41:23.0272 2792 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
02:41:23.0287 2792 storvsc - ok
02:41:23.0307 2792 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
02:41:23.0315 2792 swenum - ok
02:41:23.0406 2792 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
02:41:23.0420 2792 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
02:41:23.0420 2792 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
02:41:23.0446 2792 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
02:41:23.0490 2792 swprv - ok
02:41:23.0556 2792 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
02:41:23.0607 2792 SysMain - ok
02:41:23.0633 2792 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:41:23.0657 2792 TabletInputService - ok
02:41:23.0842 2792 [ 45C9720E43ADF60E31A018FBC3321608 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
02:41:24.0121 2792 TabletServicePen - ok
02:41:24.0155 2792 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:41:24.0209 2792 TapiSrv - ok
02:41:24.0235 2792 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
02:41:24.0262 2792 TBS - ok
02:41:24.0325 2792 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:41:24.0359 2792 Tcpip - ok
02:41:24.0381 2792 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:41:24.0407 2792 TCPIP6 - ok
02:41:24.0435 2792 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:41:24.0448 2792 tcpipreg - ok
02:41:24.0471 2792 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:41:24.0490 2792 TDPIPE - ok
02:41:24.0514 2792 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:41:24.0525 2792 TDTCP - ok
02:41:24.0550 2792 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:41:24.0588 2792 tdx - ok
02:41:24.0694 2792 [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
02:41:24.0785 2792 TeamViewer6 - ok
02:41:24.0818 2792 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
02:41:24.0825 2792 teamviewervpn - ok
02:41:24.0864 2792 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
02:41:24.0872 2792 TermDD - ok
02:41:24.0894 2792 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
02:41:24.0941 2792 TermService - ok
02:41:24.0952 2792 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
02:41:24.0975 2792 Themes - ok
02:41:25.0001 2792 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
02:41:25.0026 2792 THREADORDER - ok
02:41:25.0056 2792 [ B623380AA85A84C836C395B873D6D20C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
02:41:25.0079 2792 TouchServicePen - ok
02:41:25.0090 2792 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
02:41:25.0127 2792 TrkWks - ok
02:41:25.0176 2792 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:41:25.0212 2792 TrustedInstaller - ok
02:41:25.0238 2792 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:41:25.0266 2792 tssecsrv - ok
02:41:25.0297 2792 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:41:25.0337 2792 TsUsbFlt - ok
02:41:25.0364 2792 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:41:25.0388 2792 tunnel - ok
02:41:25.0416 2792 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:41:25.0425 2792 uagp35 - ok
02:41:25.0446 2792 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:41:25.0485 2792 udfs - ok
02:41:25.0508 2792 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:41:25.0530 2792 UI0Detect - ok
02:41:25.0576 2792 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:41:25.0585 2792 uliagpkx - ok
02:41:25.0618 2792 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
02:41:25.0641 2792 umbus - ok
02:41:25.0653 2792 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:41:25.0662 2792 UmPass - ok
02:41:25.0692 2792 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
02:41:25.0716 2792 UmRdpService - ok
02:41:25.0737 2792 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
02:41:25.0782 2792 upnphost - ok
02:41:25.0832 2792 [ 7168819F30FE9622284EA19BDE7F8AB4 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
02:41:25.0857 2792 upperdev - ok
02:41:25.0915 2792 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
02:41:25.0958 2792 usbaudio - ok
02:41:25.0990 2792 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:41:26.0014 2792 usbccgp - ok
02:41:26.0027 2792 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:41:26.0039 2792 usbcir - ok
02:41:26.0056 2792 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
02:41:26.0084 2792 usbehci - ok
02:41:26.0116 2792 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:41:26.0129 2792 usbhub - ok
02:41:26.0142 2792 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:41:26.0151 2792 usbohci - ok
02:41:26.0182 2792 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:41:26.0206 2792 usbprint - ok
02:41:26.0228 2792 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
02:41:26.0240 2792 usbscan - ok
02:41:26.0259 2792 [ 66C25CB20B2974E0C0CFDAB49FB72A02 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
02:41:26.0299 2792 UsbserFilt - ok
02:41:26.0321 2792 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:41:26.0362 2792 USBSTOR - ok
02:41:26.0375 2792 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:41:26.0406 2792 usbuhci - ok
02:41:26.0450 2792 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:41:26.0496 2792 usbvideo - ok
02:41:26.0524 2792 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
02:41:26.0568 2792 UxSms - ok
02:41:26.0574 2792 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
02:41:26.0584 2792 VaultSvc - ok
02:41:26.0601 2792 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:41:26.0610 2792 vdrvroot - ok
02:41:26.0638 2792 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
02:41:26.0681 2792 vds - ok
02:41:26.0708 2792 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:41:26.0729 2792 vga - ok
02:41:26.0759 2792 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
02:41:26.0819 2792 VgaSave - ok
02:41:26.0862 2792 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:41:26.0887 2792 vhdmp - ok
02:41:26.0917 2792 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
02:41:26.0937 2792 viaide - ok
02:41:26.0962 2792 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
02:41:26.0977 2792 vmbus - ok
02:41:26.0999 2792 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
02:41:27.0012 2792 VMBusHID - ok
02:41:27.0022 2792 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:41:27.0034 2792 volmgr - ok
02:41:27.0061 2792 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:41:27.0074 2792 volmgrx - ok
02:41:27.0091 2792 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:41:27.0104 2792 volsnap - ok
02:41:27.0121 2792 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:41:27.0132 2792 vsmraid - ok
02:41:27.0184 2792 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
02:41:27.0235 2792 VSS - ok
02:41:27.0255 2792 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
02:41:27.0303 2792 vwifibus - ok
02:41:27.0338 2792 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
02:41:27.0396 2792 W32Time - ok
02:41:27.0416 2792 [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
02:41:27.0422 2792 wacmoumonitor - ok
02:41:27.0453 2792 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
02:41:27.0459 2792 wacommousefilter - ok
02:41:27.0467 2792 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:41:27.0495 2792 WacomPen - ok
02:41:27.0508 2792 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
02:41:27.0515 2792 wacomvhid - ok
02:41:27.0541 2792 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:41:27.0576 2792 WANARP - ok
02:41:27.0579 2792 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:41:27.0603 2792 Wanarpv6 - ok
02:41:27.0662 2792 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
02:41:27.0709 2792 wbengine - ok
02:41:27.0723 2792 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:41:27.0740 2792 WbioSrvc - ok
02:41:27.0763 2792 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:41:27.0782 2792 wcncsvc - ok
02:41:27.0793 2792 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:41:27.0804 2792 WcsPlugInService - ok
02:41:27.0817 2792 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:41:27.0826 2792 Wd - ok
02:41:27.0869 2792 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:41:27.0889 2792 Wdf01000 - ok
02:41:27.0905 2792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:41:27.0982 2792 WdiServiceHost - ok
02:41:27.0986 2792 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:41:28.0004 2792 WdiSystemHost - ok
02:41:28.0019 2792 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
02:41:28.0055 2792 WebClient - ok
02:41:28.0072 2792 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:41:28.0129 2792 Wecsvc - ok
02:41:28.0153 2792 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:41:28.0179 2792 wercplsupport - ok
02:41:28.0201 2792 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
02:41:28.0231 2792 WerSvc - ok
02:41:28.0246 2792 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:41:28.0272 2792 WfpLwf - ok
02:41:28.0282 2792 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:41:28.0291 2792 WIMMount - ok
02:41:28.0351 2792 WinDefend - ok
02:41:28.0360 2792 WinHttpAutoProxySvc - ok
02:41:28.0398 2792 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:41:28.0441 2792 Winmgmt - ok
02:41:28.0514 2792 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
02:41:28.0597 2792 WinRM - ok
02:41:28.0645 2792 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:41:28.0678 2792 WinUsb - ok
02:41:28.0725 2792 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
02:41:28.0782 2792 Wlansvc - ok
02:41:28.0911 2792 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:41:29.0007 2792 wlidsvc - ok
02:41:29.0032 2792 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:41:29.0042 2792 WmiAcpi - ok
02:41:29.0060 2792 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:41:29.0082 2792 wmiApSrv - ok
02:41:29.0110 2792 WMPNetworkSvc - ok
02:41:29.0132 2792 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:41:29.0152 2792 WPCSvc - ok
02:41:29.0169 2792 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:41:29.0181 2792 WPDBusEnum - ok
02:41:29.0202 2792 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:41:29.0235 2792 ws2ifsl - ok
02:41:29.0271 2792 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
02:41:29.0292 2792 wscsvc - ok
02:41:29.0294 2792 WSearch - ok
02:41:29.0379 2792 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
02:41:29.0485 2792 wuauserv - ok
02:41:29.0536 2792 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:41:29.0588 2792 WudfPf - ok
02:41:29.0635 2792 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:41:29.0656 2792 WUDFRd - ok
02:41:29.0685 2792 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:41:29.0716 2792 wudfsvc - ok
02:41:29.0746 2792 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
02:41:29.0775 2792 WwanSvc - ok
02:41:29.0892 2792 X6va007 - ok
02:41:29.0919 2792 ================ Scan global ===============================
02:41:29.0951 2792 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:41:29.0991 2792 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:41:30.0002 2792 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
02:41:30.0024 2792 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:41:30.0050 2792 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:41:30.0057 2792 [Global] - ok
02:41:30.0057 2792 ================ Scan MBR ==================================
02:41:30.0089 2792 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:41:30.0354 2792 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
02:41:30.0354 2792 \Device\Harddisk0\DR0 - detected TDSS File System (1)
02:41:30.0355 2792 ================ Scan VBR ==================================
02:41:30.0358 2792 [ C34501B25193EF201FE2B17CF5429E1C ] \Device\Harddisk0\DR0\Partition1
02:41:30.0360 2792 \Device\Harddisk0\DR0\Partition1 - ok
02:41:30.0381 2792 [ 7BCB2AED936BC684E8CD576C3D39F4B6 ] \Device\Harddisk0\DR0\Partition2
02:41:30.0384 2792 \Device\Harddisk0\DR0\Partition2 - ok
02:41:30.0387 2792 [ 12EB1AAAAEF24910D29081E0D88C22AD ] \Device\Harddisk0\DR0\Partition3
02:41:30.0390 2792 \Device\Harddisk0\DR0\Partition3 - ok
02:41:30.0390 2792 ============================================================
02:41:30.0390 2792 Scan finished
02:41:30.0390 2792 ============================================================
02:41:30.0406 0664 Detected object count: 7
02:41:30.0406 0664 Actual detected object count: 7
02:41:37.0986 0664 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
02:41:37.0986 0664 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
02:41:37.0987 0664 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0987 0664 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:41:37.0988 0664 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0988 0664 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:41:37.0990 0664 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0990 0664 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:41:37.0991 0664 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0991 0664 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:41:37.0992 0664 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
02:41:37.0992 0664 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:41:37.0993 0664 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
02:41:37.0993 0664 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
02:41:49.0086 2148 Deinitialize success
Geändert von Quobble (08.08.2013 um 01:42 Uhr) |
|
08.08.2013, 01:42
| #6 |
| /// Malware-holic | Unbekannter Schädling Hi, 1. natürlich weil du es als unnötig gekennzeichnet hast... 2. ich hatte darum gebeten, alles auf einmal zu posten, wo ist das TDSS Killer Log?
__________________ --> Unbekannter Schädling |
|
08.08.2013, 01:46
| #7 |
| | Unbekannter Schädling Tut mir leid. Hat halt etwas gedauert bis ich alle unnötigen Sachen weggehauen hatte und die Tools durchlaufen gelassen hab. |
|
08.08.2013, 01:53
| #8 |
| /// Malware-holic | Unbekannter Schädling Und deswgen, beim nächsten Mal, alles fertig machen und dann erst alles auf einmal reinkopieren. Ok, weiter gehts. Konfiguriere den TDSS killer wie eben. Suche: Harddisk0\DR0 ( TDSS Wähle dort cure, falls nicht möglich, delete. Starte jetzt neu, konfiguriere den TDSS Killer noch mal wie eben, scanne poste neues Log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 02:04
| #9 |
| | Unbekannter Schädling Cure gabs nicht, deshalb hab ich Delete gewählt. Hier die Logs: Code:
ATTFilter 03:01:52.0936 5032 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
03:01:53.0181 5032 ============================================================
03:01:53.0181 5032 Current date / time: 2013/08/08 03:01:53.0181
03:01:53.0181 5032 SystemInfo:
03:01:53.0181 5032
03:01:53.0181 5032 OS Version: 6.1.7601 ServicePack: 1.0
03:01:53.0181 5032 Product type: Workstation
03:01:53.0181 5032 ComputerName: MAXPC
03:01:53.0181 5032 UserName: Max
03:01:53.0181 5032 Windows directory: C:\Windows
03:01:53.0182 5032 System windows directory: C:\Windows
03:01:53.0182 5032 Running under WOW64
03:01:53.0182 5032 Processor architecture: Intel x64
03:01:53.0182 5032 Number of processors: 4
03:01:53.0182 5032 Page size: 0x1000
03:01:53.0182 5032 Boot type: Normal boot
03:01:53.0182 5032 ============================================================
03:01:55.0821 5032 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2F509, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
03:01:55.0828 5032 ============================================================
03:01:55.0828 5032 \Device\Harddisk0\DR0:
03:01:55.0829 5032 MBR partitions:
03:01:55.0829 5032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:01:55.0829 5032 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9F3046A0
03:01:55.0829 5032 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9F336EA0, BlocksNum 0xF54F160
03:01:55.0829 5032 ============================================================
03:01:55.0868 5032 D: <-> \Device\Harddisk0\DR0\Partition2
03:01:55.0904 5032 C: <-> \Device\Harddisk0\DR0\Partition3
03:01:55.0904 5032 ============================================================
03:01:55.0904 5032 Initialize success
03:01:55.0904 5032 ============================================================
03:02:02.0256 4048 ============================================================
03:02:02.0256 4048 Scan started
03:02:02.0256 4048 Mode: Manual; SigCheck; TDLFS;
03:02:02.0256 4048 ============================================================
03:02:02.0886 4048 ================ Scan system memory ========================
03:02:02.0886 4048 System memory - ok
03:02:02.0887 4048 ================ Scan services =============================
03:02:03.0035 4048 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:02:03.0274 4048 1394ohci - ok
03:02:03.0318 4048 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:02:03.0353 4048 ACPI - ok
03:02:03.0382 4048 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:02:03.0474 4048 AcpiPmi - ok
03:02:03.0506 4048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
03:02:03.0539 4048 adp94xx - ok
03:02:03.0559 4048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
03:02:03.0577 4048 adpahci - ok
03:02:03.0595 4048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
03:02:03.0610 4048 adpu320 - ok
03:02:03.0631 4048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:02:03.0787 4048 AeLookupSvc - ok
03:02:03.0848 4048 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:02:03.0915 4048 AFD - ok
03:02:03.0943 4048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:02:03.0963 4048 agp440 - ok
03:02:04.0231 4048 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
03:02:04.0232 4048 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
03:02:04.0237 4048 Akamai ( HiddenFile.Multi.Generic ) - warning
03:02:04.0238 4048 Akamai - detected HiddenFile.Multi.Generic (1)
03:02:04.0253 4048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:02:04.0320 4048 ALG - ok
03:02:04.0351 4048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:02:04.0370 4048 aliide - ok
03:02:04.0401 4048 [ B3E801135E0C81733542C14D9AA8120A ] Alpham1 C:\Windows\system32\DRIVERS\Alpham164.sys
03:02:04.0460 4048 Alpham1 - ok
03:02:04.0495 4048 [ 6493983FEDBC49D9112703ECE9B251FE ] Alpham2 C:\Windows\system32\DRIVERS\Alpham264.sys
03:02:04.0534 4048 Alpham2 - ok
03:02:04.0559 4048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
03:02:04.0579 4048 amdide - ok
03:02:04.0608 4048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
03:02:04.0700 4048 AmdK8 - ok
03:02:04.0721 4048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:02:04.0764 4048 AmdPPM - ok
03:02:04.0799 4048 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:02:04.0821 4048 amdsata - ok
03:02:04.0858 4048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
03:02:04.0883 4048 amdsbs - ok
03:02:04.0898 4048 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:02:04.0917 4048 amdxata - ok
03:02:04.0961 4048 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
03:02:05.0047 4048 AppID - ok
03:02:05.0067 4048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:02:05.0111 4048 AppIDSvc - ok
03:02:05.0146 4048 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
03:02:05.0192 4048 Appinfo - ok
03:02:05.0255 4048 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:02:05.0274 4048 Apple Mobile Device - ok
03:02:05.0309 4048 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
03:02:05.0362 4048 AppMgmt - ok
03:02:05.0376 4048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
03:02:05.0398 4048 arc - ok
03:02:05.0413 4048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
03:02:05.0426 4048 arcsas - ok
03:02:05.0550 4048 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:02:05.0622 4048 aspnet_state - ok
03:02:05.0658 4048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:02:05.0726 4048 AsyncMac - ok
03:02:05.0751 4048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
03:02:05.0762 4048 atapi - ok
03:02:05.0792 4048 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
03:02:05.0861 4048 atksgt - ok
03:02:05.0908 4048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:02:05.0985 4048 AudioEndpointBuilder - ok
03:02:05.0993 4048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:02:06.0021 4048 AudioSrv - ok
03:02:06.0095 4048 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
03:02:06.0112 4048 AxAutoMntSrv - ok
03:02:06.0137 4048 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:02:06.0215 4048 AxInstSV - ok
03:02:06.0264 4048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
03:02:06.0311 4048 b06bdrv - ok
03:02:06.0341 4048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:02:06.0374 4048 b57nd60a - ok
03:02:06.0415 4048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:02:06.0464 4048 BDESVC - ok
03:02:06.0483 4048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:02:06.0557 4048 Beep - ok
03:02:06.0629 4048 [ B1359701847FF1FF415FA083F1610F48 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
03:02:06.0691 4048 BEService ( UnsignedFile.Multi.Generic ) - warning
03:02:06.0691 4048 BEService - detected UnsignedFile.Multi.Generic (1)
03:02:06.0739 4048 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
03:02:06.0772 4048 BFE - ok
03:02:06.0837 4048 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
03:02:06.0885 4048 BITS - ok
03:02:06.0913 4048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:02:06.0932 4048 blbdrive - ok
03:02:06.0972 4048 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:02:07.0015 4048 bowser - ok
03:02:07.0038 4048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:02:07.0129 4048 BrFiltLo - ok
03:02:07.0139 4048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:02:07.0165 4048 BrFiltUp - ok
03:02:07.0209 4048 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:02:07.0273 4048 BridgeMP - ok
03:02:07.0311 4048 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
03:02:07.0331 4048 Browser - ok
03:02:07.0346 4048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:02:07.0426 4048 Brserid - ok
03:02:07.0443 4048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:02:07.0476 4048 BrSerWdm - ok
03:02:07.0488 4048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:02:07.0528 4048 BrUsbMdm - ok
03:02:07.0543 4048 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:02:07.0572 4048 BrUsbSer - ok
03:02:07.0591 4048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
03:02:07.0614 4048 BTHMODEM - ok
03:02:07.0650 4048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:02:07.0700 4048 bthserv - ok
03:02:07.0744 4048 catchme - ok
03:02:07.0777 4048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:02:07.0843 4048 cdfs - ok
03:02:07.0891 4048 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:02:07.0929 4048 cdrom - ok
03:02:07.0980 4048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
03:02:08.0052 4048 CertPropSvc - ok
03:02:08.0079 4048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:02:08.0116 4048 circlass - ok
03:02:08.0147 4048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:02:08.0169 4048 CLFS - ok
03:02:08.0276 4048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:02:08.0297 4048 clr_optimization_v2.0.50727_32 - ok
03:02:08.0334 4048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:02:08.0353 4048 clr_optimization_v2.0.50727_64 - ok
03:02:08.0417 4048 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:02:08.0547 4048 clr_optimization_v4.0.30319_32 - ok
03:02:08.0561 4048 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:02:08.0630 4048 clr_optimization_v4.0.30319_64 - ok
03:02:08.0659 4048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:02:08.0695 4048 CmBatt - ok
03:02:08.0726 4048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:02:08.0746 4048 cmdide - ok
03:02:08.0808 4048 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
03:02:08.0867 4048 CNG - ok
03:02:08.0884 4048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
03:02:08.0898 4048 Compbatt - ok
03:02:08.0923 4048 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
03:02:08.0959 4048 CompositeBus - ok
03:02:08.0975 4048 COMSysApp - ok
03:02:08.0991 4048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
03:02:09.0005 4048 crcdisk - ok
03:02:09.0038 4048 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:02:09.0081 4048 CryptSvc - ok
03:02:09.0118 4048 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
03:02:09.0188 4048 CSC - ok
03:02:09.0234 4048 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
03:02:09.0285 4048 CscService - ok
03:02:09.0315 4048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:02:09.0400 4048 DcomLaunch - ok
03:02:09.0424 4048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:02:09.0478 4048 defragsvc - ok
03:02:09.0505 4048 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:02:09.0566 4048 DfsC - ok
03:02:09.0627 4048 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
03:02:09.0647 4048 dg_ssudbus - ok
03:02:09.0677 4048 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
03:02:09.0743 4048 Dhcp - ok
03:02:09.0824 4048 [ D6B0939B78C73E1396A9C58DCCBC1983 ] Disc Soft Bus Service C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
03:02:09.0852 4048 Disc Soft Bus Service - ok
03:02:09.0869 4048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:02:09.0904 4048 discache - ok
03:02:09.0934 4048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
03:02:09.0951 4048 Disk - ok
03:02:09.0975 4048 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:02:10.0026 4048 Dnscache - ok
03:02:10.0048 4048 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:02:10.0102 4048 dot3svc - ok
03:02:10.0138 4048 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
03:02:10.0192 4048 DPS - ok
03:02:10.0234 4048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:02:10.0276 4048 drmkaud - ok
03:02:10.0308 4048 [ C9914A74045A6D23DB7252FA3985DE25 ] dtscsibus C:\Windows\system32\DRIVERS\dtscsibus.sys
03:02:10.0336 4048 dtscsibus - ok
03:02:10.0392 4048 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:02:10.0425 4048 DXGKrnl - ok
03:02:10.0445 4048 EagleX64 - ok
03:02:10.0499 4048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:02:10.0553 4048 EapHost - ok
03:02:10.0896 4048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
03:02:10.0953 4048 ebdrv - ok
03:02:10.0967 4048 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
03:02:11.0008 4048 EFS - ok
03:02:11.0177 4048 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:02:11.0244 4048 ehRecvr - ok
03:02:11.0270 4048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:02:11.0295 4048 ehSched - ok
03:02:11.0351 4048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
03:02:11.0381 4048 elxstor - ok
03:02:11.0410 4048 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
03:02:11.0458 4048 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
03:02:11.0458 4048 epmntdrv - detected UnsignedFile.Multi.Generic (1)
03:02:11.0485 4048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:02:11.0520 4048 ErrDev - ok
03:02:11.0554 4048 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
03:02:11.0598 4048 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
03:02:11.0599 4048 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
03:02:11.0656 4048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:02:11.0786 4048 EventSystem - ok
03:02:11.0824 4048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:02:11.0870 4048 exfat - ok
03:02:11.0903 4048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:02:11.0963 4048 fastfat - ok
03:02:12.0015 4048 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
03:02:12.0093 4048 Fax - ok
03:02:12.0135 4048 [ 240FF3619817B039198CDCD1E8DAE921 ] fcdabus C:\Windows\system32\DRIVERS\fcdabus.sys
03:02:12.0164 4048 fcdabus - ok
03:02:12.0173 4048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
03:02:12.0190 4048 fdc - ok
03:02:12.0197 4048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:02:12.0238 4048 fdPHost - ok
03:02:12.0251 4048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:02:12.0286 4048 FDResPub - ok
03:02:12.0296 4048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:02:12.0305 4048 FileInfo - ok
03:02:12.0316 4048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:02:12.0365 4048 Filetrace - ok
03:02:12.0379 4048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
03:02:12.0390 4048 flpydisk - ok
03:02:12.0413 4048 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:02:12.0426 4048 FltMgr - ok
03:02:12.0495 4048 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
03:02:12.0546 4048 FontCache - ok
03:02:12.0595 4048 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:02:12.0611 4048 FontCache3.0.0.0 - ok
03:02:12.0621 4048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:02:12.0639 4048 FsDepends - ok
03:02:12.0670 4048 [ 7B64CBC4FDDAD2CB4F774E6B81052E98 ] fsRamDsk C:\Windows\system32\DRIVERS\fsRamDsk.sys
03:02:12.0689 4048 fsRamDsk - ok
03:02:12.0718 4048 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:02:12.0731 4048 Fs_Rec - ok
03:02:12.0796 4048 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:02:12.0823 4048 fvevol - ok
03:02:12.0847 4048 [ C4AE69B476A40C165B6E99D10E814D0F ] FVXSCSI C:\Windows\system32\DRIVERS\fvxscsi.sys
03:02:12.0873 4048 FVXSCSI - ok
03:02:12.0911 4048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
03:02:12.0933 4048 gagp30kx - ok
03:02:12.0960 4048 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:02:12.0968 4048 GEARAspiWDM - ok
03:02:13.0018 4048 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
03:02:13.0092 4048 gpsvc - ok
03:02:13.0107 4048 gupdate - ok
03:02:13.0122 4048 gupdatem - ok
03:02:13.0144 4048 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
03:02:13.0156 4048 hamachi - ok
03:02:13.0583 4048 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
03:02:13.0634 4048 Hamachi2Svc - ok
03:02:13.0667 4048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:02:13.0716 4048 hcw85cir - ok
03:02:13.0749 4048 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:02:13.0780 4048 HdAudAddService - ok
03:02:13.0802 4048 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:02:13.0828 4048 HDAudBus - ok
03:02:13.0840 4048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
03:02:13.0866 4048 HidBatt - ok
03:02:13.0877 4048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
03:02:13.0893 4048 HidBth - ok
03:02:13.0913 4048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
03:02:13.0944 4048 HidIr - ok
03:02:13.0969 4048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
03:02:14.0003 4048 hidserv - ok
03:02:14.0043 4048 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:02:14.0053 4048 HidUsb - ok
03:02:14.0077 4048 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:02:14.0115 4048 hkmsvc - ok
03:02:14.0145 4048 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:02:14.0200 4048 HomeGroupListener - ok
03:02:14.0238 4048 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:02:14.0282 4048 HomeGroupProvider - ok
03:02:14.0314 4048 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:02:14.0328 4048 HpSAMD - ok
03:02:14.0371 4048 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:02:14.0440 4048 HTTP - ok
03:02:14.0473 4048 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:02:14.0492 4048 hwpolicy - ok
03:02:14.0524 4048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
03:02:14.0545 4048 i8042prt - ok
03:02:14.0588 4048 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:02:14.0615 4048 iaStorV - ok
03:02:14.0640 4048 ICQ Service - ok
03:02:14.0693 4048 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:02:14.0732 4048 idsvc - ok
03:02:14.0755 4048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
03:02:14.0768 4048 iirsp - ok
03:02:14.0820 4048 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
03:02:14.0888 4048 IKEEXT - ok
03:02:14.0902 4048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
03:02:14.0912 4048 intelide - ok
03:02:14.0932 4048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:02:14.0969 4048 intelppm - ok
03:02:14.0997 4048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:02:15.0049 4048 IPBusEnum - ok
03:02:15.0076 4048 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:02:15.0137 4048 IpFilterDriver - ok
03:02:15.0199 4048 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:02:15.0257 4048 iphlpsvc - ok
03:02:15.0284 4048 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:02:15.0308 4048 IPMIDRV - ok
03:02:15.0329 4048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:02:15.0379 4048 IPNAT - ok
03:02:15.0448 4048 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
03:02:15.0474 4048 iPod Service - ok
03:02:15.0499 4048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:02:15.0571 4048 IRENUM - ok
03:02:15.0583 4048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:02:15.0595 4048 isapnp - ok
03:02:15.0619 4048 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:02:15.0637 4048 iScsiPrt - ok
03:02:15.0650 4048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:02:15.0662 4048 kbdclass - ok
03:02:15.0690 4048 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:02:15.0720 4048 kbdhid - ok
03:02:15.0743 4048 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
03:02:15.0757 4048 KeyIso - ok
03:02:15.0794 4048 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:02:15.0816 4048 KSecDD - ok
03:02:15.0861 4048 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:02:15.0882 4048 KSecPkg - ok
03:02:15.0902 4048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:02:15.0945 4048 ksthunk - ok
03:02:16.0049 4048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:02:16.0087 4048 KtmRm - ok
03:02:16.0136 4048 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
03:02:16.0142 4048 LADF_DHP2 - ok
03:02:16.0167 4048 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
03:02:16.0177 4048 LADF_SBVM - ok
03:02:16.0227 4048 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
03:02:16.0273 4048 LanmanServer - ok
03:02:16.0296 4048 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:02:16.0334 4048 LanmanWorkstation - ok
03:02:16.0379 4048 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
03:02:16.0390 4048 lirsgt - ok
03:02:16.0429 4048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:02:16.0488 4048 lltdio - ok
03:02:16.0524 4048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:02:16.0572 4048 lltdsvc - ok
03:02:16.0586 4048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:02:16.0612 4048 lmhosts - ok
03:02:16.0642 4048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
03:02:16.0653 4048 LSI_FC - ok
03:02:16.0664 4048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
03:02:16.0675 4048 LSI_SAS - ok
03:02:16.0691 4048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:02:16.0702 4048 LSI_SAS2 - ok
03:02:16.0717 4048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:02:16.0729 4048 LSI_SCSI - ok
03:02:16.0743 4048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:02:16.0793 4048 luafv - ok
03:02:16.0835 4048 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
03:02:16.0890 4048 ManyCam - ok
03:02:16.0922 4048 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
03:02:16.0961 4048 mcaudrv_simple - ok
03:02:16.0995 4048 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:02:17.0030 4048 Mcx2Svc - ok
03:02:17.0047 4048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
03:02:17.0066 4048 megasas - ok
03:02:17.0089 4048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
03:02:17.0106 4048 MegaSR - ok
03:02:17.0170 4048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:02:17.0236 4048 MMCSS - ok
03:02:17.0251 4048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:02:17.0292 4048 Modem - ok
03:02:17.0323 4048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:02:17.0367 4048 monitor - ok
03:02:17.0401 4048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:02:17.0413 4048 mouclass - ok
03:02:17.0451 4048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:02:17.0482 4048 mouhid - ok
03:02:17.0539 4048 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:02:17.0559 4048 mountmgr - ok
03:02:17.0635 4048 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
03:02:17.0667 4048 MpFilter - ok
03:02:17.0695 4048 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:02:17.0708 4048 mpio - ok
03:02:17.0724 4048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:02:17.0776 4048 mpsdrv - ok
03:02:17.0836 4048 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:02:17.0931 4048 MpsSvc - ok
03:02:17.0967 4048 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:02:18.0004 4048 MRxDAV - ok
03:02:18.0036 4048 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:02:18.0082 4048 mrxsmb - ok
03:02:18.0106 4048 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:02:18.0144 4048 mrxsmb10 - ok
03:02:18.0165 4048 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:02:18.0195 4048 mrxsmb20 - ok
03:02:18.0216 4048 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:02:18.0233 4048 msahci - ok
03:02:18.0266 4048 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:02:18.0287 4048 msdsm - ok
03:02:18.0308 4048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:02:18.0345 4048 MSDTC - ok
03:02:18.0373 4048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:02:18.0417 4048 Msfs - ok
03:02:18.0439 4048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:02:18.0500 4048 mshidkmdf - ok
03:02:18.0521 4048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:02:18.0531 4048 msisadrv - ok
03:02:18.0561 4048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:02:18.0610 4048 MSiSCSI - ok
03:02:18.0613 4048 msiserver - ok
03:02:18.0646 4048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:02:18.0673 4048 MSKSSRV - ok
03:02:18.0771 4048 [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
03:02:18.0794 4048 MsMpSvc - ok
03:02:18.0809 4048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:02:18.0880 4048 MSPCLOCK - ok
03:02:18.0892 4048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:02:18.0945 4048 MSPQM - ok
03:02:18.0979 4048 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:02:18.0991 4048 MsRPC - ok
03:02:19.0005 4048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
03:02:19.0013 4048 mssmbios - ok
03:02:19.0016 4048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:02:19.0051 4048 MSTEE - ok
03:02:19.0061 4048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:02:19.0072 4048 MTConfig - ok
03:02:19.0087 4048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:02:19.0097 4048 Mup - ok
03:02:19.0120 4048 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
03:02:19.0171 4048 napagent - ok
03:02:19.0203 4048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:02:19.0248 4048 NativeWifiP - ok
03:02:19.0332 4048 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:02:19.0366 4048 NDIS - ok
03:02:19.0384 4048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:02:19.0415 4048 NdisCap - ok
03:02:19.0432 4048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:02:19.0469 4048 NdisTapi - ok
03:02:19.0492 4048 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:02:19.0518 4048 Ndisuio - ok
03:02:19.0537 4048 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:02:19.0573 4048 NdisWan - ok
03:02:19.0612 4048 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:02:19.0664 4048 NDProxy - ok
03:02:19.0684 4048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:02:19.0731 4048 NetBIOS - ok
03:02:19.0760 4048 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:02:19.0813 4048 NetBT - ok
03:02:19.0823 4048 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
03:02:19.0833 4048 Netlogon - ok
03:02:19.0864 4048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:02:19.0934 4048 Netman - ok
03:02:19.0975 4048 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0022 4048 NetMsmqActivator - ok
03:02:20.0027 4048 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0041 4048 NetPipeActivator - ok
03:02:20.0065 4048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:02:20.0117 4048 netprofm - ok
03:02:20.0120 4048 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0130 4048 NetTcpActivator - ok
03:02:20.0133 4048 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:02:20.0141 4048 NetTcpPortSharing - ok
03:02:20.0167 4048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
03:02:20.0178 4048 nfrd960 - ok
03:02:20.0232 4048 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
03:02:20.0258 4048 NisDrv - ok
03:02:20.0317 4048 [ 869A808253726EA11939EC4FE76346A4 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
03:02:20.0349 4048 NisSrv - ok
03:02:20.0368 4048 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:02:20.0390 4048 NlaSvc - ok
03:02:20.0428 4048 [ 903681BAB213D5F84717C0FC42AFB28A ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
03:02:20.0497 4048 nmwcd - ok
03:02:20.0510 4048 [ EC4C5EBD003E0395BF4EA5A2EFD13CE6 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
03:02:20.0535 4048 nmwcdc - ok
03:02:20.0553 4048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:02:20.0579 4048 Npfs - ok
03:02:20.0590 4048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:02:20.0629 4048 nsi - ok
03:02:20.0644 4048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:02:20.0683 4048 nsiproxy - ok
03:02:20.0745 4048 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:02:20.0803 4048 Ntfs - ok
03:02:20.0818 4048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:02:20.0868 4048 Null - ok
03:02:20.0934 4048 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
03:02:20.0956 4048 NVHDA - ok
03:02:21.0237 4048 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:02:21.0348 4048 nvlddmkm - ok
03:02:21.0468 4048 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:02:21.0485 4048 nvraid - ok
03:02:21.0512 4048 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:02:21.0528 4048 nvstor - ok
03:02:21.0577 4048 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
03:02:21.0609 4048 nvsvc - ok
03:02:21.0715 4048 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
03:02:21.0762 4048 nvUpdatusService - ok
03:02:21.0802 4048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:02:21.0812 4048 nv_agp - ok
03:02:21.0834 4048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:02:21.0883 4048 ohci1394 - ok
03:02:21.0936 4048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:02:22.0008 4048 p2pimsvc - ok
03:02:22.0065 4048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:02:22.0095 4048 p2psvc - ok
03:02:22.0149 4048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:02:22.0172 4048 Parport - ok
03:02:22.0205 4048 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:02:22.0226 4048 partmgr - ok
03:02:22.0295 4048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:02:22.0328 4048 PcaSvc - ok
03:02:22.0395 4048 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
03:02:22.0418 4048 pci - ok
03:02:22.0472 4048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
03:02:22.0486 4048 pciide - ok
03:02:22.0566 4048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
03:02:22.0591 4048 pcmcia - ok
03:02:22.0866 4048 [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
03:02:22.0898 4048 PCToolsSSDMonitorSvc - ok
03:02:22.0912 4048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:02:22.0922 4048 pcw - ok
03:02:22.0946 4048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:02:22.0997 4048 PEAUTH - ok
03:02:23.0087 4048 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
03:02:23.0295 4048 PeerDistSvc - ok
03:02:23.0412 4048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:02:23.0451 4048 PerfHost - ok
03:02:23.0789 4048 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
03:02:23.0883 4048 pla - ok
03:02:24.0049 4048 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:02:24.0106 4048 PlugPlay - ok
03:02:24.0225 4048 PnkBstrA - ok
03:02:24.0298 4048 PnkBstrB - ok
03:02:24.0326 4048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:02:24.0366 4048 PNRPAutoReg - ok
03:02:24.0469 4048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:02:24.0495 4048 PNRPsvc - ok
03:02:24.0618 4048 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:02:24.0701 4048 PolicyAgent - ok
03:02:24.0754 4048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:02:24.0796 4048 Power - ok
03:02:24.0828 4048 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:02:24.0870 4048 PptpMiniport - ok
03:02:24.0882 4048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
03:02:24.0900 4048 Processor - ok
03:02:24.0935 4048 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
03:02:24.0969 4048 ProfSvc - ok
03:02:24.0984 4048 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:02:24.0998 4048 ProtectedStorage - ok
03:02:25.0024 4048 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:02:25.0062 4048 Psched - ok
03:02:25.0096 4048 [ DA3964D8FB8798DC741ABACA9ED1B99D ] pwdrvio C:\Windows\system32\pwdrvio.sys
03:02:25.0130 4048 pwdrvio - ok
03:02:25.0175 4048 [ A55ED5A63D0178A41EA05AC50A60F89A ] pwdspio C:\Windows\system32\pwdspio.sys
03:02:25.0209 4048 pwdspio - ok
03:02:25.0293 4048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
03:02:25.0340 4048 ql2300 - ok
03:02:25.0377 4048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
03:02:25.0389 4048 ql40xx - ok
03:02:25.0421 4048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:02:25.0462 4048 QWAVE - ok
03:02:25.0476 4048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:02:25.0509 4048 QWAVEdrv - ok
03:02:25.0539 4048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:02:25.0589 4048 RasAcd - ok
03:02:25.0627 4048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:02:25.0674 4048 RasAgileVpn - ok
03:02:25.0695 4048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:02:25.0725 4048 RasAuto - ok
03:02:25.0750 4048 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:02:25.0797 4048 Rasl2tp - ok
03:02:25.0830 4048 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
03:02:25.0876 4048 RasMan - ok
03:02:25.0888 4048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:02:25.0932 4048 RasPppoe - ok
03:02:25.0958 4048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:02:26.0004 4048 RasSstp - ok
03:02:26.0029 4048 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:02:26.0078 4048 rdbss - ok
03:02:26.0088 4048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:02:26.0101 4048 rdpbus - ok
03:02:26.0129 4048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:02:26.0187 4048 RDPCDD - ok
03:02:26.0222 4048 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
03:02:26.0269 4048 RDPDR - ok
03:02:26.0280 4048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:02:26.0351 4048 RDPENCDD - ok
03:02:26.0367 4048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:02:26.0393 4048 RDPREFMP - ok
03:02:26.0411 4048 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:02:26.0458 4048 RDPWD - ok
03:02:26.0480 4048 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:02:26.0494 4048 rdyboost - ok
03:02:26.0524 4048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:02:26.0574 4048 RemoteAccess - ok
03:02:26.0609 4048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:02:26.0655 4048 RemoteRegistry - ok
03:02:26.0671 4048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:02:26.0712 4048 RpcEptMapper - ok
03:02:26.0738 4048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:02:26.0775 4048 RpcLocator - ok
03:02:26.0812 4048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
03:02:26.0867 4048 RpcSs - ok
03:02:26.0901 4048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:02:26.0927 4048 rspndr - ok
03:02:26.0976 4048 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
03:02:26.0990 4048 RTL8167 - ok
03:02:27.0009 4048 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
03:02:27.0044 4048 s3cap - ok
03:02:27.0060 4048 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
03:02:27.0075 4048 SamSs - ok
03:02:27.0102 4048 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:02:27.0124 4048 sbp2port - ok
03:02:27.0140 4048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:02:27.0190 4048 SCardSvr - ok
03:02:27.0228 4048 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:02:27.0286 4048 scfilter - ok
03:02:27.0323 4048 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
03:02:27.0383 4048 Schedule - ok
03:02:27.0421 4048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:02:27.0465 4048 SCPolicySvc - ok
03:02:27.0561 4048 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
03:02:27.0576 4048 ScreamBAudioSvc - ok
03:02:27.0592 4048 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:02:27.0634 4048 SDRSVC - ok
03:02:27.0677 4048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:02:27.0740 4048 secdrv - ok
03:02:27.0765 4048 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
03:02:27.0806 4048 seclogon - ok
03:02:27.0839 4048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
03:02:27.0873 4048 SENS - ok
03:02:27.0879 4048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:02:27.0925 4048 SensrSvc - ok
03:02:27.0937 4048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:02:27.0955 4048 Serenum - ok
03:02:27.0985 4048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:02:28.0015 4048 Serial - ok
03:02:28.0064 4048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
03:02:28.0105 4048 sermouse - ok
03:02:28.0145 4048 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:02:28.0190 4048 SessionEnv - ok
03:02:28.0213 4048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:02:28.0250 4048 sffdisk - ok
03:02:28.0272 4048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:02:28.0312 4048 sffp_mmc - ok
03:02:28.0332 4048 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:02:28.0365 4048 sffp_sd - ok
03:02:28.0383 4048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:02:28.0400 4048 sfloppy - ok
03:02:28.0474 4048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:02:28.0545 4048 SharedAccess - ok
03:02:28.0579 4048 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:02:28.0621 4048 ShellHWDetection - ok
03:02:28.0650 4048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:02:28.0659 4048 SiSRaid2 - ok
03:02:28.0758 4048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
03:02:28.0779 4048 SiSRaid4 - ok
03:02:28.0843 4048 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
03:02:28.0861 4048 SkypeUpdate - ok
03:02:28.0874 4048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:02:28.0924 4048 Smb - ok
03:02:28.0954 4048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:02:28.0994 4048 SNMPTRAP - ok
03:02:29.0014 4048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:02:29.0031 4048 spldr - ok
03:02:29.0075 4048 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
03:02:29.0127 4048 Spooler - ok
03:02:29.0245 4048 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
03:02:29.0398 4048 sppsvc - ok
03:02:29.0414 4048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:02:29.0474 4048 sppuinotify - ok
03:02:29.0536 4048 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys
03:02:29.0561 4048 sptd - ok
03:02:29.0595 4048 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
03:02:29.0644 4048 srv - ok
03:02:29.0676 4048 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:02:29.0716 4048 srv2 - ok
03:02:29.0737 4048 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:02:29.0769 4048 srvnet - ok
03:02:29.0792 4048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:02:29.0862 4048 SSDPSRV - ok
03:02:29.0884 4048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:02:29.0921 4048 SstpSvc - ok
03:02:29.0961 4048 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
03:02:29.0982 4048 ssudmdm - ok
03:02:30.0052 4048 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
03:02:30.0080 4048 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
03:02:30.0080 4048 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
03:02:30.0150 4048 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
03:02:30.0181 4048 Steam Client Service - ok
03:02:30.0261 4048 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:02:30.0290 4048 Stereo Service - ok
03:02:30.0314 4048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
03:02:30.0334 4048 stexstor - ok
03:02:30.0389 4048 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
03:02:30.0428 4048 stisvc - ok
03:02:30.0450 4048 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
03:02:30.0459 4048 storflt - ok
03:02:30.0485 4048 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
03:02:30.0531 4048 StorSvc - ok
03:02:30.0550 4048 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
03:02:30.0570 4048 storvsc - ok
03:02:30.0597 4048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
03:02:30.0608 4048 swenum - ok
03:02:30.0698 4048 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
03:02:30.0726 4048 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
03:02:30.0726 4048 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
03:02:30.0748 4048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:02:30.0796 4048 swprv - ok
03:02:30.0865 4048 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
03:02:30.0934 4048 SysMain - ok
03:02:30.0959 4048 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:02:31.0007 4048 TabletInputService - ok
03:02:31.0212 4048 [ 45C9720E43ADF60E31A018FBC3321608 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
03:02:31.0534 4048 TabletServicePen - ok
03:02:31.0564 4048 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:02:31.0633 4048 TapiSrv - ok
03:02:31.0657 4048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:02:31.0687 4048 TBS - ok
03:02:31.0755 4048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:02:31.0846 4048 Tcpip - ok
03:02:31.0875 4048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:02:31.0900 4048 TCPIP6 - ok
03:02:31.0929 4048 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:02:31.0961 4048 tcpipreg - ok
03:02:31.0977 4048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:02:31.0999 4048 TDPIPE - ok
03:02:32.0019 4048 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:02:32.0033 4048 TDTCP - ok
03:02:32.0068 4048 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:02:32.0119 4048 tdx - ok
03:02:32.0245 4048 [ EFD6843C137991CD253CA959E300E886 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
03:02:32.0356 4048 TeamViewer6 - ok
03:02:32.0384 4048 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
03:02:32.0391 4048 teamviewervpn - ok
03:02:32.0417 4048 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
03:02:32.0426 4048 TermDD - ok
03:02:32.0460 4048 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
03:02:32.0537 4048 TermService - ok
03:02:32.0566 4048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:02:32.0589 4048 Themes - ok
03:02:32.0627 4048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:02:32.0674 4048 THREADORDER - ok
03:02:32.0729 4048 [ B623380AA85A84C836C395B873D6D20C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
03:02:32.0753 4048 TouchServicePen - ok
03:02:32.0764 4048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:02:32.0802 4048 TrkWks - ok
03:02:32.0849 4048 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:02:32.0885 4048 TrustedInstaller - ok
03:02:32.0912 4048 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:02:32.0979 4048 tssecsrv - ok
03:02:33.0006 4048 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:02:33.0067 4048 TsUsbFlt - ok
03:02:33.0098 4048 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:02:33.0158 4048 tunnel - ok
03:02:33.0185 4048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
03:02:33.0206 4048 uagp35 - ok
03:02:33.0228 4048 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:02:33.0278 4048 udfs - ok
03:02:33.0301 4048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:02:33.0324 4048 UI0Detect - ok
03:02:33.0370 4048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:02:33.0392 4048 uliagpkx - ok
03:02:33.0435 4048 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
03:02:33.0467 4048 umbus - ok
03:02:33.0494 4048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:02:33.0514 4048 UmPass - ok
03:02:33.0546 4048 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
03:02:33.0588 4048 UmRdpService - ok
03:02:33.0616 4048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:02:33.0685 4048 upnphost - ok
03:02:33.0734 4048 [ 7168819F30FE9622284EA19BDE7F8AB4 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
03:02:33.0789 4048 upperdev - ok
03:02:33.0854 4048 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
03:02:33.0896 4048 usbaudio - ok
03:02:33.0928 4048 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:02:33.0959 4048 usbccgp - ok
03:02:33.0977 4048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:02:34.0004 4048 usbcir - ok
03:02:34.0018 4048 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:02:34.0052 4048 usbehci - ok
03:02:34.0079 4048 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:02:34.0123 4048 usbhub - ok
03:02:34.0151 4048 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
03:02:34.0170 4048 usbohci - ok
03:02:34.0204 4048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:02:34.0238 4048 usbprint - ok
03:02:34.0262 4048 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
03:02:34.0285 4048 usbscan - ok
03:02:34.0305 4048 [ 66C25CB20B2974E0C0CFDAB49FB72A02 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
03:02:34.0328 4048 UsbserFilt - ok
03:02:34.0343 4048 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:02:34.0382 4048 USBSTOR - ok
03:02:34.0397 4048 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:02:34.0410 4048 usbuhci - ok
03:02:34.0460 4048 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
03:02:34.0505 4048 usbvideo - ok
03:02:34.0533 4048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:02:34.0577 4048 UxSms - ok
03:02:34.0620 4048 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
03:02:34.0635 4048 VaultSvc - ok
03:02:34.0648 4048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:02:34.0665 4048 vdrvroot - ok
03:02:34.0709 4048 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
03:02:34.0779 4048 vds - ok
03:02:34.0790 4048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:02:34.0811 4048 vga - ok
03:02:34.0829 4048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:02:34.0874 4048 VgaSave - ok
03:02:34.0907 4048 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:02:34.0918 4048 vhdmp - ok
03:02:34.0951 4048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:02:34.0961 4048 viaide - ok
03:02:34.0984 4048 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
03:02:34.0998 4048 vmbus - ok
03:02:35.0022 4048 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
03:02:35.0036 4048 VMBusHID - ok
03:02:35.0045 4048 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:02:35.0058 4048 volmgr - ok
03:02:35.0084 4048 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:02:35.0101 4048 volmgrx - ok
03:02:35.0114 4048 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:02:35.0127 4048 volsnap - ok
03:02:35.0144 4048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
03:02:35.0157 4048 vsmraid - ok
03:02:35.0226 4048 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
03:02:35.0323 4048 VSS - ok
03:02:35.0338 4048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
03:02:35.0375 4048 vwifibus - ok
03:02:35.0410 4048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:02:35.0473 4048 W32Time - ok
03:02:35.0498 4048 [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
03:02:35.0505 4048 wacmoumonitor - ok
03:02:35.0535 4048 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
03:02:35.0542 4048 wacommousefilter - ok
03:02:35.0550 4048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
03:02:35.0578 4048 WacomPen - ok
03:02:35.0591 4048 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
03:02:35.0598 4048 wacomvhid - ok
03:02:35.0624 4048 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:02:35.0663 4048 WANARP - ok
03:02:35.0666 4048 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:02:35.0694 4048 Wanarpv6 - ok
03:02:35.0768 4048 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
03:02:35.0816 4048 wbengine - ok
03:02:35.0842 4048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:02:35.0861 4048 WbioSrvc - ok
03:02:35.0895 4048 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:02:35.0931 4048 wcncsvc - ok
03:02:35.0948 4048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:02:35.0969 4048 WcsPlugInService - ok
03:02:35.0984 4048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
03:02:35.0995 4048 Wd - ok
03:02:36.0037 4048 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:02:36.0074 4048 Wdf01000 - ok
03:02:36.0083 4048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:02:36.0165 4048 WdiServiceHost - ok
03:02:36.0169 4048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:02:36.0192 4048 WdiSystemHost - ok
03:02:36.0210 4048 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:02:36.0248 4048 WebClient - ok
03:02:36.0263 4048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:02:36.0311 4048 Wecsvc - ok
03:02:36.0332 4048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:02:36.0363 4048 wercplsupport - ok
03:02:36.0404 4048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:02:36.0466 4048 WerSvc - ok
03:02:36.0497 4048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:02:36.0522 4048 WfpLwf - ok
03:02:36.0532 4048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:02:36.0541 4048 WIMMount - ok
03:02:36.0602 4048 WinDefend - ok
03:02:36.0612 4048 WinHttpAutoProxySvc - ok
03:02:36.0661 4048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:02:36.0711 4048 Winmgmt - ok
03:02:36.0789 4048 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
03:02:36.0870 4048 WinRM - ok
03:02:36.0920 4048 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:02:36.0964 4048 WinUsb - ok
03:02:37.0011 4048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:02:37.0078 4048 Wlansvc - ok
03:02:37.0210 4048 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:02:37.0309 4048 wlidsvc - ok
03:02:37.0332 4048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:02:37.0343 4048 WmiAcpi - ok
03:02:37.0359 4048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:02:37.0381 4048 wmiApSrv - ok
03:02:37.0421 4048 WMPNetworkSvc - ok
03:02:37.0431 4048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:02:37.0466 4048 WPCSvc - ok
03:02:37.0480 4048 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:02:37.0508 4048 WPDBusEnum - ok
03:02:37.0525 4048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:02:37.0585 4048 ws2ifsl - ok
03:02:37.0618 4048 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
03:02:37.0643 4048 wscsvc - ok
03:02:37.0646 4048 WSearch - ok
03:02:37.0750 4048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
03:02:37.0854 4048 wuauserv - ok
03:02:37.0931 4048 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:02:37.0983 4048 WudfPf - ok
03:02:38.0030 4048 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:02:38.0054 4048 WUDFRd - ok
03:02:38.0080 4048 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:02:38.0119 4048 wudfsvc - ok
03:02:38.0153 4048 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
03:02:38.0201 4048 WwanSvc - ok
03:02:38.0322 4048 X6va007 - ok
03:02:38.0337 4048 ================ Scan global ===============================
03:02:38.0358 4048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:02:38.0398 4048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:02:38.0409 4048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:02:38.0431 4048 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:02:38.0457 4048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:02:38.0463 4048 [Global] - ok
03:02:38.0463 4048 ================ Scan MBR ==================================
03:02:38.0484 4048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:02:38.0790 4048 \Device\Harddisk0\DR0 - ok
03:02:38.0791 4048 ================ Scan VBR ==================================
03:02:38.0794 4048 [ C34501B25193EF201FE2B17CF5429E1C ] \Device\Harddisk0\DR0\Partition1
03:02:38.0796 4048 \Device\Harddisk0\DR0\Partition1 - ok
03:02:38.0824 4048 [ 7BCB2AED936BC684E8CD576C3D39F4B6 ] \Device\Harddisk0\DR0\Partition2
03:02:38.0826 4048 \Device\Harddisk0\DR0\Partition2 - ok
03:02:38.0830 4048 [ 12EB1AAAAEF24910D29081E0D88C22AD ] \Device\Harddisk0\DR0\Partition3
03:02:38.0832 4048 \Device\Harddisk0\DR0\Partition3 - ok
03:02:38.0833 4048 ============================================================
03:02:38.0833 4048 Scan finished
03:02:38.0833 4048 ============================================================
03:02:38.0845 2768 Detected object count: 6
03:02:38.0845 2768 Actual detected object count: 6
03:02:45.0603 2768 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
03:02:45.0603 2768 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
03:02:45.0604 2768 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0604 2768 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:02:45.0606 2768 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0606 2768 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:02:45.0608 2768 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0608 2768 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:02:45.0610 2768 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0610 2768 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:02:45.0612 2768 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
03:02:45.0612 2768 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:02:48.0733 4348 Deinitialize success
|
|
08.08.2013, 12:51
| #10 |
| /// Malware-holic | Unbekannter Schädling Hi, wenn wir fertig sind, alle Passwörter ändern. Es sind 3 Logs zu erstellen, poste diese möglichst gleichzeitig. 1. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
neustarten. 2. Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Neustarten. 3. Hitman Pro - Download - Filepony Hitmanpro laden, doppelklicken, Scan klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen. Nicht auf weiter in Hitmanpro klicken, einfach schließen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 14:27
| #11 |
| | Unbekannter Schädling Okay. Diesmal alles auf einmal AdwCleaner: Code:
ATTFilter # AdwCleaner v2.306 - Datei am 08/08/2013 um 14:36:44 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Max - MAXPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Max\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : ICQ Service
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\plugin@yontoo.com.xpi
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\SweetIm.xml
Gelöscht mit Neustart : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Ordner Gelöscht : C:\Program Files (x86)\LyricsContainer
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\adapter@babylontc.com
Ordner Gelöscht : C:\Program Files (x86)\registry mechanic
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Yontoo Layers Runtime
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\Max\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Max\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\Freeware.de
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Max\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\CT2851647
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Smartbar
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Freeware.de
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\Freeware.de
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E111A5C-3D11-4F56-9463-5310C3C69025}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB7C3E3A-17DA-438A-836E-4F296F14E8AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D998A976-E0B9-41B7-AB31-8D83906D30D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD1BE34A-EDB9-46F7-A39C-B428D48FCC0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E111A5C-3D11-4F56-9463-5310C3C69025}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\prefs.js
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\user.js ... Gelöscht !
Gelöscht : user_pref("CT2851647.1000234.TWC_TMP_city", "SULZBACH");
Gelöscht : user_pref("CT2851647.1000234.TWC_TMP_country", "DE");
Gelöscht : user_pref("CT2851647.1000234.TWC_locId", "SZXX2722");
Gelöscht : user_pref("CT2851647.1000234.TWC_location", "Sulzbach, Schweiz");
Gelöscht : user_pref("CT2851647.1000234.TWC_region", "DE");
Gelöscht : user_pref("CT2851647.1000234.TWC_temp_dis", "c");
Gelöscht : user_pref("CT2851647.1000234.TWC_wind_dis", "kmh");
Gelöscht : user_pref("CT2851647.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"10°C\",\"temperat[...]
Gelöscht : user_pref("CT2851647.CBOpenMAMSettings.enc", "MA==");
Gelöscht : user_pref("CT2851647.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2851647.FirstTime", "true");
Gelöscht : user_pref("CT2851647.FirstTimeFF3", "true");
Gelöscht : user_pref("CT2851647.LoginRevertSettingsEnabled", true);
Gelöscht : user_pref("CT2851647.PG_ENABLE", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.PG_ENABLE.enc", "ZEhKMVpRPT0=");
Gelöscht : user_pref("CT2851647.RevertSettingsEnabled", true);
Gelöscht : user_pref("CT2851647.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Gelöscht : user_pref("CT2851647.SF_STATUS.enc", "RU5BQkxFRA==");
Gelöscht : user_pref("CT2851647.SF_USER_ID.enc", "Y2lkXzk0MjAxMzIwMTg1NjYxMDM0MjE=");
Gelöscht : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Gelöscht : user_pref("CT2851647.UserID", "UN00719041435812883");
Gelöscht : user_pref("CT2851647.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT2851647.autoDisableScopes", -1);
Gelöscht : user_pref("CT2851647.browser.search.defaultthis.engineName", true);
Gelöscht : user_pref("CT2851647.cbcountry_001.enc", "REU=");
Gelöscht : user_pref("CT2851647.cbfirsttime.enc", "VGh1IE9jdCAxMSAyMDEyIDE3OjUxOjU5IEdNVCswMjAw");
Gelöscht : user_pref("CT2851647.countryCode", "DE");
Gelöscht : user_pref("CT2851647.enableAlerts", "always");
Gelöscht : user_pref("CT2851647.enableFix404ByUser", "FALSE");
Gelöscht : user_pref("CT2851647.enableSearchFromAddressBar", "true");
Gelöscht : user_pref("CT2851647.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundError", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundErrorByUser", "true");
Gelöscht : user_pref("CT2851647.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT2851647.fixUrls", true);
Gelöscht : user_pref("CT2851647.fullUserID", "UN00719041435812883.UP.20130713231245");
Gelöscht : user_pref("CT2851647.installId", "fftA2DC.tmp.exe");
Gelöscht : user_pref("CT2851647.installType", "XPE");
Gelöscht : user_pref("CT2851647.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT2851647.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT2851647.isNewTabEnabled", true);
Gelöscht : user_pref("CT2851647.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT2851647.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2851647.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.keyword", true);
Gelöscht : user_pref("CT2851647.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Gelöscht : user_pref("CT2851647.lastVersion", "10.16.4.519");
Gelöscht : user_pref("CT2851647.mam_gk_appStateReportTime.enc", "MTM2NTUzMTQ4NDcxNA==");
Gelöscht : user_pref("CT2851647.mam_gk_appState_CouponBuddy.enc", "b24=");
Gelöscht : user_pref("CT2851647.mam_gk_appState_PriceGong.enc", "b24=");
Gelöscht : user_pref("CT2851647.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Gelöscht : user_pref("CT2851647.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Gelöscht : user_pref("CT2851647.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Gelöscht : user_pref("CT2851647.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Gelöscht : user_pref("CT2851647.mam_gk_first_time.enc", "MQ==");
Gelöscht : user_pref("CT2851647.mam_gk_lastLoginTime.enc", "MTM2NTUzMTQ4MDQxMA==");
Gelöscht : user_pref("CT2851647.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Gelöscht : user_pref("CT2851647.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Gelöscht : user_pref("CT2851647.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Gelöscht : user_pref("CT2851647.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Gelöscht : user_pref("CT2851647.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Gelöscht : user_pref("CT2851647.mam_gk_userId.enc", "AA==");
Gelöscht : user_pref("CT2851647.mam_gk_user_apps_selection.enc", "AA==");
Gelöscht : user_pref("CT2851647.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT2851647.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Gelöscht : user_pref("CT2851647.openThankYouPage", "true");
Gelöscht : user_pref("CT2851647.openUninstallPage", "FALSE");
Gelöscht : user_pref("CT2851647.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT28[...]
Gelöscht : user_pref("CT2851647.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
Gelöscht : user_pref("CT2851647.search.searchAppId", "129351532245275780");
Gelöscht : user_pref("CT2851647.search.searchCount", "0");
Gelöscht : user_pref("CT2851647.searchInNewTabEnabledByUser", "true");
Gelöscht : user_pref("CT2851647.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT2851647.searchSuggestEnabledByUser", "true");
Gelöscht : user_pref("CT2851647.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2851647.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2851647.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Gelöscht : user_pref("CT2851647.serviceLayer_services_Configuration_lastUpdate", "1374347370264");
Gelöscht : user_pref("CT2851647.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1365529011474");
Gelöscht : user_pref("CT2851647.serviceLayer_services_appsMetadata_lastUpdate", "1365529011368");
Gelöscht : user_pref("CT2851647.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1365529011345");
Gelöscht : user_pref("CT2851647.serviceLayer_services_location_lastUpdate", "1373720866583");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.10.27.6_lastUpdate", "1355346345548");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.13.40.15_lastUpdate", "1363421943149");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.14.370.524_lastUpdate", "1365532186238");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.15.0.562_lastUpdate", "1373720866467");
Gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374347370631");
Gelöscht : user_pref("CT2851647.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1365529011390");
Gelöscht : user_pref("CT2851647.serviceLayer_services_searchAPI_lastUpdate", "1374347370280");
Gelöscht : user_pref("CT2851647.serviceLayer_services_serviceMap_lastUpdate", "1374347370110");
Gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarContextMenu_lastUpdate", "1365529011371");
Gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarSettings_lastUpdate", "1374358834147");
Gelöscht : user_pref("CT2851647.serviceLayer_services_translation_lastUpdate", "1374347370619");
Gelöscht : user_pref("CT2851647.serviceLayer_services_userApps_lastUpdate", "1365528891036");
Gelöscht : user_pref("CT2851647.settingsINI", true);
Gelöscht : user_pref("CT2851647.shouldFirstTimeDialog", "false");
Gelöscht : user_pref("CT2851647.showToolbarPermission", "false");
Gelöscht : user_pref("CT2851647.smartbar.CTID", "CT2851647");
Gelöscht : user_pref("CT2851647.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT2851647.smartbar.homepage", true);
Gelöscht : user_pref("CT2851647.smartbar.isHidden", true);
Gelöscht : user_pref("CT2851647.smartbar.toolbarName", "uTorrentBar_DE ");
Gelöscht : user_pref("CT2851647.toolbarBornServerTime", "11-10-2012");
Gelöscht : user_pref("CT2851647.toolbarCurrentServerTime", "20-7-2013");
Gelöscht : user_pref("CT2851647.toolbarLoginClientTime", "Tue Apr 09 2013 19:34:49 GMT+0200");
Gelöscht : user_pref("CT2851647.upgradeFromClearSBVersion", true);
Gelöscht : user_pref("CT2851647.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuZGUvdXJsP3NhPXQmcmN0PWomcT1wYXlw[...]
Gelöscht : user_pref("CT2851647_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=1[...]
Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_DE Customized Web Search");
Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647[...]
Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.privitize.com/?aff=7&q=");
Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2851647");
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Gelöscht : user_pref("browser.search.selectedEngine", "uTorrentBar_DE Customized Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 4);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "CD481B4BA782B64600A6E88131CA59A8");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "4");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 4);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.219:38:34");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 114133813);
Gelöscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gelöscht : user_pref("extensions.enabledAddons", "battlefieldheroespatcher@ea.com:5.0.110.0,ffxtlbr@babylon.com[...]
Gelöscht : user_pref("extentions.y2layers.installId", "555f8fb1-4e17-4130-b2af-9ef8e3c9399a");
Gelöscht : user_pref("extentions.y2layers.lastDnsTest", 371756);
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", true);
Gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Gelöscht : user_pref("icqtoolbar.geolastmodified", 1375573813);
Gelöscht : user_pref("icqtoolbar.history", "paypal||hxxp%3A%2F%2Fwww.facebook.com%2Fphoto.php%3Ffbid%3D35055202[...]
Gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Gelöscht : user_pref("icqtoolbar.installTime", "1348250834");
Gelöscht : user_pref("icqtoolbar.installsource", "1");
Gelöscht : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "5.0.1");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uniqueID", "131204442913118773101312359191552");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1375573815);
Gelöscht : user_pref("icqtoolbar.userEngineApproved", false);
Gelöscht : user_pref("icqtoolbar.version", "1.5.3");
Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2851647&ctid=CT2851647&S[...]
Gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT2851647");
Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT2851647");
Gelöscht : user_pref("smartbar.machineId", "RBGVVT240JDWAFGFQG7WRL0LHCZ0HIZEQM6F9DCMLMB9G+LLOQHUTLAUCIOLFDXM9QM[...]
Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
-\\ Google Chrome v22.0.1229.94
Datei : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.27] : icon_url = "hxxp://search.conduit.com/fav.ico",
Gelöscht [l.30] : keyword = "search.conduit.com",
Gelöscht [l.33] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2[...]
Gelöscht [l.34] : suggest_url = "hxxp://search.conduit.com/"
-\\ Opera v12.16.1860.0
Datei : C:\Users\Max\AppData\Roaming\Opera\Opera\operaprefs.ini
Gelöscht : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=opera&icid=opera
*************************
AdwCleaner[S1].txt - [37735 octets] - [08/08/2013 14:36:44]
########## EOF - C:\AdwCleaner[S1].txt - [37796 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.8 (08.07.2013:4)
OS: Windows 7 Professional x64
Ran by Max on 08.08.2013 at 14:41:35,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\trolltech
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2015333589-2609546115-2474780110-1001\Software\SweetIM"
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{55861E1C-A576-45C7-B1A5-8E2C14D40F8F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA3D98A6-868D-4E1B-BB78-0887230DA405}
~~~ Files
Successfully deleted: [File] "C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\babylon.lnk"
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2013 at 14:45:48,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/Edit Grade eben geschaut: Windows Firewall läuft schonmal wieder. Werde aber nichts anrühren Geändert von Quobble (08.08.2013 um 14:35 Uhr) |
|
08.08.2013, 14:35
| #12 |
| /// Malware-holic | Unbekannter Schädling Hi, sei mal so gut, und lösche mit Hitmanpro alles außer: PunkBuster dann speichere noch mal das Log vom löschen und poste es.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 14:43
| #13 |
| | Unbekannter Schädling Hier die Löschlogs: |
|
08.08.2013, 14:47
| #14 |
| /// Malware-holic | Unbekannter Schädling Neustarten bitte, neues FRST Log auch sicherheitshalber noch mal Hitmanpro laufen lassen, scheint du hast nciht alle erwischt. außer den von mir genannten Ausnamen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 15:16
| #15 |
| | Unbekannter SchädlingFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 06
Ran by Max (administrator) on 08-08-2013 15:59:53
Running from C:\Users\Max\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Users\Max\Local Settings\Apps\F.lux\flux.exe
(Dropbox, Inc.) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKCU\...\Run: [F.lux] - C:\Users\Max\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\UpdatusUser\...\Run: [fsm] - [x]
HKU\UpdatusUser\...\Run: [RDReminder] - [x]
HKU\UpdatusUser\...\Run: [DriverScanner] - "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 [x]
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\..\Interfaces\{22D45F24-3A73-4292-BB04-4DB95672624A}: [NameServer]192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - D:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox - D:\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\searchplugins\Startpins.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Yahoo! Toolbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: DownloadHelper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: ciuvo-extension - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\eaxo6qll.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] C:\Program Files (x86)\LyricsContainer\125.xpi
Chrome:
=======
CHR DefaultSearchURL: (Conduit) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Virtual Keyboard) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Anti-Banner) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Max\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-30] ()
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-02] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2013-08-02] ()
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]
==================== Drivers (Whitelisted) ====================
R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-06-05] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-03-27] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-03-24] ()
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fsRamDsk; C:\Windows\System32\DRIVERS\fsRamDsk.sys [53656 2007-04-01] ()
R0 FVXSCSI; C:\Windows\System32\DRIVERS\fvxscsi.sys [118360 2009-12-23] (FarStone Inc.)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-06-05] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-23] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va007; \??\C:\Users\Max\AppData\Local\Temp\0079E18.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-08 15:43 - 2013-08-08 15:43 - 00003217 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.rar
2013-08-08 15:42 - 2013-08-08 15:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-08-08 14:47 - 2013-08-08 14:48 - 09853928 _____ (SurfRight B.V.) C:\Users\Max\Desktop\HitmanPro_x64.exe
2013-08-08 14:46 - 2013-08-08 15:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-08 14:45 - 2013-08-08 14:45 - 00001890 _____ C:\Users\Max\Desktop\JRT.txt
2013-08-08 14:41 - 2013-08-08 14:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 14:36 - 2013-08-08 14:37 - 00037854 _____ C:\AdwCleaner[S1].txt
2013-08-08 14:36 - 2013-08-08 14:37 - 00000170 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 14:35 - 2013-08-08 14:35 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Max\Desktop\JRT.exe
2013-08-08 14:35 - 2013-08-08 14:35 - 00666633 _____ C:\Users\Max\Desktop\adwcleaner.exe
2013-08-08 02:56 - 2013-08-08 02:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-08 02:38 - 2013-08-08 02:38 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller.exe
2013-08-08 02:30 - 2013-08-08 02:30 - 00025501 _____ C:\ComboFix.txt
2013-08-08 02:15 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-08 02:15 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-08 02:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-08 02:15 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-08 02:14 - 2013-08-08 02:31 - 00000000 ____D C:\Qoobox
2013-08-08 02:13 - 2013-08-08 02:29 - 00000000 ____D C:\Windows\erdnt
2013-08-08 02:13 - 2013-08-08 02:13 - 05100713 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2013-08-08 01:57 - 2013-08-08 01:57 - 00000000 _____ C:\Windows\SysWOW64\REN3B6D.tmp
2013-08-08 01:54 - 2013-08-08 01:54 - 00000040 _____ C:\Users\Public\Documents\_rgpl
2013-08-08 01:49 - 2013-08-08 01:49 - 00003162 _____ C:\Windows\System32\Tasks\{73D5730F-0E3D-48D1-8E5D-E1B011B56111}
2013-08-07 23:53 - 2013-08-08 00:08 - 00036914 _____ C:\Users\Max\Desktop\Addition.txt
2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 14:15 - 2013-08-07 14:16 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 03:16 - 2013-08-07 04:26 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 02:55 - 2013-08-07 03:14 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:53 - 2013-08-07 02:54 - 00018397 _____ C:\Windows\DirectX.log
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:57 - 2013-08-06 20:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:12 - 2013-08-08 01:55 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:22 - 2013-08-06 18:35 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:21 - 2013-03-23 22:31 - 61788395 _____ (Introversion Software Ltd ) C:\Users\Max\Desktop\defcon-win32-v1.6.exe
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 00:42 - 2013-08-06 01:02 - 259091339 _____ (Media Contact LLC ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-05 22:15 - 2013-08-04 17:41 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:32 - 2013-08-04 01:37 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-07-31 16:01 - 2013-07-31 16:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 14:20 - 2013-07-26 19:43 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 14:20 - 2013-07-26 17:14 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 08:54 - 2013-07-25 09:17 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:11 - 2013-08-08 02:25 - 00031032 _____ C:\Windows\PFRO.log
2013-07-20 13:04 - 2013-08-08 02:12 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:01 - 2013-08-08 02:25 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 12:07 - 2013-07-19 12:11 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-11 23:46 - 2013-07-12 01:24 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-11 20:39 - 2013-07-19 16:33 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-11 16:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 16:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 16:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 16:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 16:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 16:06 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 16:06 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 20:57 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 20:57 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 20:57 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 20:57 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 20:56 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 20:55 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 20:55 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 15:51 - 2013-08-08 15:57 - 00002097 _____ C:\Windows\setupact.log
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
153
==================== One Month Modified Files and Folders =======
2013-08-08 15:59 - 2012-12-02 21:29 - 00000000 ___RD C:\Users\Max\Dropbox
2013-08-08 15:59 - 2012-12-02 21:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2013-08-08 15:59 - 2012-06-26 21:24 - 00000000 ____D C:\Users\Max\AppData\Local\LogMeIn Hamachi
2013-08-08 15:57 - 2013-07-10 15:51 - 00002097 _____ C:\Windows\setupact.log
2013-08-08 15:57 - 2011-12-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-08 15:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-08 15:56 - 2011-05-21 13:35 - 01753209 _____ C:\Windows\WindowsUpdate.log
2013-08-08 15:43 - 2013-08-08 15:43 - 00034546 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.xml
2013-08-08 15:43 - 2013-08-08 15:43 - 00003217 _____ C:\Users\Max\Desktop\HitmanPro_20130808_1543.rar
2013-08-08 15:43 - 2013-07-07 12:35 - 00000000 ____D C:\Users\Max\Desktop\Cube
2013-08-08 15:42 - 2013-08-08 15:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-08-08 15:42 - 2013-08-08 14:46 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-08 15:42 - 2012-01-11 17:20 - 00000000 __SHD C:\Users\Max\AppData\Local\{7b3c3ace-c2b1-1612-4b57-5867478bc9ca}
2013-08-08 15:01 - 2012-01-05 19:29 - 00000252 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-08-08 14:48 - 2013-08-08 14:47 - 09853928 _____ (SurfRight B.V.) C:\Users\Max\Desktop\HitmanPro_x64.exe
2013-08-08 14:46 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 14:46 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 14:45 - 2013-08-08 14:45 - 00001890 _____ C:\Users\Max\Desktop\JRT.txt
2013-08-08 14:41 - 2013-08-08 14:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 14:37 - 2013-08-08 14:36 - 00037854 _____ C:\AdwCleaner[S1].txt
2013-08-08 14:37 - 2013-08-08 14:36 - 00000170 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 14:36 - 2011-08-02 12:41 - 00000000 ____D C:\ProgramData\ICQ
2013-08-08 14:35 - 2013-08-08 14:35 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Max\Desktop\JRT.exe
2013-08-08 14:35 - 2013-08-08 14:35 - 00666633 _____ C:\Users\Max\Desktop\adwcleaner.exe
2013-08-08 14:34 - 2011-05-21 17:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2013-08-08 02:56 - 2013-08-08 02:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-08 02:38 - 2013-08-08 02:38 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller.exe
2013-08-08 02:31 - 2013-08-08 02:14 - 00000000 ____D C:\Qoobox
2013-08-08 02:30 - 2013-08-08 02:30 - 00025501 _____ C:\ComboFix.txt
2013-08-08 02:29 - 2013-08-08 02:13 - 00000000 ____D C:\Windows\erdnt
2013-08-08 02:26 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-08 02:25 - 2013-07-20 17:11 - 00031032 _____ C:\Windows\PFRO.log
2013-08-08 02:25 - 2013-07-20 13:01 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-08-08 02:13 - 2013-08-08 02:13 - 05100713 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2013-08-08 02:12 - 2013-07-20 13:04 - 00000000 ____D C:\ProgramData\Yahoo!
2013-08-08 02:10 - 2012-06-02 17:59 - 00000000 ____D C:\Users\Max\AppData\Local\Unity
2013-08-08 02:10 - 2011-06-15 17:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\GHISLER
2013-08-08 02:08 - 2012-05-05 21:13 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-08-08 02:08 - 2011-08-02 12:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-08 02:06 - 2013-01-14 02:13 - 00000000 ____D C:\Users\Max\Documents\ArmAWork
2013-08-08 02:05 - 2011-10-23 13:04 - 00003192 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2015333589-2609546115-2474780110-1001
2013-08-08 02:05 - 2011-10-23 13:03 - 00000000 ____D C:\Users\Max\AppData\Roaming\Real
2013-08-08 02:05 - 2011-10-23 13:03 - 00000000 ____D C:\Program Files (x86)\Real
2013-08-08 02:04 - 2011-10-23 13:04 - 00003330 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2015333589-2609546115-2474780110-1001
2013-08-08 02:04 - 2011-10-23 13:03 - 00000000 ____D C:\ProgramData\Real
2013-08-08 02:04 - 2011-05-21 13:41 - 00000000 ____D C:\Users\Max
2013-08-08 02:02 - 2011-09-02 14:25 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2013-08-08 02:02 - 2011-07-12 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-08 02:01 - 2012-02-10 13:40 - 00000000 ____D C:\Windows\Lhsp
2013-08-08 02:01 - 2011-07-15 19:37 - 00000000 ____D C:\Users\Max\AppData\Local\MediaGet2
2013-08-08 01:57 - 2013-08-08 01:57 - 00000000 _____ C:\Windows\SysWOW64\REN3B6D.tmp
2013-08-08 01:57 - 2011-05-21 14:31 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-08 01:55 - 2013-08-06 20:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-08 01:54 - 2013-08-08 01:54 - 00000040 _____ C:\Users\Public\Documents\_rgpl
2013-08-08 01:53 - 2012-10-27 13:21 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-08 01:53 - 2011-10-06 15:50 - 00000000 ____D C:\Users\Max\AppData\Roaming\DVDVideoSoft
2013-08-08 01:53 - 2011-08-07 14:31 - 00000000 ____D C:\Users\Max\AppData\Roaming\GameRanger
2013-08-08 01:52 - 2011-12-27 18:57 - 00000000 ____D C:\Program Files\Easeware
2013-08-08 01:49 - 2013-08-08 01:49 - 00003162 _____ C:\Windows\System32\Tasks\{73D5730F-0E3D-48D1-8E5D-E1B011B56111}
2013-08-08 01:49 - 2011-10-07 22:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-08 01:47 - 2011-06-18 15:39 - 00000000 ____D C:\ProgramData\Adobe
2013-08-08 01:45 - 2012-10-10 22:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\uTorrent
2013-08-08 00:08 - 2013-08-07 23:53 - 00036914 _____ C:\Users\Max\Desktop\Addition.txt
2013-08-07 23:52 - 2013-08-07 23:52 - 00000000 ____D C:\FRST
2013-08-07 23:51 - 2013-08-07 23:51 - 01789861 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2013-08-07 23:17 - 2013-08-07 23:17 - 02347384 _____ (ESET) C:\Users\Max\Desktop\esetsmartinstaller_enu.exe
2013-08-07 23:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-07 14:16 - 2013-08-07 14:15 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-07 14:15 - 2013-08-07 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-07 13:53 - 2012-11-02 13:08 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2013-08-07 04:26 - 2013-08-07 03:16 - 00000000 ____D C:\Users\Max\Documents\Stronghold Crusader
2013-08-07 03:15 - 2013-08-07 03:15 - 00000202 _____ C:\Users\Max\Desktop\Company of Heroes 2.url
2013-08-07 03:14 - 2013-08-07 02:55 - 00000000 ____D C:\Users\Max\Desktop\Stronghold Crusader
2013-08-07 02:54 - 2013-08-07 02:53 - 00018397 _____ C:\Windows\DirectX.log
2013-08-07 02:20 - 2012-02-08 22:34 - 00000000 ___RD C:\Users\Max\Desktop\Games
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\Malwarebytes
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 20:58 - 2013-08-06 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-06 20:44 - 2011-11-02 00:19 - 00000000 ____D C:\Users\Max\AppData\Local\Akamai
2013-08-06 20:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-06 20:10 - 2013-08-06 20:10 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-06 20:10 - 2012-12-25 11:16 - 00000840 _____ C:\Windows\system32\config\afw_hm.conf
2013-08-06 20:10 - 2012-12-25 11:16 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002172 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition TL.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\UpdatusUser\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00002151 _____ C:\Users\Max\Desktop\Die Gilde Gold-Edition.lnk
2013-08-06 18:40 - 2013-08-06 18:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2013-08-06 18:38 - 2013-08-06 18:38 - 00000000 ____D C:\Program Files (x86)\JoWooD
2013-08-06 18:35 - 2013-08-06 18:22 - 00000000 ____D C:\Program Files (x86)\Defcon
2013-08-06 18:22 - 2013-08-06 18:22 - 00000983 _____ C:\Users\Max\Desktop\Defcon.lnk
2013-08-06 18:22 - 2011-06-18 11:23 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-06 14:52 - 2012-04-28 09:30 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2 OA
2013-08-06 14:15 - 2009-07-14 19:58 - 00696832 _____ C:\Windows\system32\perfh007.dat
2013-08-06 14:15 - 2009-07-14 19:58 - 00148128 _____ C:\Windows\system32\perfc007.dat
2013-08-06 14:15 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-06 01:11 - 2013-08-06 01:11 - 00000537 _____ C:\Users\Max\Desktop\Sudden Strike 2.lnk
2013-08-06 01:02 - 2013-08-06 00:42 - 259091339 _____ (Media Contact LLC ) C:\Users\Max\Desktop\Sudden_Strike2.exe
2013-08-04 17:41 - 2013-08-05 22:15 - 00450831 _____ C:\Users\Max\Desktop\common_server.zip
2013-08-04 01:39 - 2013-08-04 01:39 - 00270054 _____ C:\Users\Max\Desktop\sad - Kopie.bmp
2013-08-04 01:37 - 2013-08-04 01:32 - 01080054 _____ C:\Users\Max\Desktop\sad.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\sdf.bmp
2013-08-04 01:31 - 2013-08-04 01:31 - 04320066 _____ C:\Users\Max\Desktop\prbf2 2013-08-04 01-31-22-45.bmp
2013-08-02 15:00 - 2011-05-21 15:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2013-08-02 14:49 - 2013-06-30 13:33 - 00000000 ____D C:\Users\Max\Documents\ProjectReality
2013-08-02 14:34 - 2013-03-27 13:35 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-02 14:33 - 2013-08-02 14:33 - 00001188 _____ C:\Users\Public\Desktop\Project Reality BF2.lnk
2013-08-02 14:33 - 2013-03-27 13:35 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-02 14:17 - 2013-03-27 13:35 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-02 14:17 - 2011-08-14 15:15 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-02 14:11 - 2013-06-29 21:53 - 00001188 _____ C:\Users\Max\Desktop\Project Reality BF2.lnk
2013-08-01 23:28 - 2011-09-06 17:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Mumble
2013-07-31 16:05 - 2013-07-31 16:01 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 21:28 - 2013-06-16 18:00 - 00000000 ____D C:\Users\Max\Desktop\@JSRS
2013-07-26 19:43 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\AppData\Local\Arma 3
2013-07-26 17:14 - 2013-07-26 14:20 - 00000000 ____D C:\Users\Max\Documents\Arma 3
2013-07-26 14:20 - 2013-07-26 14:20 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 14:18 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Local\ArmA 2
2013-07-25 09:17 - 2013-07-25 08:54 - 00000913 _____ C:\Users\Max\Desktop\Panzerlied.txt
2013-07-25 03:06 - 2011-07-30 23:00 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00002556 _____ C:\Users\Max\Documents\h.aup
2013-07-24 11:11 - 2013-07-24 11:11 - 00000000 ____D C:\Users\Max\Documents\h_data
2013-07-24 11:11 - 2012-06-25 18:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2013-07-23 16:38 - 2011-08-29 13:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-21 15:39 - 2013-07-21 15:39 - 00002245 _____ C:\Users\Max\Documents\er.aup
2013-07-21 15:39 - 2013-07-21 15:39 - 00000000 ____D C:\Users\Max\Documents\er_data
2013-07-20 17:13 - 2011-05-21 14:31 - 00000000 ____D C:\Windows\Panther
2013-07-20 17:12 - 2009-07-14 06:45 - 04946728 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-20 17:11 - 2013-03-13 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-20 17:10 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-20 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-20 13:04 - 2013-07-20 13:04 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-07-20 13:03 - 2011-11-21 16:00 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-07-20 13:01 - 2013-07-20 13:01 - 00441760 _____ (Yahoo! Inc.) C:\Users\Max\Desktop\msgr11de.exe
2013-07-19 16:33 - 2013-07-11 20:39 - 00019650 _____ C:\Users\Max\Desktop\Fur.odt
2013-07-19 12:11 - 2013-07-19 12:07 - 73281458 _____ C:\Users\Max\Desktop\IMGP8300avi.avi
2013-07-17 23:41 - 2013-07-17 23:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2013-07-17 19:27 - 2013-07-17 19:27 - 03820480 _____ C:\Users\Max\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-07-17 19:17 - 2011-05-21 14:11 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-16 22:31 - 2013-07-16 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-12 01:24 - 2013-07-11 23:46 - 00000118 _____ C:\Users\Max\Desktop\Kleidung.txt
2013-07-10 15:51 - 2013-07-10 15:51 - 00000000 _____ C:\Windows\setuperr.log
Files to move or delete:
====================
C:\Users\Max\jagex_cl_runescape_LIVE.dat
C:\Users\Max\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 01:33
==================== End Of Log ============================
|
|
| Themen zu Unbekannter Schädling |
| benötige, benötigt, cpu, daten, dringend, fehler, firewall, installieren, interne, internet, malware, meldung, nichts, problem, programme, regeln, scan, scannen, schlägt, schädling, security, sicherheit, starten, stelle, unbekannter, versuche, virus, windows, windows-firewall |
WARNUNG an die MITLESER: 
Linear-Darstellung
