| |
| |||||||
Log-Analyse und Auswertung: Werbungs-Ton im Hintergrund!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.03.2014, 15:48
| #1 |
| |  Werbungs-Ton im Hintergrund! So ungefähr 10-15min nachdem ich meinen Laptop gestartet habe, höre ich im Hintergrund eine Werbung laufen weiß aber nicht woher diese kommt, sie läuft sogar wenn ich keine Internet Verbindung habe. Habe bereits das Programm "Trojan Remover" zweimal durchlaufen lassen, es konnte aber nichts gefunden werden und auch Avira hat nichts gefunden. |
|
31.03.2014, 17:47
| #2 |
| /// the machine /// TB-Ausbilder    | Werbungs-Ton im Hintergrund! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
31.03.2014, 20:00
| #3 |
| | Werbungs-Ton im Hintergrund!FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Marcimeister (administrator) on NYMPH on 31-03-2014 20:56:03
Running from C:\Users\Marcimeister\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AMD) C:\windows\system32\atieclxx.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(msi) C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files\Motorola\Bluetooth\btmshell.dll [19645704 2010-04-22] (Motorola, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2408448 2010-03-19] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [msi LED Manager] - C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2793984 2010-06-23] (msi)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1704720 2014-01-23] (Simply Super Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-12-29] (Microsoft Corporation)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-03-07] (Electronic Arts)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1477801921-2362083207-1057241860-1000\...\MountPoints2: {0539d41b-52de-11e3-ab64-6c626d299d7b} - G:\LaunchU3.exe -a
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByC0CyB0Czz0B0FyEtD0FyEyB0FtN0D0Tzu0CyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=145845214&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {991D9B9C-0B3F-4C78-9BE6-242FD73AA221} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByC0CyB0Czz0B0FyEtD0FyEyB0FtN0D0Tzu0CyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=145845214&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKCU - {991D9B9C-0B3F-4C78-9BE6-242FD73AA221} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByC0CyB0Czz0B0FyEtD0FyEyB0FtN0D0Tzu0CyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=145845214&ir=
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marcimeister\AppData\Roaming\Mozilla\Firefox\Profiles\du0f46vb.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marcimeister\AppData\Roaming\Mozilla\Firefox\Profiles\du0f46vb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-08]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (ProxTube) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-12-04]
CHR Extension: (Google Docs) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-21]
CHR Extension: (Google Drive) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-21]
CHR Extension: (YouTube) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-21]
CHR Extension: (Adblock Plus) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-21]
CHR Extension: (Adblock for Youtube™) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-11-21]
CHR Extension: (Google-Suche) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-21]
CHR Extension: (AdBlock) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR Extension: (MySearchDial) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-01-12]
CHR Extension: (Google Mail) - C:\Users\Marcimeister\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-21]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MARCIM~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-03]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MARCIM~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-03]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MARCIM~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-03]
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-11-22] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-20] (Disc Soft Ltd)
S3 EUCR; C:\Windows\system32\DRIVERS\EUCR6SK.SYS [88912 2010-08-09] (ENE Technology Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-31 20:56 - 2014-03-31 20:56 - 00015693 _____ () C:\Users\Marcimeister\Downloads\FRST.txt
2014-03-31 20:56 - 2014-03-31 20:56 - 00000000 ____D () C:\FRST
2014-03-31 20:55 - 2014-03-31 20:55 - 02157056 _____ (Farbar) C:\Users\Marcimeister\Downloads\FRST64.exe
2014-03-31 20:47 - 2014-03-31 20:47 - 00001084 _____ () C:\windows\PFRO.log
2014-03-31 18:13 - 2014-03-31 18:23 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\uTorrent
2014-03-31 18:11 - 2014-03-31 18:12 - 01671248 _____ (BitTorrent Inc.) C:\Users\Marcimeister\Downloads\uTorrent_341_b30740.exe
2014-03-31 16:27 - 2014-03-31 16:27 - 00001153 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\Users\Marcimeister\Documents\Simply Super Software
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-31 16:19 - 2014-03-31 16:27 - 21407864 _____ (Simply Super Software ) C:\Users\Marcimeister\Downloads\trjsetup690.exe
2014-03-29 12:06 - 2014-03-29 12:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 23:20 - 2014-03-31 20:47 - 00000672 _____ () C:\windows\setupact.log
2014-03-28 23:20 - 2014-03-28 23:20 - 00000000 _____ () C:\windows\setuperr.log
2014-03-28 19:52 - 2014-03-28 19:52 - 00000832 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-28 11:12 - 2014-03-28 11:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\dvdcss
2014-03-25 18:26 - 2014-03-25 18:26 - 00000000 ____D () C:\Users\Marcimeister\Desktop\Lan
2014-03-21 20:40 - 2014-03-21 20:40 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\PAYDAY 2
2014-03-21 20:39 - 2014-03-21 20:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-21 20:39 - 2014-03-21 20:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-17 09:53 - 2014-03-17 09:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-17 09:53 - 2014-03-17 09:53 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Skype
2014-03-14 01:09 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-14 01:09 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-14 01:09 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-14 01:09 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-14 01:09 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-14 01:09 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-14 01:09 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-14 01:09 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-14 01:09 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-14 01:09 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-14 01:09 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-14 01:09 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-14 01:09 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-14 01:09 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-14 01:09 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-14 01:09 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-14 01:09 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-14 01:09 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-14 01:09 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-14 01:09 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-14 01:09 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-14 01:09 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-14 01:09 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-14 01:09 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-14 01:09 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-14 01:09 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-14 01:09 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-14 01:09 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-14 01:09 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-14 01:09 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-14 01:09 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-14 01:09 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-14 01:09 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-14 01:09 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-14 01:09 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-14 01:09 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-14 01:09 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-14 01:09 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-14 01:09 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-14 01:09 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-14 00:57 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-14 00:57 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-14 00:57 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-14 00:57 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-14 00:51 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-14 00:51 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-14 00:51 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-14 00:51 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-12 22:26 - 2014-03-12 22:26 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\OBS
2014-03-12 22:25 - 2014-03-12 22:26 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-03-12 22:25 - 2014-03-12 22:25 - 00000949 _____ () C:\Users\Marcimeister\Desktop\Open Broadcaster Software.lnk
2014-03-12 22:25 - 2014-03-12 22:25 - 00000000 ____D () C:\Program Files\OBS
2014-03-12 22:25 - 2014-03-12 22:25 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-09 13:49 - 2014-03-30 20:17 - 00007783 _____ () C:\Users\Marcimeister\Documents\Uninstall STAR WARS The Old Republic.log
2014-03-08 19:24 - 2014-03-31 18:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 19:24 - 2014-03-08 19:24 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-08 19:22 - 2014-03-08 19:22 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Macromedia
2014-03-08 19:21 - 2014-03-08 19:21 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-08 19:12 - 2014-03-08 19:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Mozilla
2014-03-08 19:12 - 2014-03-08 19:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Mozilla
2014-03-08 19:11 - 2014-03-30 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-08 19:11 - 2014-03-08 19:11 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-08 17:22 - 2014-03-08 17:22 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-03-08 17:22 - 2014-03-08 17:22 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\SWTORPerf
2014-03-08 17:20 - 2014-03-11 18:36 - 00015533 _____ () C:\Users\Marcimeister\Documents\Install STAR WARS The Old Republic.log
2014-03-08 17:20 - 2014-03-11 18:35 - 00034074 _____ () C:\end
==================== One Month Modified Files and Folders =======
2014-03-31 20:56 - 2014-03-31 20:56 - 00015693 _____ () C:\Users\Marcimeister\Downloads\FRST.txt
2014-03-31 20:56 - 2014-03-31 20:56 - 00000000 ____D () C:\FRST
2014-03-31 20:55 - 2014-03-31 20:55 - 02157056 _____ (Farbar) C:\Users\Marcimeister\Downloads\FRST64.exe
2014-03-31 20:54 - 2013-11-21 20:38 - 01756985 _____ () C:\windows\WindowsUpdate.log
2014-03-31 20:54 - 2010-10-26 00:40 - 00699034 _____ () C:\windows\system32\perfh007.dat
2014-03-31 20:54 - 2010-10-26 00:40 - 00149142 _____ () C:\windows\system32\perfc007.dat
2014-03-31 20:54 - 2009-07-14 07:13 - 01618320 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-31 20:51 - 2013-11-21 21:24 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Skype
2014-03-31 20:49 - 2013-12-12 02:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-31 20:48 - 2013-11-23 00:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-31 20:47 - 2014-03-31 20:47 - 00001084 _____ () C:\windows\PFRO.log
2014-03-31 20:47 - 2014-03-28 23:20 - 00000672 _____ () C:\windows\setupact.log
2014-03-31 20:47 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-31 18:38 - 2013-12-03 23:28 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\vlc
2014-03-31 18:34 - 2014-03-08 19:24 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 18:25 - 2013-12-20 23:21 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-31 18:24 - 2013-12-08 17:59 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Battle.net
2014-03-31 18:23 - 2014-03-31 18:13 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\uTorrent
2014-03-31 18:12 - 2014-03-31 18:11 - 01671248 _____ (BitTorrent Inc.) C:\Users\Marcimeister\Downloads\uTorrent_341_b30740.exe
2014-03-31 17:37 - 2013-11-21 21:37 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\PMB Files
2014-03-31 17:37 - 2013-11-21 21:37 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-31 16:27 - 2014-03-31 16:27 - 00001153 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\Users\Marcimeister\Documents\Simply Super Software
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-31 16:27 - 2014-03-31 16:27 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-31 16:27 - 2014-03-31 16:19 - 21407864 _____ (Simply Super Software ) C:\Users\Marcimeister\Downloads\trjsetup690.exe
2014-03-31 15:56 - 2009-07-14 06:45 - 00017376 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 15:56 - 2009-07-14 06:45 - 00017376 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-30 23:54 - 2013-11-21 21:13 - 00000000 ____D () C:\Users\Marcimeister\Desktop\DevPro
2014-03-30 20:17 - 2014-03-09 13:49 - 00007783 _____ () C:\Users\Marcimeister\Documents\Uninstall STAR WARS The Old Republic.log
2014-03-30 20:08 - 2013-11-21 21:17 - 00000000 ____D () C:\Users\Marcimeister\Desktop\Anime
2014-03-30 19:17 - 2013-11-21 21:29 - 00000000 ____D () C:\ProgramData\Origin
2014-03-30 16:21 - 2013-12-08 17:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-30 11:42 - 2014-03-08 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 12:06 - 2014-03-29 12:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 23:20 - 2014-03-28 23:20 - 00000000 _____ () C:\windows\setuperr.log
2014-03-28 23:01 - 2013-11-21 21:18 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\TS3Client
2014-03-28 20:57 - 2014-02-20 15:19 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\DAEMON Tools Lite
2014-03-28 20:56 - 2013-11-22 16:14 - 00000000 ____D () C:\windows\Minidump
2014-03-28 19:52 - 2014-03-28 19:52 - 00000832 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-28 19:52 - 2014-01-01 18:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-28 13:08 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-03-28 11:12 - 2014-03-28 11:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\dvdcss
2014-03-27 19:51 - 2014-02-20 20:32 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\DayZ
2014-03-25 18:26 - 2014-03-25 18:26 - 00000000 ____D () C:\Users\Marcimeister\Desktop\Lan
2014-03-25 18:26 - 2013-11-21 21:11 - 00000000 ____D () C:\Users\Marcimeister\Desktop\Musik
2014-03-21 20:40 - 2014-03-21 20:40 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\PAYDAY 2
2014-03-21 20:39 - 2014-03-21 20:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-21 20:39 - 2014-03-21 20:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-19 21:17 - 2013-11-22 15:19 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-17 15:01 - 2013-12-28 22:05 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Microsoft Games
2014-03-17 09:53 - 2014-03-17 09:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-17 09:53 - 2014-03-17 09:53 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Skype
2014-03-17 09:52 - 2013-11-21 21:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-15 11:41 - 2013-11-23 00:19 - 00000000 ____D () C:\windows\system32\MRT
2014-03-15 11:39 - 2013-11-23 00:19 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-14 15:52 - 2014-02-20 00:05 - 00000000 ____D () C:\Users\Marcimeister\Documents\Respawn
2014-03-14 04:19 - 2009-07-14 06:45 - 00416312 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-13 20:31 - 2013-11-21 21:11 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-03-13 18:45 - 2013-12-03 23:27 - 00001080 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-12 22:26 - 2014-03-12 22:26 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\OBS
2014-03-12 22:26 - 2014-03-12 22:25 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-03-12 22:25 - 2014-03-12 22:25 - 00000949 _____ () C:\Users\Marcimeister\Desktop\Open Broadcaster Software.lnk
2014-03-12 22:25 - 2014-03-12 22:25 - 00000000 ____D () C:\Program Files\OBS
2014-03-12 22:25 - 2014-03-12 22:25 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-11 18:36 - 2014-03-08 17:20 - 00015533 _____ () C:\Users\Marcimeister\Documents\Install STAR WARS The Old Republic.log
2014-03-11 18:35 - 2014-03-08 17:20 - 00034074 _____ () C:\end
2014-03-09 13:50 - 2013-12-03 22:50 - 00000312 _____ () C:\windows\Tasks\MySearchDial.job
2014-03-08 20:08 - 2013-11-21 21:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-08 20:01 - 2010-10-26 00:45 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2014-03-08 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system
2014-03-08 19:24 - 2014-03-08 19:24 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-08 19:24 - 2013-12-11 13:01 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-08 19:24 - 2013-12-11 13:01 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-08 19:22 - 2014-03-08 19:22 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Macromedia
2014-03-08 19:22 - 2013-12-11 13:00 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Adobe
2014-03-08 19:21 - 2014-03-08 19:21 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-08 19:12 - 2014-03-08 19:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Mozilla
2014-03-08 19:12 - 2014-03-08 19:12 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\Mozilla
2014-03-08 19:11 - 2014-03-08 19:11 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-08 17:22 - 2014-03-08 17:22 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-03-08 17:22 - 2014-03-08 17:22 - 00000000 ____D () C:\Users\Marcimeister\AppData\Local\SWTORPerf
2014-03-05 20:19 - 2013-11-21 20:42 - 00000000 ____D () C:\Users\Marcimeister
2014-03-05 20:19 - 2010-10-26 00:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-05 17:17 - 2014-02-11 16:09 - 00000000 ____D () C:\Users\Marcimeister\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-03-02 14:44 - 2013-11-22 18:46 - 00214392 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-03-02 14:25 - 2013-11-22 18:46 - 00214392 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-03-01 08:05 - 2014-03-14 01:09 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 07:17 - 2014-03-14 01:09 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-01 07:16 - 2014-03-14 01:09 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-01 06:58 - 2014-03-14 01:09 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 06:52 - 2014-03-14 01:09 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-01 06:51 - 2014-03-14 01:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-01 06:42 - 2014-03-14 01:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-01 06:40 - 2014-03-14 01:09 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-01 06:37 - 2014-03-14 01:09 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-01 06:33 - 2014-03-14 01:09 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-01 06:33 - 2014-03-14 01:09 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-01 06:32 - 2014-03-14 01:09 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-01 06:30 - 2014-03-14 01:09 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-01 06:23 - 2014-03-14 01:09 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 06:17 - 2014-03-14 01:09 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-01 06:11 - 2014-03-14 01:09 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-01 06:02 - 2014-03-14 01:09 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-01 05:54 - 2014-03-14 01:09 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-01 05:52 - 2014-03-14 01:09 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-01 05:51 - 2014-03-14 01:09 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-01 05:47 - 2014-03-14 01:09 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-01 05:43 - 2014-03-14 01:09 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-01 05:43 - 2014-03-14 01:09 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-01 05:42 - 2014-03-14 01:09 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-01 05:40 - 2014-03-14 01:09 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-01 05:38 - 2014-03-14 01:09 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-01 05:37 - 2014-03-14 01:09 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-01 05:35 - 2014-03-14 01:09 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-01 05:18 - 2014-03-14 01:09 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-01 05:16 - 2014-03-14 01:09 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-01 05:14 - 2014-03-14 01:09 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-14 01:09 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-01 05:03 - 2014-03-14 01:09 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-01 05:00 - 2014-03-14 01:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-01 04:57 - 2014-03-14 01:09 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-14 01:09 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-14 01:09 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-14 01:09 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-14 01:09 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-14 01:09 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\Marcimeister\AppData\Local\Temp\avgnt.exe
C:\Users\Marcimeister\AppData\Local\Temp\BRSVC_9320591_hlp.exe
C:\Users\Marcimeister\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Marcimeister\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 12:12
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Marcimeister at 2014-03-31 20:56:35
Running from C:\Users\Marcimeister\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version: - ArcSoft)
ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}) (Version: 3.0.255.487 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{25478065-4CB1-448C-80E4-8C4529017EE3}) (Version: 3.0.32.221 - ArcSoft)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{FDAF0654-0EB1-4995-E1F7-0B660AA388B0}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1008.2601 - Micro-Star International Co., Ltd.)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0622.2308.39722 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0622.2308.39722 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0622.2308.39722 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0622.2308.39722 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help English (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help French (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help German (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0622.2307.39722 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0622.2308.39722 - ATI) Hidden
ccc-utility64 (Version: 2010.0622.2308.39722 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
ENE USB Card Reader Driver (HKLM\...\8426FCB8FBFE7DD936977F568A58E018229E5BC1) (Version: 5.89.0.71 - ENE)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Motorola Bluetooth (HKLM\...\Motorola Bluetooth_is1) (Version: 3.0.1.237 - Motorola, Inc.)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
msi LED Manager (HKLM-x32\...\{34B61214-F4D3-4449-A918-F52A36FB2F71}) (Version: 1.0.1006.2201 - msi)
msi Software Install (HKLM-x32\...\{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}) (Version: 3.1000.1005.1101 - Micro-Star International Co., Ltd.)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0319.006.09 - Micro-Star International Co., Ltd.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Trojan Remover 6.9.0 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.0 - Simply Super Software)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
29-03-2014 02:00:12 Windows Update
29-03-2014 02:55:53 Windows Update
29-03-2014 14:42:54 Windows Update
30-03-2014 15:06:40 Windows Update
30-03-2014 18:18:43 Removed Overwolf
31-03-2014 13:52:35 Windows Update
31-03-2014 16:39:12 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {20504F49-7BEE-4E63-94A0-13C280CE4313} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {C85AC929-8C42-4D7F-8D36-602C890C9A45} - System32\Tasks\MySearchDial => C:\Users\MARCIM~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FB3C717B-7989-49DC-B73E-154B01964874} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-08] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\MySearchDial.job => C:\Users\MARCIM~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-03-05 18:21 - 2010-03-05 18:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-11-22 18:46 - 2013-11-22 18:46 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-05 18:21 - 2010-03-05 18:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-06-23 08:07 - 2010-06-23 08:07 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-03 23:06 - 2013-11-22 13:01 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-29 20:29 - 2014-03-07 15:39 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-01-11 15:35 - 2013-12-13 00:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-11 15:35 - 2013-11-05 03:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-11-06 14:48 - 2014-02-11 04:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-12-11 12:40 - 2014-02-25 23:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-11-06 14:48 - 2014-01-11 01:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-29 12:06 - 2014-03-29 12:06 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-14 19:52 - 2014-02-14 19:52 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-26 00:42 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-03-08 19:21 - 2014-03-08 19:21 - 16265096 ____N () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (L2TP)
Description: WAN-Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (IP)
Description: WAN-Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (IPv6)
Description: WAN-Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (PPPOE)
Description: WAN-Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (PPTP)
Description: WAN-Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN-Miniport (SSTP)
Description: WAN-Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/31/2014 08:49:59 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/31/2014 04:45:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/31/2014 03:57:46 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/30/2014 07:09:05 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/30/2014 04:08:30 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
Error: (03/30/2014 03:41:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
Error: (03/30/2014 00:34:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (03/30/2014 00:16:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/30/2014 11:43:23 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/29/2014 03:05:17 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f24
Startzeit: 01cf4b4f575eab58
Endzeit: 4
Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: c4a3d9e6-b742-11e3-ae64-e0649305a993
System errors:
=============
Error: (03/31/2014 08:50:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (03/31/2014 08:47:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/31/2014 08:47:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "SSTP-Dienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (03/31/2014 06:39:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2709630)
Error: (03/31/2014 03:54:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2709630)
Error: (03/31/2014 03:48:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/31/2014 03:48:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "SSTP-Dienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (03/30/2014 07:02:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/30/2014 07:02:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "SSTP-Dienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (03/30/2014 05:07:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2709630)
Microsoft Office Sessions:
=========================
Error: (03/31/2014 08:49:59 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/31/2014 04:45:55 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/31/2014 03:57:46 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/30/2014 07:09:05 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/30/2014 04:08:30 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
Error: (03/30/2014 03:41:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
Error: (03/30/2014 00:34:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (03/30/2014 00:16:08 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (03/30/2014 11:43:23 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/29/2014 03:05:17 PM) (Source: Application Hang)(User: )
Description: rads_user_kernel.exe0.0.0.0f2401cf4b4f575eab584C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exec4a3d9e6-b742-11e3-ae64-e0649305a993
==================== Memory info ===========================
Percentage of memory in use: 56%
Total physical RAM: 4014 MB
Available physical RAM: 1744.11 MB
Total Pagefile: 8026.17 MB
Available Pagefile: 5436.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:272.79 GB) (Free:101.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:181.87 GB) (Free:77.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BF97002A)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
01.04.2014, 12:39
| #4 |
| /// the machine /// TB-Ausbilder | Werbungs-Ton im Hintergrund! hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.04.2014, 16:33
| #5 |
| | Werbungs-Ton im Hintergrund! Hey  Code:
ATTFilter 16:28:25.0337 4692 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:28:25.0366 4692 ============================================================
16:28:25.0366 4692 Current date / time: 2014/04/01 16:28:25.0366
16:28:25.0366 4692 SystemInfo:
16:28:25.0366 4692
16:28:25.0366 4692 OS Version: 6.1.7601 ServicePack: 1.0
16:28:25.0366 4692 Product type: Workstation
16:28:25.0366 4692 ComputerName: NYMPH
16:28:25.0367 4692 UserName: Marcimeister
16:28:25.0367 4692 Windows directory: C:\windows
16:28:25.0367 4692 System windows directory: C:\windows
16:28:25.0367 4692 Running under WOW64
16:28:25.0367 4692 Processor architecture: Intel x64
16:28:25.0367 4692 Number of processors: 4
16:28:25.0367 4692 Page size: 0x1000
16:28:25.0367 4692 Boot type: Normal boot
16:28:25.0367 4692 ============================================================
16:28:26.0428 4692 Drive \Device\Harddisk0\DR0 - Size: 0x7471100000 (465.77 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:28:26.0432 4692 ============================================================
16:28:26.0432 4692 \Device\Harddisk0\DR0:
16:28:26.0432 4692 MBR partitions:
16:28:26.0432 4692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1632800, BlocksNum 0x22196966
16:28:26.0432 4692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x237C9166, BlocksNum 0x16BBEE9A
16:28:26.0432 4692 ============================================================
16:28:26.0503 4692 C: <-> \Device\Harddisk0\DR0\Partition1
16:28:26.0543 4692 D: <-> \Device\Harddisk0\DR0\Partition2
16:28:26.0543 4692 ============================================================
16:28:26.0544 4692 Initialize success
16:28:26.0544 4692 ============================================================
16:28:43.0081 2036 ============================================================
16:28:43.0081 2036 Scan started
16:28:43.0081 2036 Mode: Manual;
16:28:43.0081 2036 ============================================================
16:28:53.0564 2036 ================ Scan system memory ========================
16:28:53.0564 2036 System memory - ok
16:28:53.0564 2036 ================ Scan services =============================
16:28:54.0217 2036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:28:54.0222 2036 1394ohci - ok
16:28:54.0352 2036 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:28:54.0353 2036 ACDaemon - ok
16:28:54.0452 2036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:28:54.0456 2036 ACPI - ok
16:28:54.0487 2036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:28:54.0489 2036 AcpiPmi - ok
16:28:54.0713 2036 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:28:54.0715 2036 AdobeFlashPlayerUpdateSvc - ok
16:28:54.0774 2036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:28:54.0778 2036 adp94xx - ok
16:28:54.0802 2036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:28:54.0806 2036 adpahci - ok
16:28:54.0835 2036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:28:54.0850 2036 adpu320 - ok
16:28:54.0902 2036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:28:54.0903 2036 AeLookupSvc - ok
16:28:55.0057 2036 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\windows\system32\drivers\afd.sys
16:28:55.0060 2036 AFD - ok
16:28:55.0110 2036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
16:28:55.0111 2036 agp440 - ok
16:28:55.0146 2036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
16:28:55.0148 2036 ALG - ok
16:28:55.0179 2036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
16:28:55.0195 2036 aliide - ok
16:28:55.0251 2036 [ 08384CC2D473BDED33E73506AF9BC7B6 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:28:55.0254 2036 AMD External Events Utility - ok
16:28:55.0284 2036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
16:28:55.0285 2036 amdide - ok
16:28:55.0305 2036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:28:55.0306 2036 AmdK8 - ok
16:28:55.0516 2036 [ E5A3A61E1FB063BA037449538B48A6FD ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:28:55.0606 2036 amdkmdag - ok
16:28:55.0644 2036 [ 92F9E9F1DD0D3CD4125B6D7497269B47 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
16:28:55.0647 2036 amdkmdap - ok
16:28:55.0664 2036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:28:55.0666 2036 AmdPPM - ok
16:28:55.0709 2036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:28:55.0712 2036 amdsata - ok
16:28:55.0732 2036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:28:55.0734 2036 amdsbs - ok
16:28:55.0751 2036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:28:55.0753 2036 amdxata - ok
16:28:55.0863 2036 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:28:55.0865 2036 AntiVirSchedulerService - ok
16:28:55.0904 2036 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:28:55.0907 2036 AntiVirService - ok
16:28:55.0943 2036 [ DAB48CB546A895C3FC6219F298CC6DD7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:28:55.0950 2036 AntiVirWebService - ok
16:28:56.0018 2036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
16:28:56.0020 2036 AppID - ok
16:28:56.0052 2036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:28:56.0054 2036 AppIDSvc - ok
16:28:56.0091 2036 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
16:28:56.0092 2036 Appinfo - ok
16:28:56.0126 2036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
16:28:56.0127 2036 arc - ok
16:28:56.0150 2036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:28:56.0152 2036 arcsas - ok
16:28:56.0271 2036 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:28:56.0296 2036 aspnet_state - ok
16:28:56.0336 2036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:28:56.0338 2036 AsyncMac - ok
16:28:56.0374 2036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
16:28:56.0376 2036 atapi - ok
16:28:56.0432 2036 [ D048E78B8B6416A0A5A18843867C9973 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
16:28:56.0434 2036 AtiHDAudioService - ok
16:28:56.0487 2036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:28:56.0492 2036 AudioEndpointBuilder - ok
16:28:56.0499 2036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
16:28:56.0503 2036 AudioSrv - ok
16:28:56.0553 2036 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
16:28:56.0555 2036 avgntflt - ok
16:28:56.0605 2036 [ C3A58DBD18786C338126D30BF8C33D72 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
16:28:56.0607 2036 avipbb - ok
16:28:56.0645 2036 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
16:28:56.0647 2036 avkmgr - ok
16:28:56.0654 2036 [ 3DE0EBA0BF4771C897F544CBF7CB8973 ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
16:28:56.0656 2036 avnetflt - ok
16:28:56.0709 2036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
16:28:56.0711 2036 AxInstSV - ok
16:28:56.0754 2036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
16:28:56.0758 2036 b06bdrv - ok
16:28:56.0800 2036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:28:56.0804 2036 b57nd60a - ok
16:28:56.0854 2036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
16:28:56.0857 2036 BDESVC - ok
16:28:56.0884 2036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
16:28:56.0889 2036 Beep - ok
16:28:57.0074 2036 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
16:28:57.0079 2036 BFE - ok
16:28:57.0176 2036 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
16:28:57.0197 2036 BITS - ok
16:28:57.0224 2036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:28:57.0241 2036 blbdrive - ok
16:28:57.0444 2036 [ BB745548B1E73F8F6F260677786B2BE3 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
16:28:57.0463 2036 Bluetooth Device Manager - ok
16:28:57.0538 2036 [ 449D09F3D9CDF02BF594B1513257969E ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
16:28:57.0544 2036 Bluetooth Media Service - ok
16:28:57.0601 2036 [ 41D5B8EE393D815AA82A9B2116F90BCF ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
16:28:57.0605 2036 Bluetooth OBEX Service - ok
16:28:57.0701 2036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:28:57.0714 2036 bowser - ok
16:28:57.0734 2036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:28:57.0735 2036 BrFiltLo - ok
16:28:57.0754 2036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:28:57.0755 2036 BrFiltUp - ok
16:28:57.0791 2036 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
16:28:57.0794 2036 Browser - ok
16:28:57.0811 2036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:28:57.0814 2036 Brserid - ok
16:28:57.0819 2036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:28:57.0821 2036 BrSerWdm - ok
16:28:57.0825 2036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:28:57.0826 2036 BrUsbMdm - ok
16:28:57.0835 2036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:28:57.0837 2036 BrUsbSer - ok
16:28:57.0898 2036 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:28:57.0899 2036 BthEnum - ok
16:28:57.0916 2036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:28:57.0918 2036 BTHMODEM - ok
16:28:57.0933 2036 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:28:57.0935 2036 BthPan - ok
16:28:58.0021 2036 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:28:58.0039 2036 BTHPORT - ok
16:28:58.0110 2036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
16:28:58.0112 2036 bthserv - ok
16:28:58.0137 2036 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:28:58.0151 2036 BTHUSB - ok
16:28:58.0191 2036 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\windows\System32\Drivers\btmcom.sys
16:28:58.0192 2036 BTMCOM - ok
16:28:58.0217 2036 [ 111160E8F47FAFC0BD026293EBB95B70 ] BTMHID C:\windows\system32\DRIVERS\btmhid.sys
16:28:58.0233 2036 BTMHID - ok
16:28:58.0379 2036 [ 22A24C45A21AB98AFCD09229F6EE5FCF ] BTMUSB C:\windows\system32\Drivers\btmusb.sys
16:28:58.0418 2036 BTMUSB - ok
16:28:58.0465 2036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:28:58.0471 2036 cdfs - ok
16:28:58.0537 2036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:28:58.0547 2036 cdrom - ok
16:28:58.0627 2036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
16:28:58.0635 2036 CertPropSvc - ok
16:28:58.0656 2036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:28:58.0657 2036 circlass - ok
16:28:58.0705 2036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
16:28:58.0720 2036 CLFS - ok
16:28:58.0792 2036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:28:58.0808 2036 clr_optimization_v2.0.50727_32 - ok
16:28:58.0861 2036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:28:58.0863 2036 clr_optimization_v2.0.50727_64 - ok
16:28:59.0151 2036 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:01.0019 2036 clr_optimization_v4.0.30319_32 - ok
16:29:01.0059 2036 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:01.0074 2036 clr_optimization_v4.0.30319_64 - ok
16:29:01.0096 2036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:29:01.0098 2036 CmBatt - ok
16:29:01.0139 2036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
16:29:01.0140 2036 cmdide - ok
16:29:01.0257 2036 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\windows\system32\Drivers\cng.sys
16:29:01.0264 2036 CNG - ok
16:29:01.0324 2036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:29:01.0343 2036 Compbatt - ok
16:29:01.0419 2036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:29:01.0420 2036 CompositeBus - ok
16:29:01.0433 2036 COMSysApp - ok
16:29:01.0463 2036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:29:01.0469 2036 crcdisk - ok
16:29:01.0529 2036 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll
16:29:01.0532 2036 CryptSvc - ok
16:29:01.0596 2036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
16:29:01.0600 2036 DcomLaunch - ok
16:29:01.0653 2036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
16:29:01.0656 2036 defragsvc - ok
16:29:01.0709 2036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:29:01.0711 2036 DfsC - ok
16:29:01.0778 2036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
16:29:01.0799 2036 Dhcp - ok
16:29:01.0812 2036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
16:29:01.0816 2036 discache - ok
16:29:01.0873 2036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
16:29:01.0891 2036 Disk - ok
16:29:01.0927 2036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:29:01.0947 2036 Dnscache - ok
16:29:02.0030 2036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
16:29:02.0033 2036 dot3svc - ok
16:29:02.0083 2036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
16:29:02.0105 2036 DPS - ok
16:29:02.0182 2036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:29:02.0183 2036 drmkaud - ok
16:29:02.0244 2036 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
16:29:02.0247 2036 dtsoftbus01 - ok
16:29:02.0370 2036 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:29:02.0386 2036 DXGKrnl - ok
16:29:02.0411 2036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
16:29:02.0412 2036 EapHost - ok
16:29:02.0598 2036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
16:29:02.0644 2036 ebdrv - ok
16:29:02.0696 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\windows\System32\lsass.exe
16:29:02.0709 2036 EFS - ok
16:29:02.0854 2036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:29:02.0869 2036 ehRecvr - ok
16:29:02.0912 2036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
16:29:02.0916 2036 ehSched - ok
16:29:02.0974 2036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:29:03.0010 2036 elxstor - ok
16:29:03.0061 2036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
16:29:03.0062 2036 ErrDev - ok
16:29:03.0123 2036 [ 436A5902CFA60EDBF3AFABB1BAC6405A ] EUCR C:\windows\system32\DRIVERS\EUCR6SK.SYS
16:29:03.0136 2036 EUCR - ok
16:29:03.0175 2036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
16:29:03.0180 2036 EventSystem - ok
16:29:03.0312 2036 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:29:03.0319 2036 EvtEng - ok
16:29:03.0359 2036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
16:29:03.0385 2036 exfat - ok
16:29:03.0429 2036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
16:29:03.0435 2036 fastfat - ok
16:29:03.0548 2036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
16:29:03.0557 2036 Fax - ok
16:29:03.0585 2036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:29:03.0586 2036 fdc - ok
16:29:03.0603 2036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
16:29:03.0622 2036 fdPHost - ok
16:29:03.0661 2036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
16:29:03.0663 2036 FDResPub - ok
16:29:03.0699 2036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:29:03.0713 2036 FileInfo - ok
16:29:03.0750 2036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:29:03.0767 2036 Filetrace - ok
16:29:03.0866 2036 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:29:03.0873 2036 FLEXnet Licensing Service - ok
16:29:04.0024 2036 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:29:04.0030 2036 FLEXnet Licensing Service 64 - ok
16:29:04.0034 2036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:29:04.0035 2036 flpydisk - ok
16:29:04.0248 2036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:29:04.0251 2036 FltMgr - ok
16:29:04.0422 2036 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
16:29:04.0429 2036 FontCache - ok
16:29:04.0522 2036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:04.0524 2036 FontCache3.0.0.0 - ok
16:29:04.0584 2036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:29:04.0594 2036 FsDepends - ok
16:29:04.0613 2036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:29:04.0639 2036 Fs_Rec - ok
16:29:04.0687 2036 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:29:04.0707 2036 fvevol - ok
16:29:04.0720 2036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:29:04.0726 2036 gagp30kx - ok
16:29:04.0785 2036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
16:29:04.0790 2036 gpsvc - ok
16:29:04.0811 2036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:29:04.0814 2036 hcw85cir - ok
16:29:04.0892 2036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:29:04.0895 2036 HdAudAddService - ok
16:29:04.0926 2036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:29:04.0929 2036 HDAudBus - ok
16:29:04.0959 2036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:29:04.0989 2036 HidBatt - ok
16:29:05.0011 2036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:29:05.0024 2036 HidBth - ok
16:29:05.0046 2036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:29:05.0058 2036 HidIr - ok
16:29:05.0088 2036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
16:29:05.0089 2036 hidserv - ok
16:29:05.0140 2036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:29:05.0142 2036 HidUsb - ok
16:29:05.0171 2036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
16:29:05.0173 2036 hkmsvc - ok
16:29:05.0222 2036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:29:05.0226 2036 HomeGroupListener - ok
16:29:05.0309 2036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:29:05.0314 2036 HomeGroupProvider - ok
16:29:05.0374 2036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:29:05.0376 2036 HpSAMD - ok
16:29:05.0459 2036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:29:05.0487 2036 HTTP - ok
16:29:05.0520 2036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:29:05.0531 2036 hwpolicy - ok
16:29:05.0595 2036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:29:05.0604 2036 i8042prt - ok
16:29:05.0645 2036 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:29:05.0661 2036 iaStor - ok
16:29:05.0777 2036 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:29:05.0778 2036 IAStorDataMgrSvc - ok
16:29:05.0853 2036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:29:05.0857 2036 iaStorV - ok
16:29:05.0952 2036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:05.0958 2036 idsvc - ok
16:29:05.0996 2036 IEEtwCollectorService - ok
16:29:06.0079 2036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:29:06.0091 2036 iirsp - ok
16:29:06.0160 2036 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\windows\System32\ikeext.dll
16:29:06.0169 2036 IKEEXT - ok
16:29:06.0208 2036 IntcAzAudAddService - ok
16:29:06.0239 2036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
16:29:06.0241 2036 intelide - ok
16:29:06.0266 2036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:29:06.0280 2036 intelppm - ok
16:29:06.0326 2036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:29:06.0348 2036 IPBusEnum - ok
16:29:06.0388 2036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:29:06.0402 2036 IpFilterDriver - ok
16:29:06.0458 2036 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:29:06.0462 2036 iphlpsvc - ok
16:29:06.0515 2036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:29:06.0517 2036 IPMIDRV - ok
16:29:06.0575 2036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:29:06.0580 2036 IPNAT - ok
16:29:06.0630 2036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
16:29:06.0631 2036 IRENUM - ok
16:29:06.0688 2036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:29:06.0695 2036 isapnp - ok
16:29:06.0718 2036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:29:06.0740 2036 iScsiPrt - ok
16:29:06.0780 2036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:29:06.0796 2036 kbdclass - ok
16:29:06.0828 2036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:29:06.0829 2036 kbdhid - ok
16:29:06.0874 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\windows\system32\lsass.exe
16:29:06.0875 2036 KeyIso - ok
16:29:06.0915 2036 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:29:06.0926 2036 KSecDD - ok
16:29:06.0956 2036 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:29:06.0965 2036 KSecPkg - ok
16:29:07.0018 2036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:29:07.0034 2036 ksthunk - ok
16:29:07.0120 2036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
16:29:07.0125 2036 KtmRm - ok
16:29:07.0196 2036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
16:29:07.0211 2036 LanmanServer - ok
16:29:07.0259 2036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:29:07.0280 2036 LanmanWorkstation - ok
16:29:07.0327 2036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:29:07.0329 2036 lltdio - ok
16:29:07.0389 2036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
16:29:07.0407 2036 lltdsvc - ok
16:29:07.0441 2036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
16:29:07.0447 2036 lmhosts - ok
16:29:07.0484 2036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:29:07.0496 2036 LSI_FC - ok
16:29:07.0586 2036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:29:07.0598 2036 LSI_SAS - ok
16:29:07.0616 2036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:29:07.0618 2036 LSI_SAS2 - ok
16:29:07.0643 2036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:29:07.0656 2036 LSI_SCSI - ok
16:29:07.0702 2036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
16:29:07.0706 2036 luafv - ok
16:29:07.0791 2036 [ CD51E1D0D638F1E07A6EDC98CD7F5DDA ] mbamchameleon C:\windows\system32\drivers\mbamchameleon.sys
16:29:07.0792 2036 mbamchameleon - ok
16:29:07.0851 2036 [ F24BD06AE917F57408999F79E91FD6BC ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
16:29:07.0865 2036 MBAMSwissArmy - ok
16:29:07.0902 2036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:29:07.0922 2036 Mcx2Svc - ok
16:29:07.0971 2036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:29:07.0983 2036 megasas - ok
16:29:08.0026 2036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:29:08.0033 2036 MegaSR - ok
16:29:08.0106 2036 MGHwCtrl - ok
16:29:08.0227 2036 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files (x86)\System Control Manager\MSIService.exe
16:29:08.0246 2036 Micro Star SCM - ok
16:29:08.0343 2036 Microsoft SharePoint Workspace Audit Service - ok
16:29:08.0374 2036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
16:29:08.0376 2036 MMCSS - ok
16:29:08.0400 2036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
16:29:08.0411 2036 Modem - ok
16:29:08.0423 2036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:29:08.0430 2036 monitor - ok
16:29:08.0458 2036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:29:08.0460 2036 mouclass - ok
16:29:08.0527 2036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:29:08.0528 2036 mouhid - ok
16:29:08.0572 2036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:29:08.0580 2036 mountmgr - ok
16:29:08.0722 2036 [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:29:08.0724 2036 MozillaMaintenance - ok
16:29:08.0747 2036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
16:29:08.0758 2036 mpio - ok
16:29:08.0798 2036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:29:08.0807 2036 mpsdrv - ok
16:29:08.0904 2036 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
16:29:08.0929 2036 MpsSvc - ok
16:29:09.0021 2036 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:29:09.0023 2036 MRxDAV - ok
16:29:09.0091 2036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:29:09.0097 2036 mrxsmb - ok
16:29:09.0159 2036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:29:09.0181 2036 mrxsmb10 - ok
16:29:09.0209 2036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:29:09.0215 2036 mrxsmb20 - ok
16:29:09.0240 2036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
16:29:09.0260 2036 msahci - ok
16:29:09.0301 2036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:29:09.0309 2036 msdsm - ok
16:29:09.0375 2036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
16:29:09.0378 2036 MSDTC - ok
16:29:09.0417 2036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:29:09.0422 2036 Msfs - ok
16:29:09.0464 2036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:29:09.0484 2036 mshidkmdf - ok
16:29:09.0533 2036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:29:09.0534 2036 msisadrv - ok
16:29:09.0597 2036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:29:09.0599 2036 MSiSCSI - ok
16:29:09.0604 2036 msiserver - ok
16:29:09.0627 2036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:29:09.0628 2036 MSKSSRV - ok
16:29:09.0636 2036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:29:09.0655 2036 MSPCLOCK - ok
16:29:09.0723 2036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:29:09.0734 2036 MSPQM - ok
16:29:09.0792 2036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:29:09.0802 2036 MsRPC - ok
16:29:09.0837 2036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:29:09.0839 2036 mssmbios - ok
16:29:09.0852 2036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:29:09.0858 2036 MSTEE - ok
16:29:09.0870 2036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:29:09.0883 2036 MTConfig - ok
16:29:09.0911 2036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
16:29:09.0913 2036 Mup - ok
16:29:09.0964 2036 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:29:09.0966 2036 MyWiFiDHCPDNS - ok
16:29:10.0038 2036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
16:29:10.0043 2036 napagent - ok
16:29:10.0133 2036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:29:10.0135 2036 NativeWifiP - ok
16:29:10.0248 2036 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
16:29:10.0257 2036 NDIS - ok
16:29:10.0315 2036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:29:10.0330 2036 NdisCap - ok
16:29:10.0359 2036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:29:10.0360 2036 NdisTapi - ok
16:29:10.0408 2036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:29:10.0409 2036 Ndisuio - ok
16:29:10.0445 2036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:29:10.0448 2036 NdisWan - ok
16:29:10.0465 2036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:29:10.0472 2036 NDProxy - ok
16:29:10.0504 2036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:29:10.0524 2036 NetBIOS - ok
16:29:10.0567 2036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:29:10.0570 2036 NetBT - ok
16:29:10.0576 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\windows\system32\lsass.exe
16:29:10.0578 2036 Netlogon - ok
16:29:10.0623 2036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
16:29:10.0626 2036 Netman - ok
16:29:10.0668 2036 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:10.0730 2036 NetMsmqActivator - ok
16:29:10.0734 2036 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:10.0736 2036 NetPipeActivator - ok
16:29:10.0760 2036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
16:29:10.0765 2036 netprofm - ok
16:29:10.0775 2036 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:10.0777 2036 NetTcpActivator - ok
16:29:10.0782 2036 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:10.0783 2036 NetTcpPortSharing - ok
16:29:10.0928 2036 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
16:29:11.0036 2036 NETw5s64 - ok
16:29:11.0081 2036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:29:11.0083 2036 nfrd960 - ok
16:29:11.0113 2036 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
16:29:11.0118 2036 NlaSvc - ok
16:29:11.0135 2036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
16:29:11.0141 2036 Npfs - ok
16:29:11.0168 2036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
16:29:11.0171 2036 nsi - ok
16:29:11.0184 2036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:29:11.0186 2036 nsiproxy - ok
16:29:11.0293 2036 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:29:11.0310 2036 Ntfs - ok
16:29:11.0324 2036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
16:29:11.0327 2036 Null - ok
16:29:11.0381 2036 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
16:29:11.0383 2036 nusb3hub - ok
16:29:11.0409 2036 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
16:29:11.0411 2036 nusb3xhc - ok
16:29:11.0485 2036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
16:29:11.0487 2036 nvraid - ok
16:29:11.0537 2036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
16:29:11.0551 2036 nvstor - ok
16:29:11.0604 2036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:29:11.0617 2036 nv_agp - ok
16:29:11.0635 2036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:29:11.0636 2036 ohci1394 - ok
16:29:11.0713 2036 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:29:11.0733 2036 ose - ok
16:29:11.0893 2036 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:29:11.0959 2036 osppsvc - ok
16:29:12.0040 2036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:29:12.0051 2036 p2pimsvc - ok
16:29:12.0143 2036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
16:29:12.0163 2036 p2psvc - ok
16:29:12.0206 2036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:29:12.0219 2036 Parport - ok
16:29:12.0269 2036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
16:29:12.0278 2036 partmgr - ok
16:29:12.0336 2036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
16:29:12.0350 2036 PcaSvc - ok
16:29:12.0404 2036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
16:29:12.0424 2036 pci - ok
16:29:12.0458 2036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
16:29:12.0459 2036 pciide - ok
16:29:12.0512 2036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:29:12.0515 2036 pcmcia - ok
16:29:12.0529 2036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
16:29:12.0545 2036 pcw - ok
16:29:12.0599 2036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:29:12.0623 2036 PEAUTH - ok
16:29:12.0779 2036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
16:29:12.0781 2036 PerfHost - ok
16:29:12.0853 2036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
16:29:12.0862 2036 pla - ok
16:29:12.0923 2036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:29:12.0929 2036 PlugPlay - ok
16:29:12.0985 2036 PnkBstrA - ok
16:29:13.0020 2036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:29:13.0022 2036 PNRPAutoReg - ok
16:29:13.0040 2036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:29:13.0043 2036 PNRPsvc - ok
16:29:13.0130 2036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:29:13.0142 2036 PolicyAgent - ok
16:29:13.0190 2036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
16:29:13.0193 2036 Power - ok
16:29:13.0258 2036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:29:13.0279 2036 PptpMiniport - ok
16:29:13.0312 2036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
16:29:13.0329 2036 Processor - ok
16:29:13.0398 2036 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
16:29:13.0403 2036 ProfSvc - ok
16:29:13.0441 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\windows\system32\lsass.exe
16:29:13.0443 2036 ProtectedStorage - ok
16:29:13.0535 2036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:29:13.0536 2036 Psched - ok
16:29:13.0628 2036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:29:13.0645 2036 ql2300 - ok
16:29:13.0669 2036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:29:13.0672 2036 ql40xx - ok
16:29:13.0709 2036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
16:29:13.0731 2036 QWAVE - ok
16:29:13.0780 2036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:29:13.0782 2036 QWAVEdrv - ok
16:29:13.0798 2036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:29:13.0800 2036 RasAcd - ok
16:29:13.0816 2036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:29:13.0817 2036 RasAgileVpn - ok
16:29:13.0844 2036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
16:29:13.0853 2036 RasAuto - ok
16:29:13.0894 2036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:29:13.0903 2036 Rasl2tp - ok
16:29:13.0960 2036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
16:29:13.0967 2036 RasMan - ok
16:29:14.0006 2036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:29:14.0009 2036 RasPppoe - ok
16:29:14.0065 2036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:29:14.0083 2036 RasSstp - ok
16:29:14.0173 2036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:29:14.0191 2036 rdbss - ok
16:29:14.0212 2036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:29:14.0233 2036 rdpbus - ok
16:29:14.0269 2036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:29:14.0271 2036 RDPCDD - ok
16:29:14.0297 2036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:29:14.0309 2036 RDPENCDD - ok
16:29:14.0348 2036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:29:14.0349 2036 RDPREFMP - ok
16:29:14.0436 2036 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:29:14.0438 2036 RdpVideoMiniport - ok
16:29:14.0476 2036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:29:14.0499 2036 RDPWD - ok
16:29:14.0567 2036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:29:14.0569 2036 rdyboost - ok
16:29:14.0754 2036 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:29:14.0758 2036 RegSrvc - ok
16:29:14.0799 2036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
16:29:14.0802 2036 RemoteAccess - ok
16:29:14.0841 2036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:29:14.0854 2036 RemoteRegistry - ok
16:29:14.0876 2036 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:29:14.0879 2036 RFCOMM - ok
16:29:14.0906 2036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:29:14.0919 2036 RpcEptMapper - ok
16:29:14.0967 2036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
16:29:14.0984 2036 RpcLocator - ok
16:29:15.0048 2036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
16:29:15.0051 2036 RpcSs - ok
16:29:15.0073 2036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:29:15.0075 2036 rspndr - ok
16:29:15.0168 2036 [ AC4CA62572CA516945AB92D6C9F501F4 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
16:29:15.0175 2036 RTL8167 - ok
16:29:15.0197 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\windows\system32\lsass.exe
16:29:15.0198 2036 SamSs - ok
16:29:15.0241 2036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:29:15.0259 2036 sbp2port - ok
16:29:15.0313 2036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
16:29:15.0336 2036 SCardSvr - ok
16:29:15.0371 2036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:29:15.0372 2036 scfilter - ok
16:29:15.0448 2036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
16:29:15.0456 2036 Schedule - ok
16:29:15.0494 2036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
16:29:15.0496 2036 SCPolicySvc - ok
16:29:15.0543 2036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:29:15.0547 2036 SDRSVC - ok
16:29:15.0584 2036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:29:15.0588 2036 secdrv - ok
16:29:15.0596 2036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
16:29:15.0598 2036 seclogon - ok
16:29:15.0624 2036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
16:29:15.0627 2036 SENS - ok
16:29:15.0652 2036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
16:29:15.0655 2036 SensrSvc - ok
16:29:15.0670 2036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:29:15.0672 2036 Serenum - ok
16:29:15.0719 2036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:29:15.0732 2036 Serial - ok
16:29:15.0797 2036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:29:15.0815 2036 sermouse - ok
16:29:15.0859 2036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
16:29:15.0864 2036 SessionEnv - ok
16:29:15.0908 2036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:29:15.0909 2036 sffdisk - ok
16:29:15.0940 2036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:29:15.0948 2036 sffp_mmc - ok
16:29:15.0955 2036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:29:15.0957 2036 sffp_sd - ok
16:29:15.0988 2036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:29:15.0996 2036 sfloppy - ok
16:29:16.0094 2036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
16:29:16.0100 2036 SharedAccess - ok
16:29:16.0149 2036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:29:16.0155 2036 ShellHWDetection - ok
16:29:16.0192 2036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:29:16.0194 2036 SiSRaid2 - ok
16:29:16.0226 2036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:29:16.0244 2036 SiSRaid4 - ok
16:29:16.0317 2036 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:29:16.0321 2036 SkypeUpdate - ok
16:29:16.0346 2036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:29:16.0349 2036 Smb - ok
16:29:16.0401 2036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:29:16.0404 2036 SNMPTRAP - ok
16:29:16.0430 2036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
16:29:16.0445 2036 spldr - ok
16:29:16.0511 2036 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
16:29:16.0523 2036 Spooler - ok
16:29:16.0718 2036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
16:29:16.0745 2036 sppsvc - ok
16:29:16.0811 2036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:29:16.0814 2036 sppuinotify - ok
16:29:16.0861 2036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
16:29:16.0866 2036 srv - ok
16:29:16.0897 2036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:29:16.0902 2036 srv2 - ok
16:29:16.0959 2036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:29:16.0961 2036 srvnet - ok
16:29:17.0014 2036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:29:17.0017 2036 SSDPSRV - ok
16:29:17.0028 2036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
16:29:17.0031 2036 SstpSvc - ok
16:29:17.0137 2036 [ 2F3B5A3567FFB343D8867C3D34C687F1 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:29:17.0140 2036 Steam Client Service - ok
16:29:17.0164 2036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:29:17.0172 2036 stexstor - ok
16:29:17.0237 2036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
16:29:17.0254 2036 stisvc - ok
16:29:17.0304 2036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
16:29:17.0305 2036 swenum - ok
16:29:17.0359 2036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
16:29:17.0365 2036 swprv - ok
16:29:17.0419 2036 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:29:17.0422 2036 SynTP - ok
16:29:17.0525 2036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
16:29:17.0545 2036 SysMain - ok
16:29:17.0625 2036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
16:29:17.0630 2036 TabletInputService - ok
16:29:17.0647 2036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
16:29:17.0652 2036 TapiSrv - ok
16:29:17.0696 2036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
16:29:17.0698 2036 TBS - ok
16:29:17.0822 2036 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:29:17.0838 2036 Tcpip - ok
16:29:17.0865 2036 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:29:17.0874 2036 TCPIP6 - ok
16:29:17.0917 2036 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:29:18.0006 2036 tcpipreg - ok
16:29:18.0052 2036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:29:18.0069 2036 TDPIPE - ok
16:29:18.0093 2036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:29:18.0097 2036 TDTCP - ok
16:29:18.0130 2036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:29:18.0134 2036 tdx - ok
16:29:18.0177 2036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
16:29:18.0180 2036 TermDD - ok
16:29:18.0254 2036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
16:29:18.0262 2036 TermService - ok
16:29:18.0292 2036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
16:29:18.0297 2036 Themes - ok
16:29:18.0308 2036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
16:29:18.0310 2036 THREADORDER - ok
16:29:18.0330 2036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
16:29:18.0337 2036 TrkWks - ok
16:29:18.0408 2036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:29:18.0418 2036 TrustedInstaller - ok
16:29:18.0460 2036 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:29:18.0479 2036 tssecsrv - ok
16:29:18.0531 2036 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:29:18.0533 2036 TsUsbFlt - ok
16:29:18.0582 2036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:29:18.0597 2036 tunnel - ok
16:29:18.0625 2036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:29:18.0626 2036 uagp35 - ok
16:29:18.0726 2036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:29:18.0738 2036 udfs - ok
16:29:18.0778 2036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:29:18.0780 2036 UI0Detect - ok
16:29:18.0802 2036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:29:18.0803 2036 uliagpkx - ok
16:29:18.0858 2036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
16:29:18.0877 2036 umbus - ok
16:29:18.0903 2036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:29:18.0904 2036 UmPass - ok
16:29:18.0934 2036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
16:29:18.0939 2036 upnphost - ok
16:29:18.0985 2036 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
16:29:18.0994 2036 usbaudio - ok
16:29:19.0024 2036 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:29:19.0046 2036 usbccgp - ok
16:29:19.0067 2036 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:29:19.0069 2036 usbcir - ok
16:29:19.0081 2036 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\windows\system32\drivers\usbehci.sys
16:29:19.0083 2036 usbehci - ok
16:29:19.0100 2036 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:29:19.0105 2036 usbhub - ok
16:29:19.0124 2036 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\windows\system32\drivers\usbohci.sys
16:29:19.0140 2036 usbohci - ok
16:29:19.0162 2036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:29:19.0175 2036 usbprint - ok
16:29:19.0208 2036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:29:19.0227 2036 USBSTOR - ok
16:29:19.0259 2036 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:29:19.0278 2036 usbuhci - ok
16:29:19.0316 2036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
16:29:19.0318 2036 UxSms - ok
16:29:19.0330 2036 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\windows\system32\lsass.exe
16:29:19.0331 2036 VaultSvc - ok
16:29:19.0376 2036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:29:19.0378 2036 vdrvroot - ok
16:29:19.0433 2036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
16:29:19.0449 2036 vds - ok
16:29:19.0465 2036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:29:19.0466 2036 vga - ok
16:29:19.0479 2036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
16:29:19.0480 2036 VgaSave - ok
16:29:19.0513 2036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:29:19.0516 2036 vhdmp - ok
16:29:19.0563 2036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
16:29:19.0575 2036 viaide - ok
16:29:19.0613 2036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:29:19.0616 2036 volmgr - ok
16:29:19.0676 2036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:29:19.0681 2036 volmgrx - ok
16:29:19.0701 2036 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:29:19.0705 2036 volsnap - ok
16:29:19.0767 2036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:29:19.0780 2036 vsmraid - ok
16:29:19.0863 2036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
16:29:19.0881 2036 VSS - ok
16:29:19.0897 2036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:29:19.0898 2036 vwifibus - ok
16:29:19.0915 2036 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:29:19.0917 2036 vwififlt - ok
16:29:19.0942 2036 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:29:19.0958 2036 vwifimp - ok
16:29:20.0008 2036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
16:29:20.0013 2036 W32Time - ok
16:29:20.0043 2036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:29:20.0054 2036 WacomPen - ok
16:29:20.0113 2036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:29:20.0115 2036 WANARP - ok
16:29:20.0118 2036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:29:20.0120 2036 Wanarpv6 - ok
16:29:20.0225 2036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
16:29:20.0235 2036 wbengine - ok
16:29:20.0275 2036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:29:20.0282 2036 WbioSrvc - ok
16:29:20.0333 2036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
16:29:20.0346 2036 wcncsvc - ok
16:29:20.0358 2036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:29:20.0360 2036 WcsPlugInService - ok
16:29:20.0371 2036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
16:29:20.0373 2036 Wd - ok
16:29:20.0437 2036 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:29:20.0443 2036 Wdf01000 - ok
16:29:20.0472 2036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
16:29:20.0486 2036 WdiServiceHost - ok
16:29:20.0491 2036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
16:29:20.0494 2036 WdiSystemHost - ok
16:29:20.0550 2036 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\windows\System32\webclnt.dll
16:29:20.0566 2036 WebClient - ok
16:29:20.0582 2036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
16:29:20.0596 2036 Wecsvc - ok
16:29:20.0614 2036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:29:20.0617 2036 wercplsupport - ok
16:29:20.0645 2036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
16:29:20.0648 2036 WerSvc - ok
16:29:20.0677 2036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:29:20.0687 2036 WfpLwf - ok
16:29:20.0706 2036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:29:20.0707 2036 WIMMount - ok
16:29:20.0742 2036 WinDefend - ok
16:29:20.0751 2036 WinHttpAutoProxySvc - ok
16:29:20.0823 2036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:29:20.0826 2036 Winmgmt - ok
16:29:20.0975 2036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
16:29:20.0988 2036 WinRM - ok
16:29:21.0028 2036 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:29:21.0030 2036 WinUsb - ok
16:29:21.0084 2036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
16:29:21.0091 2036 Wlansvc - ok
16:29:21.0167 2036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:29:21.0179 2036 WmiAcpi - ok
16:29:21.0216 2036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:29:21.0219 2036 wmiApSrv - ok
16:29:21.0240 2036 WMPNetworkSvc - ok
16:29:21.0263 2036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
16:29:21.0265 2036 WPCSvc - ok
16:29:21.0303 2036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:29:21.0305 2036 WPDBusEnum - ok
16:29:21.0355 2036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:29:21.0355 2036 ws2ifsl - ok
16:29:21.0377 2036 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
16:29:21.0381 2036 wscsvc - ok
16:29:21.0384 2036 WSearch - ok
16:29:21.0555 2036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
16:29:21.0576 2036 wuauserv - ok
16:29:21.0625 2036 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:29:21.0632 2036 WudfPf - ok
16:29:21.0707 2036 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:29:21.0709 2036 WUDFRd - ok
16:29:21.0744 2036 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:29:21.0758 2036 wudfsvc - ok
16:29:21.0810 2036 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\windows\System32\wwansvc.dll
16:29:21.0820 2036 WwanSvc - ok
16:29:21.0872 2036 ================ Scan global ===============================
16:29:21.0905 2036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
16:29:21.0953 2036 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
16:29:21.0959 2036 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
16:29:21.0994 2036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
16:29:22.0042 2036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
16:29:22.0045 2036 [Global] - ok
16:29:22.0046 2036 ================ Scan MBR ==================================
16:29:22.0066 2036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:29:22.0254 2036 \Device\Harddisk0\DR0 - ok
16:29:22.0255 2036 ================ Scan VBR ==================================
16:29:22.0257 2036 [ 0EA5911F0D426BF18528815F0C3ACBC9 ] \Device\Harddisk0\DR0\Partition1
16:29:22.0258 2036 \Device\Harddisk0\DR0\Partition1 - ok
16:29:22.0283 2036 [ E5BF274025B71E7DAEE08241F61DFA98 ] \Device\Harddisk0\DR0\Partition2
16:29:22.0308 2036 \Device\Harddisk0\DR0\Partition2 - ok
16:29:22.0308 2036 ============================================================
16:29:22.0308 2036 Scan finished
16:29:22.0308 2036 ============================================================
16:29:22.0323 1828 Detected object count: 0
16:29:22.0323 1828 Actual detected object count: 0
16:30:29.0312 1224 Deinitialize success
Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16521
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.527000 GHz
Memory total: 4208979968, free: 1771114496
=======================================
Initializing...
------------ Kernel report ------------
04/01/2014 16:28:53
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETw5s64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\70119395.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\msctf.dll
\Windows\System32\kernel32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\oleaut32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imm32.dll
\Windows\System32\setupapi.dll
\Windows\System32\wininet.dll
\Windows\System32\gdi32.dll
\Windows\System32\normaliz.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800680f060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004849050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800680f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800680fab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800680f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004849050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BF97002A
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 23068672
Partition 1 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 23070720 Numsec = 204800
Partition is not bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 23275520 Numsec = 572090726
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 595366246 Numsec = 381415066
Disk Size: 500113080320 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976763360-976783360)...
Done!
Scan Interrupted
Scan was aborted.
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-23070720-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16521
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.527000 GHz
Memory total: 4208979968, free: 1921839104
Downloaded database version: v2014.04.01.04
Downloaded database version: v2014.03.27.01
=======================================
Initializing...
------------ Kernel report ------------
04/01/2014 16:36:43
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETw5s64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\msctf.dll
\Windows\System32\kernel32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\oleaut32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imm32.dll
\Windows\System32\setupapi.dll
\Windows\System32\wininet.dll
\Windows\System32\gdi32.dll
\Windows\System32\normaliz.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800680f060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004849050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800680f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800680fab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800680f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004849050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BF97002A
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 23068672
Partition 1 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 23070720 Numsec = 204800
Partition is not bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 23275520 Numsec = 572090726
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 595366246 Numsec = 381415066
Disk Size: 500113080320 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976763360-976783360)...
Done!
Infected: C:\Users\Marcimeister\Desktop\Office 2010 Cracked\Aktivieren\mini-KMS_Activator_v1.052.exe --> [Riskware.Keygen]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-23070720-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16521
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.527000 GHz
Memory total: 4208979968, free: 2110627840
=======================================
------------ Kernel report ------------
04/01/2014 17:11:37
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETw5s64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imagehlp.dll
\Windows\System32\shlwapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\oleaut32.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\imm32.dll
\Windows\System32\gdi32.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\msctf.dll
\Windows\System32\Wldap32.dll
\Windows\System32\nsi.dll
\Windows\System32\iertutil.dll
\Windows\System32\shell32.dll
\Windows\System32\psapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\lpk.dll
\Windows\System32\advapi32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80067f2060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80046ed050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80067f2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80067f2b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80067f2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80046ed050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BF97002A
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 23068672
Partition 1 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 23070720 Numsec = 204800
Partition is not bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 23275520 Numsec = 572090726
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 595366246 Numsec = 381415066
Disk Size: 500113080320 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976763360-976783360)...
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-23070720-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
02.04.2014, 12:53
| #6 |
| /// the machine /// TB-Ausbilder | Werbungs-Ton im Hintergrund! hi, Scan mit Combofix
__________________ --> Werbungs-Ton im Hintergrund! |
|
06.04.2014, 13:56
| #7 |
| | Werbungs-Ton im Hintergrund! Hey Code:
ATTFilter ComboFix 14-04-05.01 - Marcimeister 06.04.2014 14:32:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4014.1888 [GMT 2:00]
ausgeführt von:: c:\users\Marcimeister\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-06 bis 2014-04-06 ))))))))))))))))))))))))))))))
.
.
2014-04-06 12:39 . 2014-04-06 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-04 14:39 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30B17D20-40B5-4E7D-9AB1-188364952BFC}\mpengine.dll
2014-04-01 14:28 . 2014-04-01 14:28 -------- d-----w- c:\programdata\Malwarebytes
2014-04-01 14:28 . 2014-04-01 15:11 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-01 14:28 . 2014-04-01 15:11 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-31 18:56 . 2014-03-31 18:57 -------- d-----w- C:\FRST
2014-03-31 16:13 . 2014-03-31 16:23 -------- d-----w- c:\users\Marcimeister\AppData\Roaming\uTorrent
2014-03-31 14:27 . 2014-03-31 14:27 -------- d-----w- c:\programdata\Licenses
2014-03-31 14:27 . 2014-03-31 14:27 -------- d-----w- c:\program files (x86)\Trojan Remover
2014-03-31 14:27 . 2014-03-31 14:27 -------- d-----w- c:\programdata\Simply Super Software
2014-03-28 09:12 . 2014-03-28 09:12 -------- d-----w- c:\users\Marcimeister\AppData\Roaming\dvdcss
2014-03-21 18:40 . 2014-03-21 18:40 -------- d-----w- c:\users\Marcimeister\AppData\Local\PAYDAY 2
2014-03-21 18:39 . 2014-03-21 18:39 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-03-21 18:39 . 2014-03-21 18:39 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-03-17 07:53 . 2014-03-17 07:53 -------- d-----w- c:\users\Marcimeister\AppData\Local\Skype
2014-03-17 07:53 . 2014-03-17 07:53 -------- d-----r- c:\program files (x86)\Skype
2014-03-13 22:57 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-13 22:57 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-13 22:57 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-13 22:57 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-13 22:51 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-13 22:51 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-13 22:51 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-13 22:51 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 20:26 . 2014-03-12 20:26 -------- d-----w- c:\users\Marcimeister\AppData\Roaming\OBS
2014-03-12 20:25 . 2014-03-12 20:25 -------- d-----w- c:\program files\OBS
2014-03-12 20:25 . 2014-03-12 20:25 -------- d-----w- c:\program files (x86)\OBS
2014-03-08 17:22 . 2014-03-08 17:22 -------- d-----w- c:\users\Marcimeister\AppData\Local\Macromedia
2014-03-08 17:21 . 2014-03-08 17:21 -------- d-----w- c:\programdata\McAfee
2014-03-08 17:12 . 2014-03-08 17:12 -------- d-----w- c:\users\Marcimeister\AppData\Local\Mozilla
2014-03-08 17:11 . 2014-03-30 09:42 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-03-08 15:22 . 2014-03-08 15:22 -------- d-----w- c:\users\Marcimeister\AppData\Local\SWTORPerf
2014-03-08 15:22 . 2014-03-30 18:17 -------- d-----w- c:\program files (x86)\Common Files\BioWare
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-15 09:39 . 2013-11-22 22:19 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-08 17:24 . 2013-12-11 11:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-08 17:24 . 2013-12-11 11:01 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-02 12:44 . 2013-11-22 16:46 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-02 12:25 . 2013-11-22 16:46 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-02-20 21:08 . 2014-02-20 21:08 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-03-07 3588952]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-02-25 1821888]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-23 98304]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-03-19 2408448]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-06-22 2793984]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-18 689744]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2014-01-23 1704720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys;c:\windows\SYSNATIVE\DRIVERS\btmhid.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS;c:\windows\SYSNATIVE\DRIVERS\EUCR6SK.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 17:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByC0CyB0Czz0B0FyEtD0FyEyB0FtN0D0Tzu0CyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=145845214&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
TCP: Interfaces\{E4DFE3FE-E6CE-42FE-B4B4-866878157950}: DhcpNameServer = 192.168.1.1 192.168.0.1
TCP: Interfaces\{E4DFE3FE-E6CE-42FE-B4B4-866878157950}\F623D275C414E43373: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Marcimeister\AppData\Roaming\Mozilla\Firefox\Profiles\du0f46vb.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-06 14:42:12
ComboFix-quarantined-files.txt 2014-04-06 12:42
.
Vor Suchlauf: 11 Verzeichnis(se), 101.175.713.792 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 101.052.919.808 Bytes frei
.
- - End Of File - - 6F9C527343F4BE7D766EA94ECC6878C3
|
|
07.04.2014, 12:37
| #8 |
| /// the machine /// TB-Ausbilder | Werbungs-Ton im Hintergrund! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Werbungs-Ton im Hintergrund! |
| avira, bereits, gefunde, gestartet, hintergrund, interne, internet, konnte, laptop, laufe, laufen, min, nichts, programm, remover, troja, trojan, verbindung, werbung, werbung im hintergrund, zweimal |
WARNUNG an die MITLESER: 
Linear-Darstellung
