Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: HEUR:Exploit Java. CVE-2012-4681.gen Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.11.2012, 20:42   #1
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Hallo zusammen,

da dies hier mein erster Beitrag im Forum ist, hoffe ich einfach alles richtig zu beschreiben.


Mein Kaspersky Internet Security 2013 hat folgende Malware bei mir auf dem 64 Bit Win 7 Rechner gefunden:

HEUR:Exploit Java. CVE-2012-4681.gen

Eine suche über Viruslist.com brachte leider keine Treffer um zu sehen um was für einen Plagegeist es sich handelt.

Mit dem Programm Malewarebytes Anti-Malware konnte (leider?) nichts gefunden werden

Log:

Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
stefan :: STEFAN-PC [Administrator]

Schutz: Aktiviert

05.11.2012 21:29:59
mbam-log-2012-11-05 (21-29-59).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 220674
Laufzeit: 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Logfile OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.11.2012 21:34:55 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\stefan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,59 Gb Available Physical Memory | 85,06% Memory free
31,96 Gb Paging File | 29,38 Gb Available in Paging File | 91,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 43,25 Gb Free Space | 38,69% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 391,04 Gb Free Space | 83,98% Space Free | Partition Type: NTFS
Drive F: | 252,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 3,98 Gb Total Space | 2,04 Gb Free Space | 51,25% Space Free | Partition Type: FAT32
 
Computer Name: STEFAN-PC | User Name: stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.05 21:34:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL.exe
PRC - [2012.11.02 19:18:26 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 19:54:26 | 000,981,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.21 21:38:46 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.09.06 02:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.08.21 09:24:20 | 002,417,152 | ---- | M] () -- D:\Programme\Usenext\UseNeXT.exe
PRC - [2012.08.17 20:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2011.05.19 14:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.19 14:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [1999.09.30 20:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.02 19:18:26 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012.10.01 19:45:48 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.10.01 19:45:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.10.01 19:45:48 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d27d5cced1b7d812f60e71d4e509661d\IAStorCommon.ni.dll
MOD - [2012.10.01 19:45:46 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ce7268841a00e097fc0b70869f10e780\IAStorUtil.ni.dll
MOD - [2012.10.01 19:45:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.10.01 19:45:42 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.10.01 19:45:40 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012.10.01 19:45:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.10.01 19:45:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.10.01 19:45:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.10.01 19:45:33 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.09.06 02:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.21 09:24:20 | 002,417,152 | ---- | M] () -- D:\Programme\Usenext\UseNeXT.exe
MOD - [2012.08.17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2012.07.11 13:39:26 | 000,160,768 | ---- | M] () -- D:\Programme\Usenext\unrar.dll
MOD - [2011.04.12 08:43:09 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2011.04.12 08:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.17 18:12:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.21 21:38:46 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.09.06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.17 20:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2011.05.19 14:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.16 17:18:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.27 18:10:08 | 000,611,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.09.19 13:05:39 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012.09.19 13:05:39 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.13 15:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012.08.02 14:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.06.19 16:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012.06.08 10:38:10 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 16:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.24 09:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.02.24 09:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.06.22 06:09:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.09.19 12:59:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.09.19 12:59:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.09.19 12:59:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.09.19 12:59:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.09.19 12:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.19 13:37:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.09.19 15:23:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.09.19 13:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stefan\AppData\Roaming\mozilla\Extensions
[2012.10.23 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stefan\AppData\Roaming\mozilla\Firefox\Profiles\d4i9qo8f.default\extensions
[2012.09.19 13:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.06 02:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C979849-8DA8-4186-B049-CC3787BE3C49}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{38905852-024f-11e2-99ed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{38905852-024f-11e2-99ed-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Bin\assetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.11.05 21:34:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL.exe
[2012.11.04 19:59:49 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Malwarebytes
[2012.11.04 19:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.04 19:59:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.04 19:59:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.04 19:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.04 19:57:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\MFAData
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Avg2013
[2012.11.02 21:21:09 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\LolClient
[2012.11.02 19:18:28 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\PMB Files
[2012.11.02 19:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.11.02 19:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.11.02 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\.swt
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrintKey2000
[2012.10.17 17:05:48 | 000,035,840 | R--- | C] (Avanquest Software) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS
[2012.10.17 17:05:01 | 000,000,000 | ---D | C] -- C:\Netgear
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\WinRAR
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.16 17:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.10.16 17:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.10.16 17:18:33 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.16 17:18:31 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
[2012.10.16 17:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.10.16 17:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.10.13 18:44:45 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Apple Computer
[2012.10.13 18:44:45 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Apple Computer
[2012.10.13 18:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.10.13 18:44:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.10.13 18:43:59 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Apple
[2012.10.13 18:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.10.13 18:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.10.13 18:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.10.13 18:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.10.13 18:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.10.13 18:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.10.07 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\vlc
[2012.10.07 11:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.10.07 11:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.05 21:34:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL.exe
[2012.11.05 21:16:55 | 000,000,168 | ---- | M] () -- C:\Users\stefan\defogger_reenable
[2012.11.05 21:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.05 21:04:30 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 21:04:30 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 21:03:26 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.05 21:03:26 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.05 21:03:26 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.05 21:03:26 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.05 21:03:26 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.05 20:57:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.05 20:57:24 | 4280,193,022 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.04 19:59:44 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.02 20:32:40 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.10.21 09:11:05 | 000,001,005 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2012.10.17 17:25:23 | 000,006,332 | ---- | M] () -- C:\Users\stefan\Desktop\Router_Setup.html
[2012.10.16 17:18:58 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.16 17:18:33 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.13 18:49:44 | 003,978,653 | ---- | M] () -- C:\Users\stefan\Desktop\01 Zedd - Spectrum ft. Matthew Kom 1.mp3
[2012.10.13 18:44:35 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.07 11:18:59 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
 
========== Files Created - No Company Name ==========
 
[2012.11.05 21:16:55 | 000,000,168 | ---- | C] () -- C:\Users\stefan\defogger_reenable
[2012.11.04 19:59:44 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.02 20:32:40 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.10.21 09:11:05 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2012.10.17 17:25:23 | 000,006,332 | ---- | C] () -- C:\Users\stefan\Desktop\Router_Setup.html
[2012.10.17 17:25:23 | 000,000,172 | R--- | C] () -- C:\Users\stefan\Desktop\Router Login.url
[2012.10.16 17:18:58 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.13 18:48:04 | 003,978,653 | ---- | C] () -- C:\Users\stefan\Desktop\01 Zedd - Spectrum ft. Matthew Kom 1.mp3
[2012.10.13 18:44:35 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 18:43:52 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.10.07 11:18:59 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.09.21 21:24:03 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.09.21 21:24:01 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.19 12:51:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.09.19 12:51:39 | 000,030,477 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.04 19:03:53 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
[2012.11.02 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\LolClient
[2012.09.21 17:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Origin
[2012.09.19 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Thunderbird
[2012.11.05 21:31:34 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\UseNeXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---



Eine Extra.txt habe ich leider nicht finden können.


Defogger habe ich wie im Forum beschrieben laufen lassen.


Macht mich Kaspersky nur verrückt, oder habe ich wirklich was böses eingefangen ?


Es wäre sehr nett wenn mir bei dem Problem jemand helfen könnte.

Vielen Dank im vorraus

:-)

Alt 07.11.2012, 13:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Zitat:
Macht mich Kaspersky nur verrückt, oder habe ich wirklich was böses eingefangen ?
Wie bitte sollen wir das beurteilen ohne das Log von Kaspersky? Nur der Schädlingsname reicht nicht. Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520
__________________

__________________

Alt 08.11.2012, 18:52   #3
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Ok danke das Du Dich der Sache annimmst.
Da ich keine Anleitung für Kaspersky gefunden habe versuch ich es gleich auf 2 Wegen, in der Hoffnung dass die von Dir gewünschten Logs dabei sind:

Code:
ATTFilter
   Typ: trojanisches Programm (6)	

Exploit.JS.Pdfka.ggd			Inaktiv	30.10.2012 18:48:06	hxxp://birds.genevafamilyymca.org/r/pricelist.php//	data0002	
HEUR:Exploit.Java.CVE-2012-4681.gen	Gefunden; nicht verarbeitet	08.11.2012 18:29:51	C:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\	c61d918-38349efd	
HEUR:Exploit.Java.CVE-2012-4681.gen	Gefunden; nicht verarbeitet	08.11.2012 18:29:51	C:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\	31c9a44a-70ceb3da	
HEUR:Trojan.Script.Generic		Inaktiv	07.11.2012 13:19:16	hxxp://cdn1.mashero.com/mashero/download/player/	swfobject.js	
HEUR:Trojan.Script.Iframer		Inaktiv	03.11.2012 19:09:02	hxxp://www.flashview.eu/	embed.php?live=AW47G&vw=700&vh=480	
HEUR:Trojan.Script.Iframer		Inaktiv	03.11.2012 19:08:49	hxxp://www.flashview.eu/	embed.php?live=TBML37&vw=700&vh=480
         
der komplette Scan von Kaspersky ist leider zu lang um ihn hier zu posten (hab ich versucht), aber ich habe die Treffer auch dort rauskopiert:

Code:
ATTFilter
    c61d918-38349efd	Nicht desinfizierte Objekte: HEUR:Exploit.Java.CVE-2012-4681.gen	08.11.2012 19:01:52	c:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\	Vom Benutzer übersprungen	Untersuchung des Computers	
c61d918-38349efd	Gefunden: HEUR:Exploit.Java.CVE-2012-4681.gen	08.11.2012 19:01:52	c:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\		Untersuchung des Computers		143572	1352389320	0
31c9a44a-70ceb3da	Nicht desinfizierte Objekte: HEUR:Exploit.Java.CVE-2012-4681.gen	08.11.2012 19:01:52	c:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\	Vom Benutzer übersprungen	Untersuchung des Computers	
31c9a44a-70ceb3da	Gefunden: HEUR:Exploit.Java.CVE-2012-4681.gen	08.11.2012 19:01:52	c:\Documents and Settings\stefan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\		Untersuchung des Computers		143572	1352389320	0
         

Ich glaube jetzt habe ich alles gewünschte gepostet oder habe ich etwas vergessen ?

Mit freundlichen Grüßen

OtherOne
__________________

Alt 08.11.2012, 19:40   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 08.11.2012, 20:55   #5
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-08 21:42:41
-----------------------------
21:42:41.226    OS Version: Windows x64 6.1.7601 Service Pack 1
21:42:41.226    Number of processors: 4 586 0x2A07
21:42:41.226    ComputerName: STEFAN-PC  UserName: stefan
21:42:41.382    Initialize success
21:43:59.935    AVAST engine defs: 12110800
21:48:13.592    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:48:13.607    Disk 0 Vendor: MKNSSDCR 501A Size: 114473MB BusType: 3
21:48:13.607    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
21:48:13.607    Disk 1 Vendor: WDC_WD50 15.0 Size: 476940MB BusType: 3
21:48:13.607    Disk 0 MBR read successfully
21:48:13.607    Disk 0 MBR scan
21:48:13.623    Disk 0 Windows 7 default MBR code
21:48:13.623    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS       114471 MB offset 2048
21:48:13.623    Disk 0 scanning C:\Windows\system32\drivers
21:48:15.542    Service scanning
21:48:20.284    Modules scanning
21:48:20.284    Disk 0 trace - called modules:
21:48:20.284    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
21:48:20.300    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800f210060]
21:48:20.300    3 CLASSPNP.SYS[fffff88001dc243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800cd91050]
21:48:20.456    AVAST engine scan C:\Windows
21:48:20.815    AVAST engine scan C:\Windows\system32
21:49:05.385    AVAST engine scan C:\Windows\system32\drivers
21:49:07.631    AVAST engine scan C:\Users\stefan
21:49:10.627    AVAST engine scan C:\ProgramData
21:49:15.728    Scan finished successfully
21:49:33.215    Disk 0 MBR has been saved successfully to "C:\Users\stefan\Desktop\MBR.dat"
21:49:33.215    The log file has been saved successfully to "C:\Users\stefan\Desktop\aswMBR.txt"
         


Code:
ATTFilter
21:51:59.0059 5076  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:51:59.0433 5076  ============================================================
21:51:59.0433 5076  Current date / time: 2012/11/08 21:51:59.0433
21:51:59.0433 5076  SystemInfo:
21:51:59.0433 5076  
21:51:59.0433 5076  OS Version: 6.1.7601 ServicePack: 1.0
21:51:59.0433 5076  Product type: Workstation
21:51:59.0433 5076  ComputerName: STEFAN-PC
21:51:59.0433 5076  UserName: stefan
21:51:59.0433 5076  Windows directory: C:\Windows
21:51:59.0433 5076  System windows directory: C:\Windows
21:51:59.0433 5076  Running under WOW64
21:51:59.0433 5076  Processor architecture: Intel x64
21:51:59.0433 5076  Number of processors: 4
21:51:59.0433 5076  Page size: 0x1000
21:51:59.0433 5076  Boot type: Normal boot
21:51:59.0433 5076  ============================================================
21:51:59.0589 5076  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:59.0605 5076  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:59.0620 5076  ============================================================
21:51:59.0620 5076  \Device\Harddisk0\DR0:
21:51:59.0620 5076  MBR partitions:
21:51:59.0620 5076  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
21:51:59.0620 5076  \Device\Harddisk1\DR1:
21:51:59.0620 5076  MBR partitions:
21:51:59.0620 5076  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:51:59.0620 5076  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:51:59.0620 5076  ============================================================
21:51:59.0620 5076  C: <-> \Device\Harddisk0\DR0\Partition1
21:51:59.0636 5076  D: <-> \Device\Harddisk1\DR1\Partition2
21:51:59.0636 5076  ============================================================
21:51:59.0636 5076  Initialize success
21:51:59.0636 5076  ============================================================
21:52:47.0169 6316  ============================================================
21:52:47.0169 6316  Scan started
21:52:47.0169 6316  Mode: Manual; SigCheck; TDLFS; 
21:52:47.0169 6316  ============================================================
21:52:47.0279 6316  ================ Scan system memory ========================
21:52:47.0279 6316  System memory - ok
21:52:47.0279 6316  ================ Scan services =============================
21:52:47.0310 6316  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:52:47.0357 6316  1394ohci - ok
21:52:47.0357 6316  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:52:47.0372 6316  ACPI - ok
21:52:47.0372 6316  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:52:47.0388 6316  AcpiPmi - ok
21:52:47.0419 6316  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:52:47.0419 6316  AdobeFlashPlayerUpdateSvc - ok
21:52:47.0435 6316  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:52:47.0435 6316  adp94xx - ok
21:52:47.0450 6316  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:52:47.0466 6316  adpahci - ok
21:52:47.0466 6316  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:52:47.0466 6316  adpu320 - ok
21:52:47.0466 6316  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:52:47.0497 6316  AeLookupSvc - ok
21:52:47.0497 6316  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:52:47.0513 6316  AFD - ok
21:52:47.0513 6316  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:52:47.0528 6316  agp440 - ok
21:52:47.0528 6316  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:52:47.0528 6316  ALG - ok
21:52:47.0544 6316  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:52:47.0544 6316  aliide - ok
21:52:47.0544 6316  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:52:47.0559 6316  amdide - ok
21:52:47.0559 6316  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:52:47.0559 6316  AmdK8 - ok
21:52:47.0559 6316  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:52:47.0575 6316  AmdPPM - ok
21:52:47.0575 6316  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:52:47.0591 6316  amdsata - ok
21:52:47.0591 6316  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:52:47.0591 6316  amdsbs - ok
21:52:47.0606 6316  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:52:47.0606 6316  amdxata - ok
21:52:47.0606 6316  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:52:47.0637 6316  AppID - ok
21:52:47.0637 6316  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:52:47.0653 6316  AppIDSvc - ok
21:52:47.0653 6316  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:52:47.0684 6316  Appinfo - ok
21:52:47.0684 6316  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:52:47.0700 6316  Apple Mobile Device - ok
21:52:47.0700 6316  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:52:47.0700 6316  arc - ok
21:52:47.0700 6316  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:52:47.0715 6316  arcsas - ok
21:52:47.0715 6316  [ 954950D11ADA98AC1B7EE3C770E4622C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:52:47.0731 6316  asmthub3 - ok
21:52:47.0731 6316  [ 01DBB05DB1DB95803E3C9F2B49AFE79C ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
21:52:47.0747 6316  asmtxhci - ok
21:52:47.0747 6316  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:52:47.0778 6316  AsyncMac - ok
21:52:47.0778 6316  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:52:47.0778 6316  atapi - ok
21:52:47.0793 6316  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:52:47.0825 6316  AudioEndpointBuilder - ok
21:52:47.0825 6316  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:52:47.0856 6316  AudioSrv - ok
21:52:47.0856 6316  [ F1CA8ED683D6945EFDC4492AB60B1460 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
21:52:47.0871 6316  AVP - ok
21:52:47.0871 6316  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:52:47.0887 6316  AxInstSV - ok
21:52:47.0887 6316  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:52:47.0903 6316  b06bdrv - ok
21:52:47.0918 6316  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:52:47.0918 6316  b57nd60a - ok
21:52:47.0918 6316  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:52:47.0934 6316  BDESVC - ok
21:52:47.0934 6316  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:52:47.0965 6316  Beep - ok
21:52:47.0965 6316  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:52:47.0996 6316  BFE - ok
21:52:47.0996 6316  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:52:48.0027 6316  BITS - ok
21:52:48.0027 6316  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:52:48.0043 6316  blbdrive - ok
21:52:48.0043 6316  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:52:48.0059 6316  Bonjour Service - ok
21:52:48.0059 6316  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:52:48.0074 6316  bowser - ok
21:52:48.0074 6316  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:52:48.0074 6316  BrFiltLo - ok
21:52:48.0074 6316  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:52:48.0090 6316  BrFiltUp - ok
21:52:48.0090 6316  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:52:48.0105 6316  Browser - ok
21:52:48.0105 6316  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:52:48.0121 6316  Brserid - ok
21:52:48.0121 6316  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:52:48.0137 6316  BrSerWdm - ok
21:52:48.0137 6316  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:52:48.0137 6316  BrUsbMdm - ok
21:52:48.0137 6316  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:52:48.0152 6316  BrUsbSer - ok
21:52:48.0152 6316  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:52:48.0168 6316  BTHMODEM - ok
21:52:48.0168 6316  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:52:48.0183 6316  bthserv - ok
21:52:48.0199 6316  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:\Windows\system32\drivers\BVRPMPR5a64.SYS
21:52:48.0199 6316  BVRPMPR5a64 - ok
21:52:48.0199 6316  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:52:48.0230 6316  cdfs - ok
21:52:48.0230 6316  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:52:48.0230 6316  cdrom - ok
21:52:48.0246 6316  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:52:48.0261 6316  CertPropSvc - ok
21:52:48.0261 6316  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:52:48.0277 6316  circlass - ok
21:52:48.0277 6316  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:52:48.0293 6316  CLFS - ok
21:52:48.0293 6316  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:52:48.0308 6316  clr_optimization_v2.0.50727_32 - ok
21:52:48.0308 6316  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:52:48.0324 6316  clr_optimization_v2.0.50727_64 - ok
21:52:48.0324 6316  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:52:48.0324 6316  clr_optimization_v4.0.30319_32 - ok
21:52:48.0339 6316  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:52:48.0339 6316  clr_optimization_v4.0.30319_64 - ok
21:52:48.0339 6316  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:52:48.0355 6316  CmBatt - ok
21:52:48.0355 6316  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:52:48.0355 6316  cmdide - ok
21:52:48.0371 6316  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
21:52:48.0386 6316  CNG - ok
21:52:48.0386 6316  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:52:48.0386 6316  Compbatt - ok
21:52:48.0402 6316  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:52:48.0402 6316  CompositeBus - ok
21:52:48.0402 6316  COMSysApp - ok
21:52:48.0402 6316  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:52:48.0417 6316  crcdisk - ok
21:52:48.0417 6316  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:52:48.0464 6316  CryptSvc - ok
21:52:48.0464 6316  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:52:48.0495 6316  DcomLaunch - ok
21:52:48.0495 6316  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:52:48.0527 6316  defragsvc - ok
21:52:48.0527 6316  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:52:48.0558 6316  DfsC - ok
21:52:48.0558 6316  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:52:48.0573 6316  Dhcp - ok
21:52:48.0573 6316  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:52:48.0605 6316  discache - ok
21:52:48.0605 6316  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:52:48.0605 6316  Disk - ok
21:52:48.0620 6316  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:52:48.0620 6316  Dnscache - ok
21:52:48.0636 6316  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:52:48.0651 6316  dot3svc - ok
21:52:48.0651 6316  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:52:48.0683 6316  DPS - ok
21:52:48.0683 6316  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:52:48.0683 6316  drmkaud - ok
21:52:48.0698 6316  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:52:48.0698 6316  dtsoftbus01 - ok
21:52:48.0714 6316  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:52:48.0729 6316  DXGKrnl - ok
21:52:48.0729 6316  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:52:48.0761 6316  EapHost - ok
21:52:48.0776 6316  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:52:48.0823 6316  ebdrv - ok
21:52:48.0823 6316  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:52:48.0823 6316  EFS - ok
21:52:48.0839 6316  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:52:48.0854 6316  ehRecvr - ok
21:52:48.0854 6316  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:52:48.0870 6316  ehSched - ok
21:52:48.0870 6316  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:52:48.0885 6316  elxstor - ok
21:52:48.0885 6316  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:52:48.0901 6316  ErrDev - ok
21:52:48.0901 6316  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:52:48.0932 6316  EventSystem - ok
21:52:48.0932 6316  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:52:48.0948 6316  exfat - ok
21:52:48.0963 6316  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:52:48.0979 6316  fastfat - ok
21:52:48.0995 6316  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:52:49.0010 6316  Fax - ok
21:52:49.0010 6316  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:52:49.0010 6316  fdc - ok
21:52:49.0010 6316  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:52:49.0041 6316  fdPHost - ok
21:52:49.0041 6316  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:52:49.0057 6316  FDResPub - ok
21:52:49.0057 6316  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:52:49.0073 6316  FileInfo - ok
21:52:49.0073 6316  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:52:49.0088 6316  Filetrace - ok
21:52:49.0104 6316  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:52:49.0104 6316  flpydisk - ok
21:52:49.0104 6316  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:52:49.0119 6316  FltMgr - ok
21:52:49.0135 6316  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:52:49.0151 6316  FontCache - ok
21:52:49.0151 6316  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:52:49.0151 6316  FontCache3.0.0.0 - ok
21:52:49.0166 6316  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:52:49.0166 6316  FsDepends - ok
21:52:49.0166 6316  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:52:49.0182 6316  Fs_Rec - ok
21:52:49.0182 6316  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:52:49.0182 6316  fvevol - ok
21:52:49.0197 6316  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:52:49.0197 6316  gagp30kx - ok
21:52:49.0197 6316  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:52:49.0213 6316  GEARAspiWDM - ok
21:52:49.0213 6316  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:52:49.0244 6316  gpsvc - ok
21:52:49.0244 6316  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:52:49.0260 6316  hcw85cir - ok
21:52:49.0260 6316  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:52:49.0275 6316  HdAudAddService - ok
21:52:49.0275 6316  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:52:49.0291 6316  HDAudBus - ok
21:52:49.0291 6316  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:52:49.0291 6316  HidBatt - ok
21:52:49.0291 6316  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:52:49.0307 6316  HidBth - ok
21:52:49.0307 6316  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:52:49.0322 6316  HidIr - ok
21:52:49.0322 6316  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:52:49.0338 6316  hidserv - ok
21:52:49.0338 6316  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:52:49.0353 6316  HidUsb - ok
21:52:49.0353 6316  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:52:49.0385 6316  hkmsvc - ok
21:52:49.0385 6316  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:52:49.0385 6316  HomeGroupListener - ok
21:52:49.0400 6316  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:52:49.0400 6316  HomeGroupProvider - ok
21:52:49.0400 6316  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:52:49.0416 6316  HpSAMD - ok
21:52:49.0416 6316  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:52:49.0447 6316  HTTP - ok
21:52:49.0447 6316  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:52:49.0463 6316  hwpolicy - ok
21:52:49.0463 6316  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:52:49.0463 6316  i8042prt - ok
21:52:49.0478 6316  [ D1E30259353E7D8D1B713A76CDDEB88B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:52:49.0478 6316  iaStor - ok
21:52:49.0494 6316  [ 2F74D37E4D7D0B04136261C969F1D23D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:52:49.0494 6316  IAStorDataMgrSvc - ok
21:52:49.0494 6316  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:52:49.0509 6316  iaStorV - ok
21:52:49.0509 6316  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:52:49.0525 6316  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:52:49.0525 6316  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:52:49.0525 6316  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:49.0541 6316  idsvc - ok
21:52:49.0541 6316  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:52:49.0556 6316  iirsp - ok
21:52:49.0556 6316  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:52:49.0587 6316  IKEEXT - ok
21:52:49.0619 6316  [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:52:49.0650 6316  IntcAzAudAddService - ok
21:52:49.0650 6316  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:52:49.0650 6316  intelide - ok
21:52:49.0650 6316  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:52:49.0665 6316  intelppm - ok
21:52:49.0665 6316  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:52:49.0697 6316  IPBusEnum - ok
21:52:49.0697 6316  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:49.0712 6316  IpFilterDriver - ok
21:52:49.0712 6316  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:52:49.0743 6316  iphlpsvc - ok
21:52:49.0743 6316  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:52:49.0759 6316  IPMIDRV - ok
21:52:49.0759 6316  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:52:49.0775 6316  IPNAT - ok
21:52:49.0790 6316  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:52:49.0806 6316  iPod Service - ok
21:52:49.0806 6316  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:52:49.0821 6316  IRENUM - ok
21:52:49.0821 6316  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:52:49.0821 6316  isapnp - ok
21:52:49.0837 6316  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:52:49.0837 6316  iScsiPrt - ok
21:52:49.0837 6316  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:49.0853 6316  kbdclass - ok
21:52:49.0853 6316  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:52:49.0853 6316  kbdhid - ok
21:52:49.0868 6316  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:52:49.0868 6316  KeyIso - ok
21:52:49.0868 6316  [ 8B5219318DF5895ABD230C373F2DF18A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
21:52:49.0884 6316  kl1 - ok
21:52:49.0899 6316  [ 8191BB24F61EBCAF84719993C7F7B5C6 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
21:52:49.0899 6316  KLIF - ok
21:52:49.0915 6316  [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
21:52:49.0915 6316  KLIM6 - ok
21:52:49.0915 6316  [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
21:52:49.0931 6316  klkbdflt - ok
21:52:49.0931 6316  [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
21:52:49.0931 6316  klmouflt - ok
21:52:49.0931 6316  [ FFC0501A1EA742406F1904A0CFE3BFE2 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
21:52:49.0946 6316  kltdi - ok
21:52:49.0946 6316  [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
21:52:49.0946 6316  kneps - ok
21:52:49.0962 6316  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:52:49.0962 6316  KSecDD - ok
21:52:49.0962 6316  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:52:49.0977 6316  KSecPkg - ok
21:52:49.0977 6316  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:52:49.0993 6316  ksthunk - ok
21:52:50.0009 6316  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:52:50.0024 6316  KtmRm - ok
21:52:50.0040 6316  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:52:50.0055 6316  LanmanServer - ok
21:52:50.0055 6316  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:52:50.0087 6316  LanmanWorkstation - ok
21:52:50.0087 6316  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:52:50.0102 6316  lltdio - ok
21:52:50.0118 6316  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:52:50.0133 6316  lltdsvc - ok
21:52:50.0149 6316  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:52:50.0165 6316  lmhosts - ok
21:52:50.0165 6316  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:52:50.0180 6316  LSI_FC - ok
21:52:50.0180 6316  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:52:50.0180 6316  LSI_SAS - ok
21:52:50.0180 6316  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:52:50.0196 6316  LSI_SAS2 - ok
21:52:50.0196 6316  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:52:50.0211 6316  LSI_SCSI - ok
21:52:50.0211 6316  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:52:50.0227 6316  luafv - ok
21:52:50.0227 6316  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:52:50.0243 6316  MBAMProtector - ok
21:52:50.0243 6316  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:52:50.0258 6316  MBAMScheduler - ok
21:52:50.0258 6316  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:52:50.0274 6316  MBAMService - ok
21:52:50.0274 6316  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:52:50.0289 6316  Mcx2Svc - ok
21:52:50.0289 6316  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:52:50.0289 6316  megasas - ok
21:52:50.0305 6316  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:52:50.0305 6316  MegaSR - ok
21:52:50.0321 6316  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:52:50.0336 6316  MMCSS - ok
21:52:50.0336 6316  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:52:50.0367 6316  Modem - ok
21:52:50.0367 6316  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:52:50.0367 6316  monitor - ok
21:52:50.0383 6316  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:52:50.0383 6316  mouclass - ok
21:52:50.0383 6316  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:52:50.0399 6316  mouhid - ok
21:52:50.0399 6316  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:52:50.0399 6316  mountmgr - ok
21:52:50.0399 6316  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:52:50.0414 6316  MozillaMaintenance - ok
21:52:50.0414 6316  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:52:50.0430 6316  mpio - ok
21:52:50.0430 6316  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:52:50.0445 6316  mpsdrv - ok
21:52:50.0461 6316  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:52:50.0477 6316  MpsSvc - ok
21:52:50.0492 6316  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:52:50.0492 6316  MRxDAV - ok
21:52:50.0508 6316  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:50.0508 6316  mrxsmb - ok
21:52:50.0523 6316  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:50.0523 6316  mrxsmb10 - ok
21:52:50.0523 6316  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:50.0539 6316  mrxsmb20 - ok
21:52:50.0539 6316  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:52:50.0539 6316  msahci - ok
21:52:50.0555 6316  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:52:50.0555 6316  msdsm - ok
21:52:50.0555 6316  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:52:50.0570 6316  MSDTC - ok
21:52:50.0570 6316  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:52:50.0601 6316  Msfs - ok
21:52:50.0601 6316  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:52:50.0617 6316  mshidkmdf - ok
21:52:50.0617 6316  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:52:50.0633 6316  msisadrv - ok
21:52:50.0633 6316  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:52:50.0648 6316  MSiSCSI - ok
21:52:50.0664 6316  msiserver - ok
21:52:50.0664 6316  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:52:50.0679 6316  MSKSSRV - ok
21:52:50.0679 6316  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:52:50.0711 6316  MSPCLOCK - ok
21:52:50.0711 6316  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:52:50.0726 6316  MSPQM - ok
21:52:50.0726 6316  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:52:50.0742 6316  MsRPC - ok
21:52:50.0742 6316  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:52:50.0757 6316  mssmbios - ok
21:52:50.0757 6316  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:52:50.0773 6316  MSTEE - ok
21:52:50.0773 6316  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:52:50.0789 6316  MTConfig - ok
21:52:50.0789 6316  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:52:50.0804 6316  Mup - ok
21:52:50.0804 6316  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:52:50.0835 6316  napagent - ok
21:52:50.0835 6316  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:52:50.0851 6316  NativeWifiP - ok
21:52:50.0851 6316  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:52:50.0867 6316  NDIS - ok
21:52:50.0882 6316  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:52:50.0898 6316  NdisCap - ok
21:52:50.0898 6316  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:52:50.0929 6316  NdisTapi - ok
21:52:50.0929 6316  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:52:50.0945 6316  Ndisuio - ok
21:52:50.0945 6316  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:52:50.0976 6316  NdisWan - ok
21:52:50.0976 6316  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:52:50.0991 6316  NDProxy - ok
21:52:50.0991 6316  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:52:51.0023 6316  NetBIOS - ok
21:52:51.0023 6316  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:52:51.0038 6316  NetBT - ok
21:52:51.0038 6316  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:52:51.0054 6316  Netlogon - ok
21:52:51.0054 6316  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:52:51.0085 6316  Netman - ok
21:52:51.0085 6316  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:52:51.0116 6316  netprofm - ok
21:52:51.0116 6316  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:52:51.0116 6316  NetTcpPortSharing - ok
21:52:51.0132 6316  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:52:51.0132 6316  nfrd960 - ok
21:52:51.0132 6316  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:52:51.0163 6316  NlaSvc - ok
21:52:51.0163 6316  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:52:51.0179 6316  Npfs - ok
21:52:51.0194 6316  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:52:51.0210 6316  nsi - ok
21:52:51.0210 6316  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:52:51.0225 6316  nsiproxy - ok
21:52:51.0257 6316  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:52:51.0272 6316  Ntfs - ok
21:52:51.0272 6316  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:52:51.0303 6316  Null - ok
21:52:51.0303 6316  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:52:51.0303 6316  NVHDA - ok
21:52:51.0444 6316  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:52:51.0569 6316  nvlddmkm - ok
21:52:51.0569 6316  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:52:51.0584 6316  nvraid - ok
21:52:51.0584 6316  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:52:51.0600 6316  nvstor - ok
21:52:51.0600 6316  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc           C:\Windows\system32\nvvsvc.exe
21:52:51.0615 6316  NVSvc - ok
21:52:51.0631 6316  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:52:51.0647 6316  nvUpdatusService - ok
21:52:51.0647 6316  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:52:51.0662 6316  nv_agp - ok
21:52:51.0662 6316  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:52:51.0678 6316  ohci1394 - ok
21:52:51.0678 6316  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:52:51.0693 6316  p2pimsvc - ok
21:52:51.0693 6316  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:52:51.0709 6316  p2psvc - ok
21:52:51.0709 6316  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:52:51.0725 6316  Parport - ok
21:52:51.0725 6316  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:52:51.0725 6316  partmgr - ok
21:52:51.0725 6316  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:52:51.0740 6316  PcaSvc - ok
21:52:51.0740 6316  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:52:51.0756 6316  pci - ok
21:52:51.0756 6316  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:52:51.0771 6316  pciide - ok
21:52:51.0771 6316  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:52:51.0771 6316  pcmcia - ok
21:52:51.0771 6316  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:52:51.0787 6316  pcw - ok
21:52:51.0787 6316  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:52:51.0818 6316  PEAUTH - ok
21:52:51.0849 6316  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:52:51.0849 6316  PerfHost - ok
21:52:51.0865 6316  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:52:51.0896 6316  pla - ok
21:52:51.0912 6316  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:52:51.0912 6316  PlugPlay - ok
21:52:51.0927 6316  PnkBstrA - ok
21:52:51.0927 6316  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:52:51.0927 6316  PNRPAutoReg - ok
21:52:51.0943 6316  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:52:51.0943 6316  PNRPsvc - ok
21:52:51.0959 6316  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:52:51.0974 6316  PolicyAgent - ok
21:52:51.0990 6316  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:52:52.0005 6316  Power - ok
21:52:52.0005 6316  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:52:52.0037 6316  PptpMiniport - ok
21:52:52.0037 6316  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:52:52.0037 6316  Processor - ok
21:52:52.0052 6316  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:52:52.0052 6316  ProfSvc - ok
21:52:52.0052 6316  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:52:52.0068 6316  ProtectedStorage - ok
21:52:52.0068 6316  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:52:52.0083 6316  Psched - ok
21:52:52.0099 6316  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:52:52.0130 6316  ql2300 - ok
21:52:52.0130 6316  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:52:52.0146 6316  ql40xx - ok
21:52:52.0146 6316  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:52:52.0161 6316  QWAVE - ok
21:52:52.0161 6316  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:52:52.0161 6316  QWAVEdrv - ok
21:52:52.0177 6316  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:52:52.0193 6316  RasAcd - ok
21:52:52.0193 6316  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:52:52.0208 6316  RasAgileVpn - ok
21:52:52.0224 6316  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:52:52.0239 6316  RasAuto - ok
21:52:52.0239 6316  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:52:52.0271 6316  Rasl2tp - ok
21:52:52.0271 6316  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:52:52.0302 6316  RasMan - ok
21:52:52.0302 6316  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:52:52.0317 6316  RasPppoe - ok
21:52:52.0317 6316  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:52:52.0349 6316  RasSstp - ok
21:52:52.0349 6316  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:52:52.0364 6316  rdbss - ok
21:52:52.0380 6316  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:52:52.0380 6316  rdpbus - ok
21:52:52.0380 6316  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:52:52.0411 6316  RDPCDD - ok
21:52:52.0411 6316  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:52:52.0427 6316  RDPENCDD - ok
21:52:52.0427 6316  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:52:52.0458 6316  RDPREFMP - ok
21:52:52.0458 6316  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:52:52.0458 6316  RdpVideoMiniport - ok
21:52:52.0473 6316  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:52:52.0473 6316  RDPWD - ok
21:52:52.0473 6316  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:52:52.0489 6316  rdyboost - ok
21:52:52.0489 6316  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:52:52.0520 6316  RemoteAccess - ok
21:52:52.0520 6316  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:52:52.0536 6316  RemoteRegistry - ok
21:52:52.0551 6316  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:52:52.0567 6316  RpcEptMapper - ok
21:52:52.0567 6316  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:52:52.0583 6316  RpcLocator - ok
21:52:52.0583 6316  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:52:52.0614 6316  RpcSs - ok
21:52:52.0614 6316  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:52:52.0629 6316  rspndr - ok
21:52:52.0645 6316  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:52:52.0645 6316  RTL8167 - ok
21:52:52.0645 6316  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:52:52.0661 6316  SamSs - ok
21:52:52.0661 6316  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:52:52.0676 6316  sbp2port - ok
21:52:52.0676 6316  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:52:52.0692 6316  SCardSvr - ok
21:52:52.0692 6316  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:52:52.0723 6316  scfilter - ok
21:52:52.0723 6316  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:52:52.0754 6316  Schedule - ok
21:52:52.0770 6316  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:52:52.0785 6316  SCPolicySvc - ok
21:52:52.0785 6316  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:52:52.0801 6316  SDRSVC - ok
21:52:52.0801 6316  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:52:52.0817 6316  secdrv - ok
21:52:52.0817 6316  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:52:52.0848 6316  seclogon - ok
21:52:52.0848 6316  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:52:52.0863 6316  SENS - ok
21:52:52.0879 6316  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:52:52.0879 6316  SensrSvc - ok
21:52:52.0879 6316  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:52:52.0895 6316  Serenum - ok
21:52:52.0895 6316  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:52:52.0895 6316  Serial - ok
21:52:52.0910 6316  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:52:52.0910 6316  sermouse - ok
21:52:52.0926 6316  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:52:52.0941 6316  SessionEnv - ok
21:52:52.0941 6316  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:52:52.0957 6316  sffdisk - ok
21:52:52.0957 6316  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:52:52.0957 6316  sffp_mmc - ok
21:52:52.0973 6316  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:52:52.0973 6316  sffp_sd - ok
21:52:52.0973 6316  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:52:52.0988 6316  sfloppy - ok
21:52:52.0988 6316  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:52:53.0019 6316  SharedAccess - ok
21:52:53.0019 6316  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:52:53.0051 6316  ShellHWDetection - ok
21:52:53.0051 6316  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:52:53.0051 6316  SiSRaid2 - ok
21:52:53.0051 6316  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:52:53.0066 6316  SiSRaid4 - ok
21:52:53.0066 6316  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:52:53.0082 6316  Smb - ok
21:52:53.0097 6316  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:52:53.0097 6316  SNMPTRAP - ok
21:52:53.0097 6316  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:52:53.0113 6316  spldr - ok
21:52:53.0113 6316  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:52:53.0129 6316  Spooler - ok
21:52:53.0160 6316  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:52:53.0207 6316  sppsvc - ok
21:52:53.0207 6316  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:52:53.0222 6316  sppuinotify - ok
21:52:53.0238 6316  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:52:53.0253 6316  srv - ok
21:52:53.0253 6316  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:52:53.0269 6316  srv2 - ok
21:52:53.0269 6316  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:52:53.0269 6316  srvnet - ok
21:52:53.0285 6316  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:52:53.0300 6316  SSDPSRV - ok
21:52:53.0300 6316  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:52:53.0331 6316  SstpSvc - ok
21:52:53.0331 6316  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:52:53.0347 6316  Stereo Service - ok
21:52:53.0347 6316  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:52:53.0347 6316  stexstor - ok
21:52:53.0363 6316  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:52:53.0378 6316  stisvc - ok
21:52:53.0378 6316  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:52:53.0378 6316  swenum - ok
21:52:53.0394 6316  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:52:53.0409 6316  swprv - ok
21:52:53.0425 6316  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:52:53.0456 6316  SysMain - ok
21:52:53.0456 6316  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:52:53.0472 6316  TabletInputService - ok
21:52:53.0472 6316  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:52:53.0503 6316  TapiSrv - ok
21:52:53.0503 6316  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:52:53.0534 6316  TBS - ok
21:52:53.0550 6316  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:52:53.0581 6316  Tcpip - ok
21:52:53.0597 6316  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:52:53.0612 6316  TCPIP6 - ok
21:52:53.0612 6316  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:52:53.0643 6316  tcpipreg - ok
21:52:53.0643 6316  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:52:53.0643 6316  TDPIPE - ok
21:52:53.0659 6316  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:52:53.0659 6316  TDTCP - ok
21:52:53.0659 6316  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:52:53.0690 6316  tdx - ok
21:52:53.0690 6316  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:52:53.0690 6316  TermDD - ok
21:52:53.0706 6316  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:52:53.0721 6316  TermService - ok
21:52:53.0737 6316  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:52:53.0737 6316  Themes - ok
21:52:53.0737 6316  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:52:53.0768 6316  THREADORDER - ok
21:52:53.0768 6316  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:52:53.0784 6316  TrkWks - ok
21:52:53.0799 6316  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:52:53.0815 6316  TrustedInstaller - ok
21:52:53.0815 6316  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:52:53.0846 6316  tssecsrv - ok
21:52:53.0846 6316  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:52:53.0846 6316  TsUsbFlt - ok
21:52:53.0846 6316  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:52:53.0862 6316  TsUsbGD - ok
21:52:53.0862 6316  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:52:53.0893 6316  tunnel - ok
21:52:53.0893 6316  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:52:53.0893 6316  uagp35 - ok
21:52:53.0893 6316  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:52:53.0924 6316  udfs - ok
21:52:53.0924 6316  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:52:53.0940 6316  UI0Detect - ok
21:52:53.0940 6316  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:52:53.0940 6316  uliagpkx - ok
21:52:53.0955 6316  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:52:53.0955 6316  umbus - ok
21:52:53.0955 6316  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:52:53.0971 6316  UmPass - ok
21:52:53.0971 6316  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:52:54.0002 6316  upnphost - ok
21:52:54.0002 6316  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:52:54.0002 6316  usbccgp - ok
21:52:54.0018 6316  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:52:54.0018 6316  usbcir - ok
21:52:54.0018 6316  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:52:54.0033 6316  usbehci - ok
21:52:54.0033 6316  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:52:54.0049 6316  usbhub - ok
21:52:54.0049 6316  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:52:54.0049 6316  usbohci - ok
21:52:54.0065 6316  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:52:54.0065 6316  usbprint - ok
21:52:54.0065 6316  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:52:54.0080 6316  USBSTOR - ok
21:52:54.0080 6316  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:52:54.0096 6316  usbuhci - ok
21:52:54.0096 6316  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:52:54.0111 6316  UxSms - ok
21:52:54.0111 6316  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:52:54.0127 6316  VaultSvc - ok
21:52:54.0127 6316  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:52:54.0127 6316  vdrvroot - ok
21:52:54.0143 6316  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:52:54.0158 6316  vds - ok
21:52:54.0174 6316  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:52:54.0174 6316  vga - ok
21:52:54.0174 6316  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:52:54.0205 6316  VgaSave - ok
21:52:54.0205 6316  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:52:54.0221 6316  vhdmp - ok
21:52:54.0221 6316  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:52:54.0221 6316  viaide - ok
21:52:54.0221 6316  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:52:54.0236 6316  volmgr - ok
21:52:54.0236 6316  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:52:54.0252 6316  volmgrx - ok
21:52:54.0252 6316  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:52:54.0267 6316  volsnap - ok
21:52:54.0267 6316  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:52:54.0267 6316  vsmraid - ok
21:52:54.0283 6316  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:52:54.0314 6316  VSS - ok
21:52:54.0330 6316  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:52:54.0330 6316  vwifibus - ok
21:52:54.0345 6316  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:52:54.0361 6316  W32Time - ok
21:52:54.0361 6316  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:52:54.0377 6316  WacomPen - ok
21:52:54.0377 6316  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:52:54.0392 6316  WANARP - ok
21:52:54.0408 6316  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:52:54.0423 6316  Wanarpv6 - ok
21:52:54.0439 6316  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:52:54.0455 6316  wbengine - ok
21:52:54.0470 6316  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:52:54.0470 6316  WbioSrvc - ok
21:52:54.0486 6316  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:52:54.0501 6316  wcncsvc - ok
21:52:54.0501 6316  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:52:54.0501 6316  WcsPlugInService - ok
21:52:54.0517 6316  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:52:54.0517 6316  Wd - ok
21:52:54.0517 6316  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:52:54.0533 6316  Wdf01000 - ok
21:52:54.0548 6316  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:52:54.0595 6316  WdiServiceHost - ok
21:52:54.0611 6316  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:52:54.0626 6316  WdiSystemHost - ok
21:52:54.0626 6316  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:52:54.0642 6316  WebClient - ok
21:52:54.0642 6316  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:52:54.0673 6316  Wecsvc - ok
21:52:54.0673 6316  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:52:54.0689 6316  wercplsupport - ok
21:52:54.0704 6316  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:52:54.0720 6316  WerSvc - ok
21:52:54.0720 6316  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:52:54.0751 6316  WfpLwf - ok
21:52:54.0751 6316  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:52:54.0751 6316  WIMMount - ok
21:52:54.0751 6316  WinDefend - ok
21:52:54.0751 6316  WinHttpAutoProxySvc - ok
21:52:54.0767 6316  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:52:54.0782 6316  Winmgmt - ok
21:52:54.0813 6316  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:52:54.0845 6316  WinRM - ok
21:52:54.0860 6316  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:52:54.0876 6316  Wlansvc - ok
21:52:54.0876 6316  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:52:54.0891 6316  WmiAcpi - ok
21:52:54.0891 6316  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:52:54.0907 6316  wmiApSrv - ok
21:52:54.0907 6316  WMPNetworkSvc - ok
21:52:54.0907 6316  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:52:54.0923 6316  WPCSvc - ok
21:52:54.0923 6316  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:52:54.0938 6316  WPDBusEnum - ok
21:52:54.0938 6316  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:52:54.0954 6316  ws2ifsl - ok
21:52:54.0954 6316  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:52:54.0969 6316  wscsvc - ok
21:52:54.0969 6316  WSearch - ok
21:52:55.0001 6316  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:52:55.0032 6316  wuauserv - ok
21:52:55.0032 6316  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:52:55.0047 6316  WudfPf - ok
21:52:55.0063 6316  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:52:55.0079 6316  WUDFRd - ok
21:52:55.0079 6316  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:52:55.0110 6316  wudfsvc - ok
21:52:55.0110 6316  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:52:55.0125 6316  WwanSvc - ok
21:52:55.0125 6316  ================ Scan global ===============================
21:52:55.0125 6316  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:52:55.0125 6316  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:52:55.0125 6316  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:52:55.0141 6316  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:52:55.0141 6316  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:52:55.0141 6316  [Global] - ok
21:52:55.0141 6316  ================ Scan MBR ==================================
21:52:55.0141 6316  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:52:55.0157 6316  \Device\Harddisk0\DR0 - ok
21:52:55.0157 6316  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:52:55.0391 6316  \Device\Harddisk1\DR1 - ok
21:52:55.0391 6316  ================ Scan VBR ==================================
21:52:55.0391 6316  [ AE7E94A783D00EF885EB499084D14C57 ] \Device\Harddisk0\DR0\Partition1
21:52:55.0391 6316  \Device\Harddisk0\DR0\Partition1 - ok
21:52:55.0391 6316  [ 8EE29C00968FC039770EE66447C9AC9B ] \Device\Harddisk1\DR1\Partition1
21:52:55.0391 6316  \Device\Harddisk1\DR1\Partition1 - ok
21:52:55.0391 6316  [ F843F83FEABB1F904F474E09B221A772 ] \Device\Harddisk1\DR1\Partition2
21:52:55.0391 6316  \Device\Harddisk1\DR1\Partition2 - ok
21:52:55.0406 6316  ============================================================
21:52:55.0406 6316  Scan finished
21:52:55.0406 6316  ============================================================
21:52:55.0406 5428  Detected object count: 1
21:52:55.0406 5428  Actual detected object count: 1
21:53:06.0045 5428  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:53:06.0045 5428  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:53:33.0165 3220  Deinitialize success
         


Alt 09.11.2012, 15:05   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Ok, offensichtlich keine Rootkits

Mach bitte einen CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
--> HEUR:Exploit Java. CVE-2012-4681.gen Trojaner

Alt 10.11.2012, 22:47   #7
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.11.2012 23:42:26 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\stefan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 14,92 Gb Available Physical Memory | 93,34% Memory free
31,96 Gb Paging File | 30,21 Gb Available in Paging File | 94,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 43,99 Gb Free Space | 39,36% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 442,48 Gb Free Space | 95,02% Space Free | Partition Type: NTFS
 
Computer Name: STEFAN-PC | User Name: stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.10 23:37:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL(1).exe
PRC - [2012.11.02 19:18:26 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.21 21:38:46 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.08.17 20:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2011.05.19 14:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.19 14:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [1999.09.30 20:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.02 19:18:26 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012.10.01 19:45:48 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.10.01 19:45:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.10.01 19:45:48 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d27d5cced1b7d812f60e71d4e509661d\IAStorCommon.ni.dll
MOD - [2012.10.01 19:45:46 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ce7268841a00e097fc0b70869f10e780\IAStorUtil.ni.dll
MOD - [2012.10.01 19:45:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.10.01 19:45:42 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.10.01 19:45:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.10.01 19:45:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.10.01 19:45:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.10.01 19:45:33 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2011.04.12 08:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.17 18:12:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.21 21:38:46 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.09.06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.17 20:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2011.05.19 14:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.16 17:18:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.27 18:10:08 | 000,611,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.09.19 13:05:39 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012.09.19 13:05:39 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.13 15:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012.08.02 14:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.06.19 16:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012.06.08 10:38:10 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 16:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.24 09:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.02.24 09:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.06.22 06:09:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2859456644-1951350787-3301863327-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2859456644-1951350787-3301863327-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2859456644-1951350787-3301863327-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.09.19 12:59:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.09.19 12:59:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.09.19 12:59:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.09.19 12:59:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.09.19 12:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.19 13:37:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.09.19 15:23:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.09.19 13:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stefan\AppData\Roaming\mozilla\Extensions
[2012.10.23 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\stefan\AppData\Roaming\mozilla\Firefox\Profiles\d4i9qo8f.default\extensions
[2012.09.19 13:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.06 02:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2859456644-1951350787-3301863327-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2859456644-1951350787-3301863327-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2859456644-1951350787-3301863327-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C979849-8DA8-4186-B049-CC3787BE3C49}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{38905852-024f-11e2-99ed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{38905852-024f-11e2-99ed-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Bin\assetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.11.10 23:37:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL(1).exe
[2012.11.08 21:50:38 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\stefan\Desktop\tdsskiller.exe
[2012.11.08 21:40:39 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\stefan\Desktop\aswMBR.exe
[2012.11.04 19:59:49 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Malwarebytes
[2012.11.04 19:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.04 19:59:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.04 19:59:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.04 19:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.04 19:57:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\MFAData
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.11.04 19:57:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Avg2013
[2012.11.02 21:21:09 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\LolClient
[2012.11.02 19:18:28 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\PMB Files
[2012.11.02 19:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.11.02 19:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.11.02 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\stefan\.swt
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2012.10.21 09:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrintKey2000
[2012.10.17 17:05:48 | 000,035,840 | R--- | C] (Avanquest Software) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS
[2012.10.17 17:05:01 | 000,000,000 | ---D | C] -- C:\Netgear
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\WinRAR
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.16 17:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.16 17:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.10.16 17:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.10.16 17:18:33 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.16 17:18:31 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
[2012.10.16 17:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.10.16 17:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.10.13 18:44:45 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Roaming\Apple Computer
[2012.10.13 18:44:45 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Apple Computer
[2012.10.13 18:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.10.13 18:44:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.10.13 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.10.13 18:43:59 | 000,000,000 | ---D | C] -- C:\Users\stefan\AppData\Local\Apple
[2012.10.13 18:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.10.13 18:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.10.13 18:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.10.13 18:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.10.13 18:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.10.13 18:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.10 23:37:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefan\Desktop\OTL(1).exe
[2012.11.10 23:35:03 | 000,052,118 | ---- | M] () -- C:\Users\stefan\Desktop\85104-otl-otlogfile-by-oldtimer.html
[2012.11.10 23:30:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.10 23:30:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.10 13:09:09 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.10 13:09:09 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.10 13:09:09 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.10 13:09:09 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.10 13:09:09 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.10 12:41:30 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.10 12:41:30 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.10 12:34:23 | 4280,193,022 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.08 21:50:40 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\stefan\Desktop\tdsskiller.exe
[2012.11.08 21:49:33 | 000,000,512 | ---- | M] () -- C:\Users\stefan\Desktop\MBR.dat
[2012.11.08 21:40:57 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\stefan\Desktop\aswMBR.exe
[2012.11.05 21:16:55 | 000,000,168 | ---- | M] () -- C:\Users\stefan\defogger_reenable
[2012.11.04 19:59:44 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.02 20:32:40 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.10.21 09:11:05 | 000,001,005 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2012.10.17 17:25:23 | 000,006,332 | ---- | M] () -- C:\Users\stefan\Desktop\Router_Setup.html
[2012.10.16 17:18:58 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.16 17:18:33 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.13 18:49:44 | 003,978,653 | ---- | M] () -- C:\Users\stefan\Desktop\01 Zedd - Spectrum ft. Matthew Kom 1.mp3
[2012.10.13 18:44:35 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2012.11.10 23:35:03 | 000,052,118 | ---- | C] () -- C:\Users\stefan\Desktop\85104-otl-otlogfile-by-oldtimer.html
[2012.11.08 21:49:33 | 000,000,512 | ---- | C] () -- C:\Users\stefan\Desktop\MBR.dat
[2012.11.05 21:16:55 | 000,000,168 | ---- | C] () -- C:\Users\stefan\defogger_reenable
[2012.11.04 19:59:44 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.02 20:32:40 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.10.21 09:11:05 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2012.10.17 17:25:23 | 000,006,332 | ---- | C] () -- C:\Users\stefan\Desktop\Router_Setup.html
[2012.10.17 17:25:23 | 000,000,172 | R--- | C] () -- C:\Users\stefan\Desktop\Router Login.url
[2012.10.16 17:18:58 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.13 18:48:04 | 003,978,653 | ---- | C] () -- C:\Users\stefan\Desktop\01 Zedd - Spectrum ft. Matthew Kom 1.mp3
[2012.10.13 18:44:35 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 18:43:52 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.21 21:24:03 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.09.21 21:24:01 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.19 12:51:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.09.19 12:51:39 | 000,030,477 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.06 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
[2012.11.02 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\LolClient
[2012.09.21 17:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Origin
[2012.09.19 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Thunderbird
[2012.11.10 23:42:13 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\UseNeXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.19 12:47:25 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.09.19 12:47:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.09.19 12:52:07 | 000,000,000 | ---D | M] -- C:\Intel
[2012.10.17 17:25:56 | 000,000,000 | ---D | M] -- C:\Netgear
[2012.09.21 21:42:33 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.16 17:23:22 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.04 19:59:43 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.04 19:59:43 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.09.19 12:47:21 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.09.19 12:47:21 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.11.10 23:43:11 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.09.21 21:43:52 | 000,000,000 | ---D | M] -- C:\temp
[2012.09.19 12:49:29 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.10 12:56:47 | 000,000,000 | ---D | M] -- C:\Windows
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.19 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Adobe
[2012.10.13 18:45:07 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Apple Computer
[2012.11.06 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
[2012.09.19 12:47:26 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Identities
[2012.09.19 12:54:22 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\InstallShield
[2012.09.19 12:56:27 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Intel Corporation
[2012.11.02 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\LolClient
[2012.09.19 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Macromedia
[2012.11.04 19:59:49 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Malwarebytes
[2011.04.12 08:54:43 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Media Center Programs
[2012.09.19 13:53:21 | 000,000,000 | --SD | M] -- C:\Users\stefan\AppData\Roaming\Microsoft
[2012.09.19 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Mozilla
[2012.09.21 17:21:09 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Origin
[2012.09.19 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\Thunderbird
[2012.11.10 23:42:13 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\UseNeXT
[2012.10.23 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\vlc
[2012.10.16 17:23:40 | 000,000,000 | ---D | M] -- C:\Users\stefan\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >

< End of report >
         
--- --- ---

Alt 11.11.2012, 20:50   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Ist unauffällig. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 12.11.2012, 19:46   #9
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Dank Dir nochmal für die ganze Mühe die Du Dir machst.

1.
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
stefan :: STEFAN-PC [Administrator]

Schutz: Aktiviert

12.11.2012 20:39:15
mbam-log-2012-11-12 (20-39-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 221129
Laufzeit: 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

2. Beim Eset Online Scanner erscheint leider der Fehlerhinweiss:
Can no get update, ist proxy configured ?

Ich hab keinen Proxy im Einsatz. Internet Verbindung ist da und stabil.
Woran kanns noch liegen ?

Alt 12.11.2012, 19:54   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Zitat:
2. Beim Eset Online Scanner erscheint leider der Fehlerhinweiss:
Can no get update, ist proxy configured ?
Bitte prüfen


Falsche Proxy Einstellungen entfernen
  • Klicke im Start-Menü unter "Einstellungen" auf "Systemsteuerung" -> "Internetoptionen".
  • Wähle die Karteikarte "Verbindungen->Lan-Einstellungen“ und überprüfe ob bei Proxyserver ein Häkchen steht,
    wenn ja -> Entfernen, dann -> OK (sofern nicht richtige Eintragung)


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 12.11.2012, 19:59   #11
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Kein Häckchen gesetzt. Eset gibt noch den Hinweiss das Windows Defender aktiviert ist, aber den habe ich deaktiviert.

Alt 12.11.2012, 20:27   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Dieses Setup von ESET von runterladen => http://filepony.de/download-eset_online_scanner/
Beende danach alle Programme und starte das Setup via Rechtklick => als Administrator ausführen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 12.11.2012, 20:46   #13
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Habe die Datei auf den Deskop gespeichert, danach alle Programme über den Task Manager geschlossen. Das Setup als Administrator gestartet aber das Problem bleibt bestehen.

Was mach ich nur falsch ?

Alt 12.11.2012, 21:10   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



Kaspersky Internet Security 2013 vllt mal deaktivieren?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 12.11.2012, 21:23   #15
otherone
 
HEUR:Exploit Java. CVE-2012-4681.gen  Trojaner - Standard

HEUR:Exploit Java. CVE-2012-4681.gen Trojaner



wie gesagt hab Kaspersky + Windows Firewall + Windows Defender deaktiviert.


Antwort

Themen zu HEUR:Exploit Java. CVE-2012-4681.gen Trojaner
.com, administrator, adobe, avg, bho, bonjour, ebanking, explorer, firefox, flash player, format, helper, heur, heur:exploit java. cve-2012-4681.gen, home, internet, internet security 2013, java., kaspersky, kaspersky internet security 2013, launch, league of legends, malware, mozilla, nvidia update, pando media booster, problem, programm, realtek, registry, security, software, spielen, tastatur, trojaner, usenext



Ähnliche Themen: HEUR:Exploit Java. CVE-2012-4681.gen Trojaner


  1. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (12)
  2. Kaspersky findet 2 trojanische Programme (Windows 7): HEUR:Exploit.Java.CVE-2012-1723.gen und Exploit.Java.CVE-2012-1723.nh
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (14)
  3. Trojaner HEUR:Exploit.Java.CVE-2012-1723.gen in c:\documents and settings\***\appdata\locallow\sun\java\deployment\cache\6.0\34\ gefunden
    Log-Analyse und Auswertung - 30.05.2013 (7)
  4. Trojaner: HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (37)
  5. Trojaner HEUR:Exploit.Java.CVE-2012-1723.gen von Kasperskyscan entdeckt
    Log-Analyse und Auswertung - 09.04.2013 (18)
  6. Trojaner gefunden: HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (3)
  7. HEUR:Exploit.Java.CVE-2012-0507.gen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (40)
  8. Trojan-Downloader.JS.Expack.ack / Exploit.Java.CVE-2012-4681.gen
    Log-Analyse und Auswertung - 30.01.2013 (15)
  9. Trojaner HEUR:Exploit.Java.CVE-2012-0507.gen und HEUR:Exploit.Java.Generic
    Log-Analyse und Auswertung - 26.01.2013 (24)
  10. "HEUR:Exploit.Java.CVE-2012-4681.gen" entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (2)
  11. Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?
    Plagegeister aller Art und deren Bekämpfung - 08.01.2013 (29)
  12. HEUR:Exploit.Java.CVE-2012-1723.gen in c:/documents and settings/.../appdata/locallow/sun/java/deployment/cache/6.0/1/3935ec1-7693a783
    Plagegeister aller Art und deren Bekämpfung - 14.12.2012 (2)
  13. HEUR:Exploit.Java.CVE-2012-4681.gen
    Log-Analyse und Auswertung - 26.11.2012 (23)
  14. HEUR:Exploit.Java.CVE-2012-4681.gen" sowie mehrfach Exploit.Java.CVE-2012-0507.ou mit kaspersky gefunden in C:Dokumente und Einstellungen ge
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (11)
  15. HEUR:Exploit.Java.CVE-2012-1723.gen
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (15)
  16. HEUR:Exploit.Java.CVE-2012-4681.gen -wie entfernen
    Mülltonne - 15.11.2012 (1)
  17. Trijaner-Downloader.JS.Agent.gmg+Heur:Exploit.Java.CVE.2012-4681.ger
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)

Zum Thema HEUR:Exploit Java. CVE-2012-4681.gen Trojaner - Hallo zusammen, da dies hier mein erster Beitrag im Forum ist, hoffe ich einfach alles richtig zu beschreiben. Mein Kaspersky Internet Security 2013 hat folgende Malware bei mir auf dem - HEUR:Exploit Java. CVE-2012-4681.gen Trojaner...
Archiv
Du betrachtest: HEUR:Exploit Java. CVE-2012-4681.gen Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.