| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner mit Webcam - Windows 7 x64Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
19.12.2012, 00:43
| #1 |
| |  GVU Trojaner mit Webcam - Windows 7 x64 Guten Abend. Habe mir trotz Bitdefender Internet Security 2013 den GVU Virus mit Webcam eingefangen. Habe es mit mehrere Male an und Abmelden des Benutzers geschafft, im Windows zu bleiben ohne dass der GVU Virus angezeigt wird. Ich konnte nicht auf den Taskmanager zugreifen. Dann habe ich mit Bitdefender einen Scan durchgeführt und dabei wurde die wgsdgsdgdsgsd.exe unter anderem gefunden und gelöscht. Bin nach wie vor im Windows 7. Taskmanager geht wieder, Registry kann ich auch öffnen. Möchte jetzt gerne auf Nummer sichergehen, dass er vom System ist. Wie gehe ich nun vor? Soll ich den PC noch anlassen oder besser in den abgesicherten Modus gehen? Habe mal eine OTL Log erstellt: Code:
ATTFilter OTL logfile created on: 19.12.2012 00:29:48 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tazz\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 5,16 Gb Available Physical Memory | 65,39% Memory free 15,79 Gb Paging File | 13,22 Gb Available in Paging File | 83,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,14 Gb Total Space | 33,66 Gb Free Space | 28,25% Space Free | Partition Type: NTFS Drive D: | 856,51 Gb Total Space | 14,59 Gb Free Space | 1,70% Space Free | Partition Type: NTFS Drive E: | 75,00 Gb Total Space | 51,81 Gb Free Space | 69,09% Space Free | Partition Type: NTFS Drive F: | 465,76 Gb Total Space | 107,77 Gb Free Space | 23,14% Space Free | Partition Type: NTFS Drive G: | 232,88 Gb Total Space | 172,84 Gb Free Space | 74,22% Space Free | Partition Type: NTFS Computer Name: *** | User Name: Tazz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tazz\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97a6208b8fe4bd3d5df927b264371f9c\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ace8db575fae1df9c3b463589bf6a254\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender) SRV - (vncserver) -- D:\Programme\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd) SRV - (cFosSpeedS) -- C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (OODefragAgent) -- C:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () SRV - (ISCTAgent) -- C:\Programme\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe () SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (Mezzmo) -- D:\Programme\Conceiva\Mezzmo\MezzmoMediaServer.exe (Conceiva Pty. Ltd.) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (WPRO_41_2001) -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys () DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.) DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender) DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender) DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.) DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin) DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (cFosSpeed) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys () DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys () DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys () DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (asahci64) -- C:\Windows\SysNative\drivers\asahci64.sys (Asmedia Technology) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASPI32) -- C:\Windows\SysWow64\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 52 88 B7 F6 77 CD CD 01 [binary data] IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 79 33 78 9F 65 CD 01 [binary data] IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5 FF - prefs.js..extensions.enabledAddons: de_DE%40dicts.j3e.de:20120628 FF - prefs.js..extensions.enabledAddons: en-US%40dictionaries.addons.mozilla.org:6.0 FF - prefs.js..extensions.enabledAddons: FasterFox_Lite%40BigRedBrent:3.9.9Lite FF - prefs.js..extensions.enabledAddons: %7B54BB9F3F-07E5-486c-9B39-C7398B99391C%7D:4.0.2011021601 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5 FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:0.9.5 FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.7 FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.0.3 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4pre.121214a FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2012.12.07 09:14:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.03 20:08:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012.12.07 09:14:49 | 000,000,000 | ---D | M] [2012.07.19 12:30:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\Extensions [2012.12.15 18:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\Firefox\Profiles\fydbk2t8.default\extensions [2012.07.19 15:59:08 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\Tazz\AppData\Roaming\mozilla\Firefox\Profiles\fydbk2t8.default\extensions\de_DE@dicts.j3e.de [2012.08.08 18:57:03 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Tazz\AppData\Roaming\mozilla\Firefox\Profiles\fydbk2t8.default\extensions\en-US@dictionaries.addons.mozilla.org [2012.09.26 21:42:24 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Tazz\AppData\Roaming\mozilla\Firefox\Profiles\fydbk2t8.default\extensions\FasterFox_Lite@BigRedBrent [2012.11.15 17:50:10 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\adblockpopups@jessehakanen.net.xpi [2012.11.19 20:35:46 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\elemhidehelper@adblockplus.org.xpi [2012.07.19 12:41:03 | 000,015,719 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\restartless.restart@erikvold.com.xpi [2012.12.10 20:19:54 | 000,194,065 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2012.07.18 20:14:28 | 000,050,631 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2012.12.05 22:10:56 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012.11.23 19:48:00 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.12.15 18:48:42 | 000,745,982 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012.11.21 06:59:12 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012.07.18 13:25:38 | 000,105,386 | ---- | M] () (No name found) -- C:\Users\Tazz\AppData\Roaming\mozilla\firefox\profiles\fydbk2t8.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2012.07.19 12:30:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.12.03 20:08:05 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.28 19:21:43 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.08.23 18:12:31 | 000,000,942 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4:64bit: - HKLM..\Run: [cFosSpeed] C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = D:\Programme\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.) O4 - Startup: C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TV-Browser.url () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3891414293-3399734981-3286602172-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24DF9C4C-8269-4C41-9A0F-1E74F4FFBE42}: NameServer = 192.168.1.2 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{83fe5c13-fb6f-11e1-a8d2-bc5ff43ac9a8}\Shell - "" = AutoRun O33 - MountPoints2\{83fe5c13-fb6f-11e1-a8d2-bc5ff43ac9a8}\Shell\AutoRun\command - "" = J:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.19 00:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tazz\Desktop\OTL.exe [2012.12.18 23:53:16 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tazz\Desktop\aswMBR.exe [2012.12.18 23:38:22 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.12.18 23:38:21 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.12.18 23:38:21 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.12.18 23:38:21 | 000,095,184 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.12.18 23:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.12.18 23:34:34 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012.12.18 22:52:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.12.12 22:47:25 | 000,000,000 | ---D | C] -- C:\Temp [2012.12.11 22:36:16 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.12.11 22:36:15 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.12.11 22:36:15 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.12.11 22:36:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.12.11 22:36:15 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.12.11 22:36:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.12.11 22:36:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.12.11 22:36:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.12.11 22:36:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.12.11 22:36:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.12.11 22:36:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.12.11 22:36:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.12.11 22:36:14 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.12.11 22:36:14 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.12.11 22:36:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.12.11 22:34:11 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.12.11 22:34:11 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.12.11 22:34:11 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.12.11 22:34:11 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.12.11 22:34:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.11 22:34:10 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.12.11 22:34:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.12.11 22:34:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.12.11 22:34:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.12.11 22:34:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.12.11 22:34:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.12.11 22:34:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.12.11 22:34:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.12.11 22:34:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.12.11 22:34:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.12.11 22:34:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.12.11 22:34:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.12.11 22:34:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.12.11 22:34:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.12.11 22:34:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.12.11 22:33:08 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.12.11 22:33:08 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.12.11 22:33:02 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.11 22:33:02 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.11 22:33:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.11 22:33:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.08 15:37:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files [2012.12.08 13:00:09 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Roaming\Skype [2012.12.08 13:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.12.08 13:00:07 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.12.08 13:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.12.08 13:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.12.07 09:18:25 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys [2012.12.07 09:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013 [2012.12.07 09:14:49 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys [2012.12.07 09:14:49 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys [2012.12.07 09:14:47 | 000,705,552 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2012.12.07 09:14:47 | 000,587,024 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2012.12.07 09:14:46 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Roaming\Bitdefender [2012.12.07 09:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2012.12.07 09:14:11 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2012.12.07 09:14:11 | 000,145,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys [2012.12.07 00:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2012.12.06 23:35:54 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Roaming\liQeNSoft [2012.12.06 23:35:54 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Local\liQeNSoft [2012.12.06 23:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2012.12.06 22:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2012.12.06 22:53:31 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll [2012.12.06 22:50:47 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Roaming\QuickScan [2012.12.06 21:24:28 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Roaming\TeamViewer [2012.12.04 16:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2012.12.04 16:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2012.12.04 16:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2012.12.04 16:46:56 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.12.04 16:46:56 | 020,335,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.12.04 16:46:56 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.12.04 16:46:56 | 015,122,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.12.04 16:46:56 | 009,271,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.12.04 16:46:56 | 007,819,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.12.04 16:46:56 | 007,446,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.12.04 16:46:56 | 006,149,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.12.04 16:46:56 | 002,784,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.12.04 16:46:56 | 002,606,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.12.04 16:46:56 | 002,496,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.12.04 16:46:56 | 002,226,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.12.04 16:46:56 | 001,874,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.12.04 16:46:56 | 000,841,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.12.04 16:46:56 | 000,417,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2012.12.04 16:46:56 | 000,361,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2012.12.04 16:46:56 | 000,245,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.12.04 16:46:56 | 000,201,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.12.02 17:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit [2012.12.02 17:53:06 | 000,000,000 | ---D | C] -- C:\Users\Tazz\Documents\My Games [2012.12.02 17:47:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2012.12.02 17:47:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2012.12.02 17:47:09 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2012.12.02 17:47:09 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2012.12.02 17:47:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2012.12.02 17:47:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2012.12.02 17:47:08 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2012.12.02 17:47:08 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2012.12.02 17:47:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012.12.02 17:47:08 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012.12.02 17:47:08 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2012.12.02 17:47:08 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012.12.02 17:47:08 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012.12.02 17:47:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012.12.02 17:47:08 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2012.12.02 17:47:08 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012.12.02 17:47:08 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2012.12.02 17:47:08 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012.12.02 17:47:08 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012.12.02 17:47:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012.12.02 17:47:08 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012.12.02 17:47:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012.12.02 17:47:07 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.12.02 17:47:07 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.12.02 17:47:07 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.12.02 17:47:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.12.02 17:47:07 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012.12.02 17:47:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012.12.02 17:47:07 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.12.02 17:47:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012.12.02 17:47:07 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.12.02 17:47:07 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012.12.02 17:47:07 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012.12.02 17:47:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012.12.02 17:47:06 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.12.02 17:47:06 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.12.02 17:47:06 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012.12.02 17:47:06 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.12.02 17:47:06 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.12.02 17:47:06 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012.12.02 17:47:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.12.02 17:47:06 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.12.02 17:47:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.12.02 17:47:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012.12.02 17:47:05 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.12.02 17:47:05 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.12.02 17:47:05 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.12.02 17:47:05 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.12.02 17:47:05 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.12.02 17:47:05 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.12.02 17:47:05 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.12.02 17:47:05 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.12.02 17:47:05 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.12.02 17:47:05 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.12.02 17:47:05 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.12.02 17:47:05 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.12.02 17:47:05 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.12.02 17:47:05 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.12.02 17:47:05 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.12.02 17:47:05 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012.12.02 17:47:05 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.12.02 17:47:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.12.02 17:47:04 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.12.02 17:47:04 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.12.02 17:47:04 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.12.02 17:47:04 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.12.02 17:47:04 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.12.02 17:47:04 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.12.02 17:47:04 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.12.02 17:47:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.12.02 17:47:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.12.02 17:47:04 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.12.02 17:47:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.12.02 17:47:04 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.12.02 17:47:04 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.12.02 17:47:04 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.12.02 17:47:04 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.12.02 17:47:04 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.12.02 17:47:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.12.02 17:47:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.12.02 17:47:03 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.12.02 17:47:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.12.02 17:47:03 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.12.02 17:47:03 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.12.02 17:47:03 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.12.02 17:47:03 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.12.02 17:47:03 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.12.02 17:47:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.12.02 17:47:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.12.02 17:47:03 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.12.02 17:47:03 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.12.02 17:47:03 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.12.02 17:47:03 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.12.02 17:47:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.12.02 17:47:02 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.12.02 17:47:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.12.02 17:47:02 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.12.02 17:47:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.12.02 17:47:02 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.12.02 17:47:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.12.02 17:47:02 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.12.02 17:47:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.12.02 17:47:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.12.02 17:47:02 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.12.02 17:47:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.12.02 17:47:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.12.02 17:47:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.12.02 17:47:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.12.02 17:47:01 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.12.02 17:47:01 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.12.02 17:47:01 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.12.02 17:47:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.12.02 17:47:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.12.02 17:47:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.12.02 17:47:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.12.02 17:47:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.12.02 17:47:01 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.12.02 17:47:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.12.02 17:47:00 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.12.02 17:47:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.12.02 17:47:00 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.12.02 17:47:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.12.02 17:47:00 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.12.02 17:47:00 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.12.02 17:47:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.12.02 17:47:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.12.02 17:47:00 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.12.02 17:47:00 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.12.02 17:47:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.12.02 17:47:00 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.12.02 17:47:00 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.12.02 17:46:59 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.12.02 17:46:59 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.12.02 17:46:59 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.12.02 17:46:59 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.12.02 17:46:59 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.12.02 17:46:59 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.12.02 17:46:59 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.12.02 17:46:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.12.02 17:46:58 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012.12.02 17:46:58 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012.12.02 17:46:58 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.12.02 17:46:58 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.12.02 17:46:58 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.12.02 17:46:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.12.02 17:46:58 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.12.02 17:46:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.12.02 17:46:57 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.12.02 17:46:57 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.12.02 17:46:57 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.12.02 17:46:57 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.12.02 17:46:57 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.12.02 17:46:57 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.12.02 17:46:57 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.12.02 17:46:57 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.12.02 17:46:57 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.12.02 17:46:57 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.12.02 17:46:57 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.12.02 17:46:57 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.12.02 17:46:57 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.12.02 17:46:57 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.12.02 17:46:57 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.12.02 17:46:57 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.12.02 17:46:55 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.12.02 17:46:55 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.12.02 17:46:55 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.12.02 17:46:55 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.12.02 17:46:55 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.12.02 17:46:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.12.02 17:46:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.12.02 17:46:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.12.02 17:46:55 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.12.02 17:46:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.12.02 17:46:55 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.12.02 17:46:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.12.02 17:46:54 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.12.02 17:46:54 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.12.02 17:46:54 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.12.02 17:46:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.12.02 17:46:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.12.02 17:46:54 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.12.02 17:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012.11.25 23:47:08 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Local\ElevatedDiagnostics [2012.11.25 22:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2012.11.25 22:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.11.25 22:25:09 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.11.25 22:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.11.22 20:36:02 | 000,000,000 | ---D | C] -- C:\Users\Tazz\AppData\Local\SKIDROW [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.19 00:15:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tazz\Desktop\OTL.exe [2012.12.18 23:53:51 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tazz\Desktop\aswMBR.exe [2012.12.18 23:38:19 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.12.18 23:38:19 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.12.18 23:38:19 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.12.18 23:38:19 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.12.18 23:38:19 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.12.18 23:38:19 | 000,095,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.12.18 23:32:55 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [2012.12.18 23:32:35 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.12.18 23:16:16 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.12.18 23:16:16 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.12.18 23:16:16 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.12.18 23:16:16 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.12.18 23:16:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.12.18 23:15:42 | 000,031,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.18 23:15:42 | 000,031,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.18 23:10:22 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys [2012.12.18 23:10:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.18 23:10:16 | 000,232,232 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2012.12.18 15:59:21 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.12.18 15:59:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.12.17 18:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [2012.12.17 18:06:53 | 000,000,132 | ---- | M] () -- C:\Users\Tazz\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2012.12.13 19:23:55 | 000,000,398 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml [2012.12.12 17:18:15 | 004,974,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.12.08 13:00:08 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.12.07 09:18:25 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys [2012.12.07 09:15:04 | 000,402,303 | ---- | M] () -- C:\ProgramData\1354868042.bdinstall.bin [2012.12.07 09:14:55 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01 [2012.12.07 09:14:55 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr [2012.12.07 09:14:55 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01 [2012.12.07 09:13:07 | 000,219,660 | ---- | M] () -- C:\ProgramData\1354867946.bdinstall.bin [2012.12.07 00:33:55 | 000,614,705 | ---- | M] () -- C:\ProgramData\1354836554.bdinstall.bin [2012.12.07 00:33:50 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml [2012.12.07 00:28:15 | 000,053,964 | ---- | M] () -- C:\ProgramData\1354836479.bdinstall.bin [2012.12.07 00:23:10 | 000,293,307 | ---- | M] () -- C:\ProgramData\1354836131.bdinstall.bin [2012.12.07 00:21:11 | 000,053,964 | ---- | M] () -- C:\ProgramData\1354836061.bdinstall.bin [2012.12.07 00:03:53 | 000,227,711 | ---- | M] () -- C:\ProgramData\1354835007.bdinstall.bin [2012.12.06 23:22:46 | 000,497,879 | ---- | M] () -- C:\ProgramData\1354832451.bdinstall.bin [2012.12.06 23:17:21 | 000,223,150 | ---- | M] () -- C:\ProgramData\1354832168.bdinstall.bin [2012.12.06 22:55:18 | 000,640,478 | ---- | M] () -- C:\ProgramData\1354830587.bdinstall.bin [2012.12.03 16:47:14 | 026,811,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.12.03 16:47:14 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.12.03 16:47:14 | 020,335,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.12.03 16:47:14 | 018,045,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.12.03 16:47:14 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.12.03 16:47:14 | 015,122,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.12.03 16:47:14 | 015,016,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.12.03 16:47:14 | 012,603,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.12.03 16:47:14 | 009,271,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.12.03 16:47:14 | 007,819,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.12.03 16:47:14 | 007,446,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.12.03 16:47:14 | 006,149,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.12.03 16:47:14 | 002,816,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.12.03 16:47:14 | 002,784,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.12.03 16:47:14 | 002,606,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.12.03 16:47:14 | 002,496,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.12.03 16:47:14 | 002,226,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.12.03 16:47:14 | 001,874,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.12.03 16:47:14 | 001,805,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012.12.03 16:47:14 | 001,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.12.03 16:47:14 | 000,983,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012.12.03 16:47:14 | 000,841,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.12.03 16:47:14 | 000,417,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2012.12.03 16:47:14 | 000,361,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2012.12.03 16:47:14 | 000,245,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.12.03 16:47:14 | 000,201,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.12.03 16:47:14 | 000,014,446 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.12.02 17:53:19 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.12.02 17:47:19 | 000,282,512 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.12.01 06:49:26 | 003,663,213 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012.12.01 06:49:26 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012.12.01 06:49:25 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012.12.01 06:49:25 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012.12.01 06:48:41 | 006,223,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012.12.01 06:48:37 | 003,311,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012.11.30 21:33:03 | 000,007,608 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012.11.25 22:25:09 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.11.25 02:19:47 | 000,000,715 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk [2012.11.22 21:16:56 | 000,001,755 | ---- | M] () -- C:\Users\Tazz\Desktop\Hitman Absolution.lnk [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.12.18 23:25:48 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.12.13 17:40:19 | 000,000,398 | ---- | C] () -- C:\Windows\SysNative\checkdnsid.xml [2012.12.08 13:00:08 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.12.07 09:15:04 | 000,402,303 | ---- | C] () -- C:\ProgramData\1354868042.bdinstall.bin [2012.12.07 09:14:55 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01 [2012.12.07 09:14:44 | 037,133,532 | -H-- | C] () -- C:\bdr-im01.gz [2012.12.07 09:14:44 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01 [2012.12.07 09:14:44 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01 [2012.12.07 09:14:44 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr [2012.12.07 09:13:07 | 000,219,660 | ---- | C] () -- C:\ProgramData\1354867946.bdinstall.bin [2012.12.07 00:33:55 | 000,614,705 | ---- | C] () -- C:\ProgramData\1354836554.bdinstall.bin [2012.12.07 00:33:50 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml [2012.12.07 00:28:15 | 000,053,964 | ---- | C] () -- C:\ProgramData\1354836479.bdinstall.bin [2012.12.07 00:23:10 | 000,293,307 | ---- | C] () -- C:\ProgramData\1354836131.bdinstall.bin [2012.12.07 00:21:11 | 000,053,964 | ---- | C] () -- C:\ProgramData\1354836061.bdinstall.bin [2012.12.07 00:03:53 | 000,227,711 | ---- | C] () -- C:\ProgramData\1354835007.bdinstall.bin [2012.12.06 23:22:46 | 000,497,879 | ---- | C] () -- C:\ProgramData\1354832451.bdinstall.bin [2012.12.06 23:17:21 | 000,223,150 | ---- | C] () -- C:\ProgramData\1354832168.bdinstall.bin [2012.12.06 22:55:18 | 000,640,478 | ---- | C] () -- C:\ProgramData\1354830587.bdinstall.bin [2012.12.06 21:19:52 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2012.11.25 02:19:47 | 000,000,715 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk [2012.11.22 21:16:56 | 000,001,755 | ---- | C] () -- C:\Users\Tazz\Desktop\Hitman Absolution.lnk [2012.11.16 20:12:58 | 000,000,132 | ---- | C] () -- C:\Users\Tazz\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2012.09.14 23:43:34 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012.09.05 17:29:02 | 000,000,043 | ---- | C] () -- C:\Windows\MezzmoMediaServer.INI [2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.07.22 19:19:17 | 000,007,608 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.07.18 16:45:57 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012.05.15 01:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.03.19 22:37:12 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012.03.19 22:37:12 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012.03.19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.03.19 21:23:38 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2012.01.03 08:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.02 17:07:19 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\abgx360 [2012.09.14 23:16:43 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\avidemux [2012.12.07 09:14:46 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Bitdefender [2012.09.10 19:34:55 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\DAEMON Tools Lite [2012.11.03 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\ImgBurn [2012.07.22 10:20:41 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Leadertech [2012.12.06 23:35:54 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\liQeNSoft [2012.09.14 23:32:40 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\mkvtoolnix [2012.08.09 19:04:46 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Nokia [2012.12.04 19:15:28 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Notepad++ [2012.07.20 15:59:36 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Origin [2012.11.04 19:34:03 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\PACE Anti-Piracy [2012.08.09 19:04:46 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\PC Suite [2012.08.23 19:47:50 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\picpick [2012.12.06 22:50:47 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\QuickScan [2012.08.31 22:16:17 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\Samsung [2012.07.18 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\six-updater [2012.07.18 15:27:32 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\six-zsync [2012.11.17 09:42:01 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.12.06 22:59:05 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\TeamViewer [2012.12.18 23:32:56 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\TV-Browser [2012.11.16 07:19:51 | 000,000,000 | ---D | M] -- C:\Users\Tazz\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 1242 bytes -> C:\Users\Tazz\AppData\Local\Temp:aMm6w9BAH6tYNoGq3C1o3uCkQhR < End of report > Vielen Dank schon mal für jede Hilfe! |
|
19.12.2012, 02:48
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  GVU Trojaner mit Webcam - Windows 7 x64 Hallo und
__________________ Zitat:
 Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
19.12.2012, 14:00
| #3 |
| | GVU Trojaner mit Webcam - Windows 7 x64 Einverstanden!
__________________Hier die Bitdefender Log: Code:
ATTFilter <?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\Bitdefender\Bitdefender 2013\ondemand.xsl"?>
<ScanSession creator="Bitdefender Internet Security 2013" name="System-Scan" installPath="C:\Program Files\Bitdefender\Bitdefender 2013\" creationDate="Mittwoch, 19. Dezember 2012 00:18:42" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1355871849_3_02.xml" >
<ScanSettings
statisticsRefreshInterval="1000"
scanSpeed="1.000000"
lowPriority="0"
enableExclusions="1"
enableTaskExclusions="0"
scanAdware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanKeyloggers="1"
scanFiles="1"
scanAllFiles="1"
scanProgramsOnly="0"
useCustomPrograms="0"
customPrograms=""
scanUserDefined="0"
scanPacked="1"
scanArchives="1"
useSmartScan="1"
scanEmails="1"
scanRootkits="0"
scanAllRootkits="1"
scanBoot="1"
scanMemory="1"
scanRegistry="1"
quickScan="1"
quickScanMemory="0"
quickScanAutoruns="0"
quickScanPlugins="1"
scanCookies="1"
shutdownAfter="0"
passwordPrompt="0"
onlyAllowedActions="1"
deepArchiveScan="1"
maxArchiveLevel="15"
maxArchiveSize="0"
infectedAction1="3"
infectedAction2="7"
suspectAction1="7"
suspectAction2="1"
rootkitAction="3"
userDefinedExtensions=""
>
<ScanPaths>
<path>C:\</path>
<path>D:\</path>
<path>E:\</path>
<path>F:\</path>
<path>G:\</path>
</ScanPaths>
<ExcludedPaths>
</ExcludedPaths>
<ExcludedExtensions>
</ExcludedExtensions>
</ScanSettings>
<EngineSummary
totalSignatures="8399753"
/>
<ScanSummary
scannedArchives="17"
scannedPacked="2"
startTime="1355871849"
duration="855105"
>
<TypeSummary type="1"
scanned="10"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="4"
scanned="275"
infected="11"
suspicious="0"
disinfected="0"
deleted="11"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="0"
scanned="512905"
infected="1"
suspicious="0"
disinfected="0"
deleted="1"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="5"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="2"
scanned="4267"
infected="1"
suspicious="0"
disinfected="0"
deleted="1"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="3"
scanned="2036"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
<TypeSummary type="6"
scanned="19"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
</ScanSummary>
<ScanDetails>
<UnresolvedDetails>
</UnresolvedDetails>
<ResolvedDetails>
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\ZP95YG0W.txt" threatType="0" threatName="Cookie.Apmebf" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\Low\DXB4C8T8.txt" threatType="0" threatName="Cookie.WebTrends" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\1T15FBQ4.txt" threatType="0" threatName="Cookie.QuestionMarket" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\Low\444FSMS6.txt" threatType="0" threatName="Cookie.Rub" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="2" path="c:\Users\Tazz\wgsdgsdgdsgsd.dll" threatType="0" threatName="Gen:Variant.Kazy.128936" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\BQ4GAFTY.txt" threatType="0" threatName="Cookie.DoubleClick" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\73VMSUZ3.txt" threatType="0" threatName="Cookie.BS.Serving-Sys" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\SFTL8WF6.txt" threatType="0" threatName="Cookie.FastClick" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\Low\AW6ZDKIN.txt" threatType="0" threatName="Cookie.DoubleClick" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJAANHOZ.txt" threatType="0" threatName="Cookie.BS.Serving-Sys" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\IJI6SB87.txt" threatType="0" threatName="Cookie.TradeDoubler" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Tazz\AppData\Roaming\Microsoft\Windows\Cookies\Low\35D4ZG07.txt" threatType="0" threatName="Cookie.Advertising" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
</ResolvedDetails>
<IgnoredDetails>
</IgnoredDetails>
<QuickScanDetails>
</QuickScanDetails>
<NotScannedDetails
skipped="150508"
ioerrors="0"
archiveBombs="0"
passwordProtected="0"
>
</NotScannedDetails>
</ScanDetails>
</ScanSession>
|
|
19.12.2012, 23:09
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner mit Webcam - Windows 7 x64 Das kann ja wohl schlecht alles sein, denn da werden nur Cookies aufgelistet und du hast von einem ganz anderen Fund gesprochen. Bitte alle Logs mit allen Funden posten Und bitte nicht im XML-Format, speicher das Log bitte im TXT-Format ab!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.12.2012, 23:23
| #5 |
| | GVU Trojaner mit Webcam - Windows 7 x64 c:\Users\Tazz\wgsdgsdgdsgsd.dll ist dort auch aufgelistet. Das ist die einzige Möglichkeit aus dem Bitdefender eine Log zu exportieren. Dort heißt es "Protokoll Speichern" und es wird nur eine .xml Datei gespeichert. //Edit Habe mich im Ausgangspost geirrt, es war eine .dll und keine .exe aber der Dateiname ist der gleiche. |
|
19.12.2012, 23:33
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner mit Webcam - Windows 7 x64Zitat:
 Shice unübersichtliches XML-Format  Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> GVU Trojaner mit Webcam - Windows 7 x64 |
|
20.12.2012, 14:51
| #7 |
| | GVU Trojaner mit Webcam - Windows 7 x64 Die aswMBR Log (aswMBR funktionierte nicht mehr, folglich habe ich auf "AV scan" (none) gestellt) Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-20 14:37:43
-----------------------------
14:37:43.375 OS Version: Windows x64 6.1.7601 Service Pack 1
14:37:43.375 Number of processors: 4 586 0x3A09
14:37:43.375 ComputerName: TAZZ-PC UserName: Tazz
14:37:43.484 Initialize success
14:37:47.416 AVAST engine defs: 12122000
14:37:51.238 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
14:37:51.238 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 122104MB BusType: 3
14:37:51.238 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3
14:37:51.238 Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
14:37:51.238 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-4
14:37:51.253 Disk 2 Vendor: SAMSUNG_ CR10 Size: 476940MB BusType: 3
14:37:51.253 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IAAStorageDevice-5
14:37:51.253 Disk 3 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 3
14:37:51.269 Disk 0 MBR read successfully
14:37:51.269 Disk 0 MBR scan
14:37:51.331 Disk 0 Windows 7 default MBR code
14:37:51.347 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:37:51.347 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
14:37:51.846 Disk 0 scanning C:\Windows\system32\drivers
14:37:55.044 Service scanning
14:37:55.777 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
14:37:55.777 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
14:38:01.393 Modules scanning
14:38:01.393 Disk 0 trace - called modules:
14:38:01.409 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:38:01.409 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009cfd060]
14:38:01.409 3 CLASSPNP.SYS[fffff88001fba43f] -> nt!IofCallDriver -> [0xfffffa80078174a0]
14:38:01.424 5 ACPI.sys[fffff88000f057a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800781a050]
14:38:01.424 Scan finished successfully
14:39:24.963 Disk 0 MBR has been saved successfully to "C:\Users\Tazz\Desktop\MBR.dat"
14:39:25.009 The log file has been saved successfully to "C:\Users\Tazz\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-20 14:42:55
-----------------------------
14:42:55.578 OS Version: Windows x64 6.1.7601 Service Pack 1
14:42:55.578 Number of processors: 4 586 0x3A09
14:42:55.578 ComputerName: *** UserName: Tazz
14:42:55.703 Initialize success
14:42:59.649 AVAST engine defs: 12122000
14:43:01.958 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
14:43:01.958 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 122104MB BusType: 3
14:43:01.958 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3
14:43:01.958 Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
14:43:01.958 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-4
14:43:01.974 Disk 2 Vendor: SAMSUNG_ CR10 Size: 476940MB BusType: 3
14:43:01.974 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IAAStorageDevice-5
14:43:01.974 Disk 3 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 3
14:43:01.989 Disk 0 MBR read successfully
14:43:01.989 Disk 0 MBR scan
14:43:02.052 Disk 0 Windows 7 default MBR code
14:43:02.052 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:43:02.067 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
14:43:02.426 Disk 0 scanning C:\Windows\system32\drivers
14:43:06.981 Service scanning
14:43:07.449 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
14:43:07.465 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
14:43:13.128 Modules scanning
14:43:13.128 Disk 0 trace - called modules:
14:43:13.128 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:43:13.143 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009cfd060]
14:43:13.143 3 CLASSPNP.SYS[fffff88001fba43f] -> nt!IofCallDriver -> [0xfffffa80078174a0]
14:43:13.143 5 ACPI.sys[fffff88000f057a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800781a050]
14:43:13.143 Scan finished successfully
14:43:45.498 Disk 0 MBR has been saved successfully to "C:\Users\Tazz\Desktop\MBR.dat"
14:43:45.545 The log file has been saved successfully to "C:\Users\Tazz\Desktop\aswMBR.txt"
Die TDSS-Killer Log: Code:
ATTFilter 14:49:16.0571 0856 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:49:16.0727 0856 ============================================================
14:49:16.0727 0856 Current date / time: 2012/12/20 14:49:16.0727
14:49:16.0727 0856 SystemInfo:
14:49:16.0727 0856
14:49:16.0727 0856 OS Version: 6.1.7601 ServicePack: 1.0
14:49:16.0727 0856 Product type: Workstation
14:49:16.0727 0856 ComputerName: ****
14:49:16.0727 0856 UserName: Tazz
14:49:16.0727 0856 Windows directory: C:\Windows
14:49:16.0727 0856 System windows directory: C:\Windows
14:49:16.0727 0856 Running under WOW64
14:49:16.0727 0856 Processor architecture: Intel x64
14:49:16.0727 0856 Number of processors: 4
14:49:16.0727 0856 Page size: 0x1000
14:49:16.0727 0856 Boot type: Normal boot
14:49:16.0727 0856 ============================================================
14:49:16.0883 0856 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:16.0899 0856 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:16.0899 0856 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:16.0899 0856 Drive \Device\Harddisk3\DR3 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:16.0899 0856 ============================================================
14:49:16.0899 0856 \Device\Harddisk0\DR0:
14:49:16.0899 0856 MBR partitions:
14:49:16.0899 0856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:49:16.0899 0856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
14:49:16.0899 0856 \Device\Harddisk1\DR1:
14:49:16.0899 0856 MBR partitions:
14:49:16.0899 0856 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6B105800
14:49:16.0899 0856 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6B106000, BlocksNum 0x95FF800
14:49:16.0899 0856 \Device\Harddisk2\DR2:
14:49:16.0899 0856 MBR partitions:
14:49:16.0899 0856 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:49:16.0899 0856 \Device\Harddisk3\DR3:
14:49:16.0899 0856 MBR partitions:
14:49:16.0899 0856 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4000
14:49:16.0899 0856 ============================================================
14:49:16.0899 0856 C: <-> \Device\Harddisk0\DR0\Partition2
14:49:16.0914 0856 D: <-> \Device\Harddisk1\DR1\Partition1
14:49:16.0946 0856 E: <-> \Device\Harddisk1\DR1\Partition2
14:49:16.0946 0856 F: <-> \Device\Harddisk2\DR2\Partition1
14:49:16.0946 0856 G: <-> \Device\Harddisk3\DR3\Partition1
14:49:16.0946 0856 ============================================================
14:49:16.0946 0856 Initialize success
14:49:16.0946 0856 ============================================================
14:49:41.0484 6084 ============================================================
14:49:41.0484 6084 Scan started
14:49:41.0484 6084 Mode: Manual; SigCheck; TDLFS;
14:49:41.0484 6084 ============================================================
14:49:41.0656 6084 ================ Scan system memory ========================
14:49:41.0656 6084 System memory - ok
14:49:41.0656 6084 ================ Scan services =============================
14:49:41.0687 6084 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:49:41.0718 6084 1394ohci - ok
14:49:41.0718 6084 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:49:41.0734 6084 ACPI - ok
14:49:41.0734 6084 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:49:41.0734 6084 AcpiPmi - ok
14:49:41.0750 6084 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:49:41.0765 6084 adp94xx - ok
14:49:41.0765 6084 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:49:41.0765 6084 adpahci - ok
14:49:41.0781 6084 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:49:41.0781 6084 adpu320 - ok
14:49:41.0781 6084 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:49:41.0812 6084 AeLookupSvc - ok
14:49:41.0812 6084 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:49:41.0828 6084 AFD - ok
14:49:41.0828 6084 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:49:41.0828 6084 agp440 - ok
14:49:41.0828 6084 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:49:41.0843 6084 ALG - ok
14:49:41.0843 6084 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:49:41.0843 6084 aliide - ok
14:49:41.0859 6084 ALSysIO - ok
14:49:41.0859 6084 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:49:41.0874 6084 amdide - ok
14:49:41.0874 6084 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:49:41.0874 6084 AmdK8 - ok
14:49:41.0874 6084 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:49:41.0890 6084 AmdPPM - ok
14:49:41.0890 6084 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:49:41.0906 6084 amdsata - ok
14:49:41.0906 6084 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:49:41.0906 6084 amdsbs - ok
14:49:41.0906 6084 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:49:41.0921 6084 amdxata - ok
14:49:41.0921 6084 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:49:41.0937 6084 AppID - ok
14:49:41.0937 6084 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:49:41.0968 6084 AppIDSvc - ok
14:49:41.0968 6084 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:49:41.0984 6084 Appinfo - ok
14:49:41.0984 6084 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:49:41.0999 6084 AppMgmt - ok
14:49:41.0999 6084 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:49:41.0999 6084 arc - ok
14:49:42.0015 6084 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:49:42.0015 6084 arcsas - ok
14:49:42.0015 6084 [ 4DFF4312661F54EE87DC9A13CAEE60E0 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
14:49:42.0030 6084 asahci64 - ok
14:49:42.0030 6084 ASPI32 - ok
14:49:42.0030 6084 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:49:42.0046 6084 AsyncMac - ok
14:49:42.0046 6084 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:49:42.0062 6084 atapi - ok
14:49:42.0062 6084 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:49:42.0093 6084 AudioEndpointBuilder - ok
14:49:42.0093 6084 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:49:42.0124 6084 AudioSrv - ok
14:49:42.0124 6084 [ E7433C0C2505D8DEE6CA2A446C355595 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
14:49:42.0140 6084 avc3 - ok
14:49:42.0155 6084 [ 3CA0BD46B2FC65393A9B1DCAF6E2F7E7 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
14:49:42.0155 6084 avckf - ok
14:49:42.0171 6084 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
14:49:42.0171 6084 avmaudio - ok
14:49:42.0171 6084 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:49:42.0186 6084 AxInstSV - ok
14:49:42.0186 6084 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:49:42.0202 6084 b06bdrv - ok
14:49:42.0202 6084 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:49:42.0218 6084 b57nd60a - ok
14:49:42.0218 6084 [ EB274492865DD388FCA5BD9B0FB508EA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
14:49:42.0233 6084 BdDesktopParental - ok
14:49:42.0233 6084 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:49:42.0249 6084 BDESVC - ok
14:49:42.0249 6084 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
14:49:42.0249 6084 BdfNdisf - ok
14:49:42.0249 6084 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
14:49:42.0264 6084 bdfwfpf - ok
14:49:42.0264 6084 [ F4683F14A40B05438A8B6E3B4EE765AC ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
14:49:42.0264 6084 BDSandBox - ok
14:49:42.0280 6084 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:49:42.0296 6084 Beep - ok
14:49:42.0296 6084 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:49:42.0327 6084 BFE - ok
14:49:42.0327 6084 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:49:42.0358 6084 BITS - ok
14:49:42.0358 6084 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:49:42.0358 6084 blbdrive - ok
14:49:42.0374 6084 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:49:42.0374 6084 bowser - ok
14:49:42.0374 6084 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:49:42.0389 6084 BrFiltLo - ok
14:49:42.0389 6084 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:49:42.0405 6084 BrFiltUp - ok
14:49:42.0405 6084 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:49:42.0405 6084 Browser - ok
14:49:42.0420 6084 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:49:42.0420 6084 Brserid - ok
14:49:42.0420 6084 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:49:42.0436 6084 BrSerWdm - ok
14:49:42.0436 6084 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:49:42.0452 6084 BrUsbMdm - ok
14:49:42.0452 6084 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:49:42.0452 6084 BrUsbSer - ok
14:49:42.0452 6084 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:49:42.0467 6084 BTHMODEM - ok
14:49:42.0467 6084 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:49:42.0483 6084 bthserv - ok
14:49:42.0498 6084 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:49:42.0514 6084 cdfs - ok
14:49:42.0514 6084 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:49:42.0530 6084 cdrom - ok
14:49:42.0530 6084 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:49:42.0545 6084 CertPropSvc - ok
14:49:42.0561 6084 [ CF0D4F49D7FFAA54FC32753D6BF3CDD7 ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
14:49:42.0576 6084 cFosSpeed - ok
14:49:42.0576 6084 [ 3A85D6B0F7F2260FEC5C21EA17AD2B87 ] cFosSpeedS C:\Program Files\cFosSpeed\spd.exe
14:49:42.0592 6084 cFosSpeedS - ok
14:49:42.0592 6084 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:49:42.0592 6084 circlass - ok
14:49:42.0608 6084 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:49:42.0608 6084 CLFS - ok
14:49:42.0623 6084 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:49:42.0623 6084 clr_optimization_v2.0.50727_32 - ok
14:49:42.0639 6084 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:49:42.0639 6084 clr_optimization_v2.0.50727_64 - ok
14:49:42.0639 6084 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:49:42.0654 6084 clr_optimization_v4.0.30319_32 - ok
14:49:42.0654 6084 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:49:42.0670 6084 clr_optimization_v4.0.30319_64 - ok
14:49:42.0670 6084 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:49:42.0670 6084 CmBatt - ok
14:49:42.0670 6084 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:49:42.0686 6084 cmdide - ok
14:49:42.0686 6084 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:49:42.0701 6084 CNG - ok
14:49:42.0701 6084 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:49:42.0717 6084 Compbatt - ok
14:49:42.0717 6084 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:49:42.0717 6084 CompositeBus - ok
14:49:42.0717 6084 COMSysApp - ok
14:49:42.0748 6084 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:49:42.0764 6084 cphs - ok
14:49:42.0764 6084 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:49:42.0779 6084 crcdisk - ok
14:49:42.0779 6084 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:49:42.0795 6084 CryptSvc - ok
14:49:42.0795 6084 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:49:42.0810 6084 CSC - ok
14:49:42.0810 6084 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:49:42.0826 6084 CscService - ok
14:49:42.0826 6084 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:49:42.0857 6084 DcomLaunch - ok
14:49:42.0857 6084 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:49:42.0873 6084 defragsvc - ok
14:49:42.0873 6084 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:49:42.0904 6084 DfsC - ok
14:49:42.0904 6084 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:49:42.0904 6084 dg_ssudbus - ok
14:49:42.0920 6084 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:49:42.0920 6084 Dhcp - ok
14:49:42.0920 6084 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:49:42.0951 6084 discache - ok
14:49:42.0951 6084 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:49:42.0951 6084 Disk - ok
14:49:42.0951 6084 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:49:42.0966 6084 dmvsc - ok
14:49:42.0966 6084 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:49:42.0982 6084 Dnscache - ok
14:49:42.0982 6084 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:49:42.0998 6084 dot3svc - ok
14:49:42.0998 6084 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:49:43.0029 6084 DPS - ok
14:49:43.0029 6084 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:49:43.0029 6084 drmkaud - ok
14:49:43.0044 6084 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:49:43.0044 6084 dtsoftbus01 - ok
14:49:43.0060 6084 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:49:43.0076 6084 DXGKrnl - ok
14:49:43.0076 6084 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:49:43.0091 6084 EapHost - ok
14:49:43.0122 6084 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:49:43.0138 6084 ebdrv - ok
14:49:43.0138 6084 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:49:43.0154 6084 EFS - ok
14:49:43.0169 6084 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:49:43.0169 6084 ehRecvr - ok
14:49:43.0169 6084 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:49:43.0185 6084 ehSched - ok
14:49:43.0185 6084 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:49:43.0200 6084 elxstor - ok
14:49:43.0200 6084 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:49:43.0216 6084 ErrDev - ok
14:49:43.0216 6084 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:49:43.0232 6084 EventSystem - ok
14:49:43.0247 6084 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:49:43.0263 6084 exfat - ok
14:49:43.0263 6084 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:49:43.0278 6084 fastfat - ok
14:49:43.0294 6084 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:49:43.0310 6084 Fax - ok
14:49:43.0310 6084 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:49:43.0310 6084 fdc - ok
14:49:43.0310 6084 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:49:43.0341 6084 fdPHost - ok
14:49:43.0341 6084 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:49:43.0356 6084 FDResPub - ok
14:49:43.0356 6084 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:49:43.0372 6084 FileInfo - ok
14:49:43.0372 6084 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:49:43.0388 6084 Filetrace - ok
14:49:43.0388 6084 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:49:43.0403 6084 flpydisk - ok
14:49:43.0403 6084 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:49:43.0403 6084 FltMgr - ok
14:49:43.0419 6084 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:49:43.0434 6084 FontCache - ok
14:49:43.0434 6084 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:49:43.0450 6084 FontCache3.0.0.0 - ok
14:49:43.0450 6084 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:49:43.0450 6084 FsDepends - ok
14:49:43.0450 6084 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:49:43.0466 6084 Fs_Rec - ok
14:49:43.0466 6084 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:49:43.0481 6084 fvevol - ok
14:49:43.0481 6084 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:49:43.0481 6084 gagp30kx - ok
14:49:43.0497 6084 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:49:43.0512 6084 gpsvc - ok
14:49:43.0512 6084 [ BF2763FEA9704B1D9AA2C7719423251A ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
14:49:43.0528 6084 gzflt - ok
14:49:43.0528 6084 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:49:43.0544 6084 hcw85cir - ok
14:49:43.0544 6084 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:43.0544 6084 HdAudAddService - ok
14:49:43.0559 6084 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:49:43.0559 6084 HDAudBus - ok
14:49:43.0559 6084 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:49:43.0575 6084 HidBatt - ok
14:49:43.0575 6084 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:49:43.0590 6084 HidBth - ok
14:49:43.0590 6084 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:49:43.0590 6084 HidIr - ok
14:49:43.0590 6084 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:49:43.0622 6084 hidserv - ok
14:49:43.0622 6084 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:49:43.0622 6084 HidUsb - ok
14:49:43.0637 6084 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:49:43.0653 6084 hkmsvc - ok
14:49:43.0653 6084 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:43.0668 6084 HomeGroupListener - ok
14:49:43.0668 6084 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:43.0668 6084 HomeGroupProvider - ok
14:49:43.0684 6084 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:49:43.0684 6084 HpSAMD - ok
14:49:43.0700 6084 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:49:43.0715 6084 HTTP - ok
14:49:43.0715 6084 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:49:43.0731 6084 hwpolicy - ok
14:49:43.0731 6084 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:49:43.0731 6084 i8042prt - ok
14:49:43.0746 6084 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:49:43.0746 6084 iaStor - ok
14:49:43.0762 6084 [ 1F35EFEC56CD1BF62435EAF97EABC3B3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:49:43.0762 6084 IAStorDataMgrSvc - ok
14:49:43.0778 6084 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:49:43.0778 6084 iaStorV - ok
14:49:43.0778 6084 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:49:43.0793 6084 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:49:43.0793 6084 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:49:43.0809 6084 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:49:43.0809 6084 idsvc - ok
14:49:43.0902 6084 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:49:43.0996 6084 igfx - ok
14:49:43.0996 6084 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:49:43.0996 6084 iirsp - ok
14:49:43.0996 6084 [ 67999A9D34A0B2479381E7A61AFC37AB ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
14:49:44.0012 6084 ikbevent - ok
14:49:44.0012 6084 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:49:44.0043 6084 IKEEXT - ok
14:49:44.0043 6084 [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
14:49:44.0043 6084 imsevent - ok
14:49:44.0074 6084 [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:49:44.0105 6084 IntcAzAudAddService - ok
14:49:44.0105 6084 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:49:44.0121 6084 Intel(R) Capability Licensing Service Interface - ok
14:49:44.0121 6084 [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:49:44.0136 6084 Intel(R) ME Service - ok
14:49:44.0136 6084 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:49:44.0152 6084 intelide - ok
14:49:44.0152 6084 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:49:44.0152 6084 intelppm - ok
14:49:44.0168 6084 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:49:44.0183 6084 IPBusEnum - ok
14:49:44.0183 6084 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:44.0199 6084 IpFilterDriver - ok
14:49:44.0214 6084 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:49:44.0214 6084 iphlpsvc - ok
14:49:44.0230 6084 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:49:44.0230 6084 IPMIDRV - ok
14:49:44.0230 6084 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:49:44.0261 6084 IPNAT - ok
14:49:44.0261 6084 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:49:44.0261 6084 IRENUM - ok
14:49:44.0261 6084 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:49:44.0277 6084 isapnp - ok
14:49:44.0277 6084 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:49:44.0292 6084 iScsiPrt - ok
14:49:44.0292 6084 [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
14:49:44.0292 6084 ISCT - ok
14:49:44.0308 6084 [ 6F60B7AD044924B8C1E32D692C593612 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
14:49:44.0308 6084 ISCTAgent - ok
14:49:44.0308 6084 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:49:44.0324 6084 iusb3hcs - ok
14:49:44.0324 6084 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:49:44.0339 6084 iusb3hub - ok
14:49:44.0339 6084 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:49:44.0355 6084 iusb3xhc - ok
14:49:44.0355 6084 [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:49:44.0370 6084 jhi_service - ok
14:49:44.0370 6084 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:49:44.0386 6084 kbdclass - ok
14:49:44.0386 6084 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:49:44.0386 6084 kbdhid - ok
14:49:44.0386 6084 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:49:44.0402 6084 KeyIso - ok
14:49:44.0402 6084 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:49:44.0417 6084 KSecDD - ok
14:49:44.0417 6084 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:49:44.0417 6084 KSecPkg - ok
14:49:44.0417 6084 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:49:44.0448 6084 ksthunk - ok
14:49:44.0448 6084 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:49:44.0464 6084 KtmRm - ok
14:49:44.0480 6084 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:49:44.0495 6084 LanmanServer - ok
14:49:44.0495 6084 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:49:44.0526 6084 LanmanWorkstation - ok
14:49:44.0526 6084 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:49:44.0542 6084 LBTServ - ok
14:49:44.0542 6084 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
14:49:44.0542 6084 LGBusEnum - ok
14:49:44.0542 6084 [ 14179E7B64F8A17AEA464D4E2D271FAA ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
14:49:44.0558 6084 LGSHidFilt - ok
14:49:44.0558 6084 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
14:49:44.0558 6084 LGVirHid - ok
14:49:44.0573 6084 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:49:44.0573 6084 LHidFilt - ok
14:49:44.0573 6084 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:49:44.0589 6084 lltdio - ok
14:49:44.0604 6084 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:49:44.0620 6084 lltdsvc - ok
14:49:44.0620 6084 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:49:44.0651 6084 lmhosts - ok
14:49:44.0651 6084 [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:49:44.0667 6084 LMS - ok
14:49:44.0667 6084 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:49:44.0682 6084 LSI_FC - ok
14:49:44.0682 6084 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:49:44.0682 6084 LSI_SAS - ok
14:49:44.0682 6084 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:49:44.0698 6084 LSI_SAS2 - ok
14:49:44.0698 6084 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:49:44.0698 6084 LSI_SCSI - ok
14:49:44.0714 6084 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:49:44.0729 6084 luafv - ok
14:49:44.0729 6084 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
14:49:44.0729 6084 MBfilt - ok
14:49:44.0745 6084 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:49:44.0745 6084 Mcx2Svc - ok
14:49:44.0745 6084 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:49:44.0760 6084 megasas - ok
14:49:44.0760 6084 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:49:44.0760 6084 MegaSR - ok
14:49:44.0776 6084 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:49:44.0776 6084 MEIx64 - ok
14:49:44.0776 6084 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:49:44.0792 6084 MMCSS - ok
14:49:44.0807 6084 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:49:44.0823 6084 Modem - ok
14:49:44.0823 6084 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:49:44.0838 6084 monitor - ok
14:49:44.0838 6084 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:49:44.0838 6084 mouclass - ok
14:49:44.0838 6084 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:49:44.0854 6084 mouhid - ok
14:49:44.0854 6084 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:49:44.0854 6084 mountmgr - ok
14:49:44.0870 6084 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:49:44.0870 6084 MozillaMaintenance - ok
14:49:44.0885 6084 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:49:44.0885 6084 mpio - ok
14:49:44.0885 6084 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:49:44.0901 6084 mpsdrv - ok
14:49:44.0916 6084 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:49:44.0948 6084 MpsSvc - ok
14:49:44.0948 6084 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:49:44.0948 6084 MRxDAV - ok
14:49:44.0963 6084 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:44.0963 6084 mrxsmb - ok
14:49:44.0979 6084 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:44.0979 6084 mrxsmb10 - ok
14:49:44.0979 6084 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:44.0994 6084 mrxsmb20 - ok
14:49:44.0994 6084 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:49:44.0994 6084 msahci - ok
14:49:45.0010 6084 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:49:45.0010 6084 msdsm - ok
14:49:45.0010 6084 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:49:45.0026 6084 MSDTC - ok
14:49:45.0026 6084 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:49:45.0041 6084 Msfs - ok
14:49:45.0057 6084 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:49:45.0072 6084 mshidkmdf - ok
14:49:45.0072 6084 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:49:45.0072 6084 msisadrv - ok
14:49:45.0088 6084 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:49:45.0104 6084 MSiSCSI - ok
14:49:45.0104 6084 msiserver - ok
14:49:45.0104 6084 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:49:45.0119 6084 MSKSSRV - ok
14:49:45.0135 6084 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:45.0150 6084 MSPCLOCK - ok
14:49:45.0150 6084 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:49:45.0166 6084 MSPQM - ok
14:49:45.0182 6084 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:49:45.0182 6084 MsRPC - ok
14:49:45.0182 6084 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:49:45.0197 6084 mssmbios - ok
14:49:45.0197 6084 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:49:45.0213 6084 MSTEE - ok
14:49:45.0213 6084 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:49:45.0228 6084 MTConfig - ok
14:49:45.0228 6084 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:49:45.0228 6084 Mup - ok
14:49:45.0244 6084 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:49:45.0260 6084 napagent - ok
14:49:45.0260 6084 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:49:45.0275 6084 NativeWifiP - ok
14:49:45.0291 6084 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:49:45.0306 6084 NDIS - ok
14:49:45.0306 6084 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:45.0322 6084 NdisCap - ok
14:49:45.0322 6084 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:45.0353 6084 NdisTapi - ok
14:49:45.0353 6084 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:45.0369 6084 Ndisuio - ok
14:49:45.0369 6084 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:45.0400 6084 NdisWan - ok
14:49:45.0400 6084 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:49:45.0416 6084 NDProxy - ok
14:49:45.0416 6084 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:49:45.0447 6084 NetBIOS - ok
14:49:45.0447 6084 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:49:45.0462 6084 NetBT - ok
14:49:45.0462 6084 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:49:45.0478 6084 Netlogon - ok
14:49:45.0478 6084 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:49:45.0509 6084 Netman - ok
14:49:45.0509 6084 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:49:45.0525 6084 netprofm - ok
14:49:45.0540 6084 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:49:45.0540 6084 NetTcpPortSharing - ok
14:49:45.0540 6084 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:49:45.0556 6084 nfrd960 - ok
14:49:45.0556 6084 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:49:45.0556 6084 NlaSvc - ok
14:49:45.0572 6084 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
14:49:45.0587 6084 nmwcd - ok
14:49:45.0587 6084 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
14:49:45.0603 6084 nmwcdc - ok
14:49:45.0603 6084 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:49:45.0618 6084 Npfs - ok
14:49:45.0618 6084 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:49:45.0634 6084 nsi - ok
14:49:45.0650 6084 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:49:45.0665 6084 nsiproxy - ok
14:49:45.0681 6084 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:49:45.0696 6084 Ntfs - ok
14:49:45.0696 6084 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:49:45.0728 6084 Null - ok
14:49:45.0728 6084 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:49:45.0728 6084 NVHDA - ok
14:49:45.0806 6084 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:49:45.0899 6084 nvlddmkm - ok
14:49:45.0899 6084 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:49:45.0915 6084 nvraid - ok
14:49:45.0915 6084 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:49:45.0930 6084 nvstor - ok
14:49:45.0930 6084 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
14:49:45.0946 6084 nvsvc - ok
14:49:45.0962 6084 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:49:45.0977 6084 nvUpdatusService - ok
14:49:45.0993 6084 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:49:45.0993 6084 nv_agp - ok
14:49:45.0993 6084 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:49:46.0008 6084 ohci1394 - ok
14:49:46.0024 6084 [ 17B5D3C6E063729BFA725CAF78BC4710 ] OODefragAgent C:\Program Files\OO Software\Defrag\oodag.exe
14:49:46.0055 6084 OODefragAgent - ok
14:49:46.0071 6084 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:49:46.0071 6084 ose64 - ok
14:49:46.0102 6084 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:49:46.0149 6084 osppsvc - ok
14:49:46.0149 6084 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:49:46.0164 6084 p2pimsvc - ok
14:49:46.0164 6084 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:49:46.0180 6084 p2psvc - ok
14:49:46.0180 6084 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:49:46.0196 6084 Parport - ok
14:49:46.0196 6084 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:49:46.0196 6084 partmgr - ok
14:49:46.0211 6084 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:49:46.0211 6084 PcaSvc - ok
14:49:46.0211 6084 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:49:46.0227 6084 pccsmcfd - ok
14:49:46.0227 6084 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:49:46.0242 6084 pci - ok
14:49:46.0242 6084 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:49:46.0242 6084 pciide - ok
14:49:46.0242 6084 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:49:46.0258 6084 pcmcia - ok
14:49:46.0258 6084 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:49:46.0274 6084 pcw - ok
14:49:46.0274 6084 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:49:46.0289 6084 PEAUTH - ok
14:49:46.0305 6084 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:49:46.0320 6084 PeerDistSvc - ok
14:49:46.0336 6084 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:49:46.0352 6084 PerfHost - ok
14:49:46.0367 6084 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:49:46.0398 6084 pla - ok
14:49:46.0398 6084 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:49:46.0414 6084 PlugPlay - ok
14:49:46.0414 6084 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:49:46.0414 6084 PNRPAutoReg - ok
14:49:46.0430 6084 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:49:46.0430 6084 PNRPsvc - ok
14:49:46.0445 6084 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:49:46.0461 6084 PolicyAgent - ok
14:49:46.0461 6084 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:49:46.0492 6084 Power - ok
14:49:46.0492 6084 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:49:46.0508 6084 PptpMiniport - ok
14:49:46.0508 6084 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:49:46.0523 6084 Processor - ok
14:49:46.0523 6084 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:49:46.0539 6084 ProfSvc - ok
14:49:46.0539 6084 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:49:46.0554 6084 ProtectedStorage - ok
14:49:46.0554 6084 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:49:46.0570 6084 Psched - ok
14:49:46.0586 6084 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:49:46.0601 6084 ql2300 - ok
14:49:46.0601 6084 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:49:46.0617 6084 ql40xx - ok
14:49:46.0617 6084 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:49:46.0632 6084 QWAVE - ok
14:49:46.0632 6084 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:49:46.0648 6084 QWAVEdrv - ok
14:49:46.0648 6084 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:49:46.0664 6084 RapiMgr - ok
14:49:46.0664 6084 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:49:46.0679 6084 RasAcd - ok
14:49:46.0679 6084 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:46.0695 6084 RasAgileVpn - ok
14:49:46.0710 6084 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:49:46.0726 6084 RasAuto - ok
14:49:46.0726 6084 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:46.0742 6084 Rasl2tp - ok
14:49:46.0757 6084 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:49:46.0773 6084 RasMan - ok
14:49:46.0773 6084 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:46.0804 6084 RasPppoe - ok
14:49:46.0804 6084 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:49:46.0820 6084 RasSstp - ok
14:49:46.0835 6084 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:49:46.0856 6084 rdbss - ok
14:49:46.0858 6084 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:49:46.0861 6084 rdpbus - ok
14:49:46.0861 6084 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:46.0881 6084 RDPCDD - ok
14:49:46.0891 6084 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:49:46.0901 6084 RDPDR - ok
14:49:46.0901 6084 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:49:46.0921 6084 RDPENCDD - ok
14:49:46.0921 6084 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:49:46.0941 6084 RDPREFMP - ok
14:49:46.0941 6084 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:49:46.0951 6084 RdpVideoMiniport - ok
14:49:46.0961 6084 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:49:46.0961 6084 RDPWD - ok
14:49:46.0971 6084 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:49:46.0981 6084 rdyboost - ok
14:49:46.0981 6084 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:49:47.0001 6084 RemoteAccess - ok
14:49:47.0001 6084 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:49:47.0031 6084 RemoteRegistry - ok
14:49:47.0031 6084 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:49:47.0051 6084 RpcEptMapper - ok
14:49:47.0051 6084 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:49:47.0061 6084 RpcLocator - ok
14:49:47.0071 6084 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:49:47.0091 6084 RpcSs - ok
14:49:47.0091 6084 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:49:47.0111 6084 rspndr - ok
14:49:47.0121 6084 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:49:47.0131 6084 RTL8167 - ok
14:49:47.0131 6084 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:49:47.0141 6084 s3cap - ok
14:49:47.0141 6084 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:49:47.0151 6084 SamSs - ok
14:49:47.0151 6084 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:49:47.0161 6084 sbp2port - ok
14:49:47.0161 6084 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:49:47.0191 6084 SCardSvr - ok
14:49:47.0191 6084 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:49:47.0211 6084 scfilter - ok
14:49:47.0221 6084 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:49:47.0251 6084 Schedule - ok
14:49:47.0251 6084 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:49:47.0271 6084 SCPolicySvc - ok
14:49:47.0271 6084 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:49:47.0281 6084 SDRSVC - ok
14:49:47.0281 6084 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:49:47.0301 6084 secdrv - ok
14:49:47.0301 6084 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:49:47.0321 6084 seclogon - ok
14:49:47.0331 6084 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:49:47.0351 6084 SENS - ok
14:49:47.0351 6084 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:49:47.0361 6084 SensrSvc - ok
14:49:47.0361 6084 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:49:47.0371 6084 Serenum - ok
14:49:47.0371 6084 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:49:47.0381 6084 Serial - ok
14:49:47.0381 6084 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:49:47.0391 6084 sermouse - ok
14:49:47.0401 6084 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:49:47.0421 6084 ServiceLayer - ok
14:49:47.0421 6084 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:49:47.0441 6084 SessionEnv - ok
14:49:47.0451 6084 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:49:47.0461 6084 sffdisk - ok
14:49:47.0461 6084 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:49:47.0471 6084 sffp_mmc - ok
14:49:47.0471 6084 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:49:47.0481 6084 sffp_sd - ok
14:49:47.0481 6084 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:49:47.0491 6084 sfloppy - ok
14:49:47.0491 6084 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:49:47.0521 6084 SharedAccess - ok
14:49:47.0521 6084 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:49:47.0541 6084 ShellHWDetection - ok
14:49:47.0551 6084 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:49:47.0551 6084 SiSRaid2 - ok
14:49:47.0551 6084 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:49:47.0561 6084 SiSRaid4 - ok
14:49:47.0571 6084 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:49:47.0591 6084 SkypeUpdate - ok
14:49:47.0601 6084 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:49:47.0621 6084 Smb - ok
14:49:47.0621 6084 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:49:47.0631 6084 SNMPTRAP - ok
14:49:47.0631 6084 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:49:47.0641 6084 spldr - ok
14:49:47.0641 6084 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:49:47.0661 6084 Spooler - ok
14:49:47.0681 6084 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:49:47.0721 6084 sppsvc - ok
14:49:47.0721 6084 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:49:47.0741 6084 sppuinotify - ok
14:49:47.0751 6084 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:49:47.0761 6084 srv - ok
14:49:47.0771 6084 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:49:47.0781 6084 srv2 - ok
14:49:47.0781 6084 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:49:47.0791 6084 srvnet - ok
14:49:47.0791 6084 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:49:47.0811 6084 SSDPSRV - ok
14:49:47.0821 6084 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:49:47.0841 6084 SstpSvc - ok
14:49:47.0841 6084 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:49:47.0851 6084 ssudmdm - ok
14:49:47.0851 6084 Steam Client Service - ok
14:49:47.0851 6084 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:49:47.0861 6084 stexstor - ok
14:49:47.0871 6084 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:49:47.0881 6084 stisvc - ok
14:49:47.0881 6084 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:49:47.0891 6084 storflt - ok
14:49:47.0891 6084 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:49:47.0901 6084 StorSvc - ok
14:49:47.0901 6084 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:49:47.0911 6084 storvsc - ok
14:49:47.0911 6084 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:49:47.0921 6084 swenum - ok
14:49:47.0921 6084 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:49:47.0941 6084 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:49:47.0941 6084 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:49:47.0951 6084 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:49:47.0971 6084 swprv - ok
14:49:47.0991 6084 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:49:48.0011 6084 SysMain - ok
14:49:48.0011 6084 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:49:48.0021 6084 TabletInputService - ok
14:49:48.0031 6084 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:49:48.0051 6084 TapiSrv - ok
14:49:48.0051 6084 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:49:48.0071 6084 TBS - ok
14:49:48.0091 6084 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:49:48.0111 6084 Tcpip - ok
14:49:48.0121 6084 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:49:48.0151 6084 TCPIP6 - ok
14:49:48.0151 6084 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:49:48.0161 6084 tcpipreg - ok
14:49:48.0161 6084 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:49:48.0171 6084 TDPIPE - ok
14:49:48.0171 6084 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:49:48.0181 6084 TDTCP - ok
14:49:48.0181 6084 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:49:48.0201 6084 tdx - ok
14:49:48.0231 6084 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
14:49:48.0293 6084 TeamViewer8 - ok
14:49:48.0309 6084 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:49:48.0309 6084 TermDD - ok
14:49:48.0324 6084 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:49:48.0340 6084 TermService - ok
14:49:48.0340 6084 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:49:48.0356 6084 Themes - ok
14:49:48.0356 6084 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:49:48.0371 6084 THREADORDER - ok
14:49:48.0387 6084 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:49:48.0402 6084 TrkWks - ok
14:49:48.0402 6084 [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos C:\Windows\system32\DRIVERS\trufos.sys
14:49:48.0418 6084 trufos - ok
14:49:48.0418 6084 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:49:48.0449 6084 TrustedInstaller - ok
14:49:48.0449 6084 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:48.0465 6084 tssecsrv - ok
14:49:48.0465 6084 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:49:48.0480 6084 TsUsbFlt - ok
14:49:48.0480 6084 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:49:48.0496 6084 TsUsbGD - ok
14:49:48.0496 6084 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:49:48.0512 6084 tunnel - ok
14:49:48.0512 6084 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:49:48.0527 6084 uagp35 - ok
14:49:48.0527 6084 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:49:48.0543 6084 udfs - ok
14:49:48.0558 6084 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:49:48.0558 6084 UI0Detect - ok
14:49:48.0558 6084 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:49:48.0574 6084 uliagpkx - ok
14:49:48.0574 6084 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:49:48.0574 6084 umbus - ok
14:49:48.0590 6084 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:49:48.0590 6084 UmPass - ok
14:49:48.0590 6084 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:49:48.0605 6084 UmRdpService - ok
14:49:48.0605 6084 [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:49:48.0621 6084 UNS - ok
14:49:48.0636 6084 [ 75A488DA3EA48BE97695A727185515CF ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
14:49:48.0636 6084 UPDATESRV - ok
14:49:48.0652 6084 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:49:48.0668 6084 upnphost - ok
14:49:48.0668 6084 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:49:48.0683 6084 upperdev - ok
14:49:48.0683 6084 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:49:48.0699 6084 usbaudio - ok
14:49:48.0699 6084 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:48.0714 6084 usbccgp - ok
14:49:48.0714 6084 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:49:48.0714 6084 usbcir - ok
14:49:48.0730 6084 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:49:48.0730 6084 usbehci - ok
14:49:48.0730 6084 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:49:48.0746 6084 usbhub - ok
14:49:48.0746 6084 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:49:48.0761 6084 usbohci - ok
14:49:48.0761 6084 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:49:48.0761 6084 usbprint - ok
14:49:48.0777 6084 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:49:48.0777 6084 UsbserFilt - ok
14:49:48.0792 6084 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:48.0792 6084 USBSTOR - ok
14:49:48.0792 6084 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:49:48.0808 6084 usbuhci - ok
14:49:48.0808 6084 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:49:48.0824 6084 usbvideo - ok
14:49:48.0824 6084 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:49:48.0839 6084 UxSms - ok
14:49:48.0839 6084 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:49:48.0855 6084 VaultSvc - ok
14:49:48.0855 6084 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:49:48.0855 6084 vdrvroot - ok
14:49:48.0870 6084 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:49:48.0886 6084 vds - ok
14:49:48.0886 6084 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:48.0902 6084 vga - ok
14:49:48.0902 6084 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:49:48.0917 6084 VgaSave - ok
14:49:48.0933 6084 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:49:48.0933 6084 vhdmp - ok
14:49:48.0933 6084 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:49:48.0948 6084 viaide - ok
14:49:48.0948 6084 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:49:48.0948 6084 vmbus - ok
14:49:48.0964 6084 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:49:48.0964 6084 VMBusHID - ok
14:49:48.0964 6084 [ 93F279A2C172562050700A18FA84BE2E ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
14:49:48.0980 6084 vncmirror - ok
14:49:49.0089 6084 [ E72BCD770F80FB526C3E6F54C19D97A1 ] vncserver D:\Programme\RealVNC\VNC Server\vncserver.exe
14:49:49.0136 6084 vncserver - ok
14:49:49.0136 6084 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:49:49.0151 6084 volmgr - ok
14:49:49.0151 6084 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:49:49.0151 6084 volmgrx - ok
14:49:49.0167 6084 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:49:49.0167 6084 volsnap - ok
14:49:49.0182 6084 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:49:49.0182 6084 vsmraid - ok
14:49:49.0198 6084 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:49:49.0229 6084 VSS - ok
14:49:49.0245 6084 [ CE9659E7047145791F1288C167C22BFE ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
14:49:49.0276 6084 VSSERV - ok
14:49:49.0276 6084 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:49:49.0292 6084 vwifibus - ok
14:49:49.0292 6084 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:49:49.0323 6084 W32Time - ok
14:49:49.0323 6084 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:49:49.0323 6084 WacomPen - ok
14:49:49.0323 6084 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:49:49.0354 6084 WANARP - ok
14:49:49.0354 6084 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:49:49.0370 6084 Wanarpv6 - ok
14:49:49.0385 6084 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:49:49.0401 6084 wbengine - ok
14:49:49.0401 6084 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:49:49.0416 6084 WbioSrvc - ok
14:49:49.0416 6084 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:49:49.0432 6084 WcesComm - ok
14:49:49.0432 6084 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:49:49.0448 6084 wcncsvc - ok
14:49:49.0448 6084 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:49:49.0463 6084 WcsPlugInService - ok
14:49:49.0463 6084 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:49:49.0463 6084 Wd - ok
14:49:49.0479 6084 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:49:49.0494 6084 Wdf01000 - ok
14:49:49.0494 6084 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:49:49.0494 6084 WdiServiceHost - ok
14:49:49.0510 6084 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:49:49.0510 6084 WdiSystemHost - ok
14:49:49.0526 6084 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:49:49.0526 6084 WebClient - ok
14:49:49.0541 6084 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:49:49.0557 6084 Wecsvc - ok
14:49:49.0557 6084 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:49:49.0572 6084 wercplsupport - ok
14:49:49.0588 6084 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:49:49.0604 6084 WerSvc - ok
14:49:49.0604 6084 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:49:49.0619 6084 WfpLwf - ok
14:49:49.0635 6084 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:49:49.0635 6084 WIMMount - ok
14:49:49.0635 6084 WinDefend - ok
14:49:49.0635 6084 WinHttpAutoProxySvc - ok
14:49:49.0650 6084 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:49:49.0666 6084 Winmgmt - ok
14:49:49.0682 6084 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:49:49.0713 6084 WinRM - ok
14:49:49.0713 6084 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:49:49.0728 6084 WinUsb - ok
14:49:49.0744 6084 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:49:49.0760 6084 Wlansvc - ok
14:49:49.0760 6084 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:49:49.0760 6084 WmiAcpi - ok
14:49:49.0760 6084 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:49:49.0775 6084 wmiApSrv - ok
14:49:49.0775 6084 WMPNetworkSvc - ok
14:49:49.0775 6084 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:49:49.0791 6084 WPCSvc - ok
14:49:49.0791 6084 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:49:49.0806 6084 WPDBusEnum - ok
14:49:49.0806 6084 [ 7CA09731EB7FC99B910C7F239E57720F ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
14:49:49.0806 6084 WPRO_41_2001 - ok
14:49:49.0806 6084 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:49:49.0838 6084 ws2ifsl - ok
14:49:49.0838 6084 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:49:49.0853 6084 wscsvc - ok
14:49:49.0853 6084 WSearch - ok
14:49:49.0869 6084 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:49:49.0900 6084 wuauserv - ok
14:49:49.0900 6084 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:49:49.0916 6084 WudfPf - ok
14:49:49.0916 6084 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:49.0931 6084 WUDFRd - ok
14:49:49.0931 6084 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:49:49.0931 6084 wudfsvc - ok
14:49:49.0947 6084 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:49:49.0947 6084 WwanSvc - ok
14:49:49.0962 6084 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
14:49:49.0962 6084 xusb21 - ok
14:49:49.0962 6084 ================ Scan global ===============================
14:49:49.0962 6084 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:49:49.0978 6084 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:49:49.0978 6084 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:49:49.0978 6084 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:49:49.0978 6084 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:49:49.0994 6084 [Global] - ok
14:49:49.0994 6084 ================ Scan MBR ==================================
14:49:49.0994 6084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:49:50.0072 6084 \Device\Harddisk0\DR0 - ok
14:49:50.0087 6084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:49:50.0306 6084 \Device\Harddisk1\DR1 - ok
14:49:50.0321 6084 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
14:49:50.0337 6084 \Device\Harddisk2\DR2 - ok
14:49:50.0352 6084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
14:49:50.0384 6084 \Device\Harddisk3\DR3 - ok
14:49:50.0384 6084 ================ Scan VBR ==================================
14:49:50.0384 6084 [ 93F83F11CDE08FD62C83F28DA2163390 ] \Device\Harddisk0\DR0\Partition1
14:49:50.0384 6084 \Device\Harddisk0\DR0\Partition1 - ok
14:49:50.0384 6084 [ 5A77242E770AC236CD94BADD9F453F1E ] \Device\Harddisk0\DR0\Partition2
14:49:50.0384 6084 \Device\Harddisk0\DR0\Partition2 - ok
14:49:50.0384 6084 [ C5302AC8522F2112B8847A51E1843E47 ] \Device\Harddisk1\DR1\Partition1
14:49:50.0399 6084 \Device\Harddisk1\DR1\Partition1 - ok
14:49:50.0399 6084 [ E760BA34B6A8B02873920015F8A4AB78 ] \Device\Harddisk1\DR1\Partition2
14:49:50.0399 6084 \Device\Harddisk1\DR1\Partition2 - ok
14:49:50.0399 6084 [ DC5B9441BEF294C4434971E6FA2F89DB ] \Device\Harddisk2\DR2\Partition1
14:49:50.0415 6084 \Device\Harddisk2\DR2\Partition1 - ok
14:49:50.0415 6084 [ 25CEF5F59B588D6DD8C27580E5A5AFD8 ] \Device\Harddisk3\DR3\Partition1
14:49:50.0415 6084 \Device\Harddisk3\DR3\Partition1 - ok
14:49:50.0415 6084 ============================================================
14:49:50.0415 6084 Scan finished
14:49:50.0415 6084 ============================================================
14:49:50.0430 5772 Detected object count: 2
14:49:50.0430 5772 Actual detected object count: 2
14:50:40.0593 5772 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:40.0593 5772 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:40.0593 5772 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:40.0593 5772 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank |
|
20.12.2012, 15:51
| #8 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner mit Webcam - Windows 7 x64Zitat:
 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.12.2012, 16:06
| #9 |
| | GVU Trojaner mit Webcam - Windows 7 x64 ComboFix: Code:
ATTFilter ComboFix 12-12-20.02 - Tazz 20.12.2012 16:00:40.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8087.6422 [GMT 1:00]
ausgeführt von:: c:\users\Tazz\Desktop\ComboFix.exe
AV: Bitdefender Virenschutz *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C}
FW: Bitdefender Firewall *Disabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1354830587.bdinstall.bin
c:\programdata\1354832168.bdinstall.bin
c:\programdata\1354832451.bdinstall.bin
c:\programdata\1354835007.bdinstall.bin
c:\programdata\1354836061.bdinstall.bin
c:\programdata\1354836131.bdinstall.bin
c:\programdata\1354836479.bdinstall.bin
c:\programdata\1354836554.bdinstall.bin
c:\programdata\1354867946.bdinstall.bin
c:\programdata\1354868042.bdinstall.bin
c:\programdata\dsgsdgdsgdsgw.pad
c:\windows\iun6002.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-20 bis 2012-12-20 ))))))))))))))))))))))))))))))
.
.
2012-12-20 15:03 . 2012-12-20 15:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-20 15:03 . 2012-12-20 15:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-19 16:26 . 2012-12-20 13:29 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2012-12-19 16:24 . 2012-12-19 16:24 308200 ----a-w- c:\windows\system32\javaws.exe
2012-12-19 16:24 . 2012-12-19 16:24 188392 ----a-w- c:\windows\system32\javaw.exe
2012-12-19 16:24 . 2012-12-19 16:24 188392 ----a-w- c:\windows\system32\java.exe
2012-12-19 16:24 . 2012-12-19 16:24 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-19 16:23 . 2012-12-19 16:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-19 16:23 . 2012-12-19 16:22 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-19 16:22 . 2012-12-19 16:22 -------- d-----w- c:\program files (x86)\Java
2012-12-19 12:53 . 2012-12-19 12:53 261056 ----a-w- c:\windows\system32\drivers\avchv.sys
2012-12-12 21:47 . 2012-12-12 21:47 -------- d-----w- C:\Temp
2012-12-11 21:35 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-11 21:35 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 21:33 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-11 21:33 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-11 21:33 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 21:33 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-11 21:33 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-11 21:33 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-11 21:33 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-08 14:37 . 2012-12-08 14:37 -------- d-----w- c:\windows\Downloaded Program Files
2012-12-08 12:00 . 2012-12-18 16:02 -------- d-----w- c:\users\Tazz\AppData\Roaming\Skype
2012-12-08 12:00 . 2012-12-08 12:00 -------- d-----r- c:\program files (x86)\Skype
2012-12-08 12:00 . 2012-12-08 12:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-08 12:00 . 2012-12-08 12:00 -------- d-----w- c:\programdata\Skype
2012-12-07 08:18 . 2012-12-07 08:18 76944 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2012-12-07 08:14 . 2012-09-21 16:16 82384 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2012-12-07 08:14 . 2012-07-06 13:21 93160 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2012-12-07 08:14 . 2012-10-10 13:00 587024 ----a-w- c:\windows\system32\drivers\avckf.sys
2012-12-07 08:14 . 2012-10-10 13:00 705552 ----a-w- c:\windows\system32\drivers\avc3.sys
2012-12-07 08:14 . 2012-12-07 08:14 -------- d-----w- c:\users\Tazz\AppData\Roaming\Bitdefender
2012-12-07 08:14 . 2012-12-07 08:14 -------- d-----w- c:\programdata\Bitdefender
2012-12-07 08:14 . 2012-10-31 11:13 350160 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-12-07 08:14 . 2012-08-29 16:24 145696 ----a-w- c:\windows\system32\drivers\gzflt.sys
2012-12-06 23:23 . 2012-12-07 08:14 -------- d-----w- c:\program files\Bitdefender
2012-12-06 22:35 . 2012-12-06 22:47 -------- d-----w- c:\users\Tazz\AppData\Local\liQeNSoft
2012-12-06 22:35 . 2012-12-06 22:35 -------- d-----w- c:\users\Tazz\AppData\Roaming\liQeNSoft
2012-12-06 22:20 . 2012-12-07 08:14 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-12-06 22:17 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7AD0FD9-D903-459C-800F-0DC28AD0F4B0}\mpengine.dll
2012-12-06 21:53 . 2012-12-06 22:02 -------- d-----w- c:\programdata\BDLogging
2012-12-06 21:53 . 2007-04-11 09:11 511328 ----a-w- c:\windows\capicom.dll
2012-12-06 21:50 . 2012-12-06 21:50 -------- d-----w- c:\users\Tazz\AppData\Roaming\QuickScan
2012-12-06 20:24 . 2012-12-06 21:59 -------- d-----w- c:\users\Tazz\AppData\Roaming\TeamViewer
2012-12-04 15:47 . 2012-12-04 15:47 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-12-04 15:47 . 2012-12-04 15:47 -------- d-----w- c:\windows\SysWow64\NV
2012-12-04 15:47 . 2012-12-04 15:47 -------- d-----w- c:\windows\system32\NV
2012-12-02 16:53 . 2012-12-02 16:53 -------- d-----w- c:\programdata\Orbit
2012-12-02 16:46 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2012-12-02 16:41 . 2012-12-02 19:42 -------- d-----w- c:\program files (x86)\Ubisoft
2012-11-25 22:47 . 2012-11-25 22:47 -------- d-----w- c:\users\Tazz\AppData\Local\ElevatedDiagnostics
2012-11-25 21:25 . 2012-11-25 21:25 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-25 21:25 . 2012-11-25 21:25 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-22 19:36 . 2012-11-22 19:36 -------- d-----w- c:\users\Tazz\AppData\Local\SKIDROW
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 13:29 . 2012-07-19 11:51 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2012-12-19 16:24 . 2012-10-17 17:01 959976 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-19 16:24 . 2012-10-17 17:01 1081320 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-19 16:22 . 2012-07-18 18:55 859072 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-19 16:22 . 2012-07-18 18:55 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-18 14:59 . 2012-07-19 11:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 14:59 . 2012-07-19 11:34 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:36 . 2012-07-18 14:43 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-03 15:47 . 2012-09-16 20:29 18045968 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-12-03 15:47 . 2012-09-16 20:29 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-03 15:47 . 2012-07-19 11:48 983936 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-03 15:47 . 2012-07-19 11:48 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-03 15:47 . 2012-07-19 11:48 26811240 ----a-w- c:\windows\system32\nvoglv64.dll
2012-12-03 15:47 . 2012-07-19 11:48 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-03 15:47 . 2012-07-19 11:48 15016256 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-03 15:47 . 2012-07-19 11:48 12603960 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-12-02 16:53 . 2012-07-18 15:48 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-02 16:47 . 2012-07-18 15:45 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-01 05:49 . 2012-07-19 11:48 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-01 05:49 . 2012-07-19 11:48 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-01 05:49 . 2012-07-19 11:48 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-01 05:49 . 2012-07-19 11:48 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-01 05:49 . 2012-07-19 11:48 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-01 05:48 . 2012-07-19 11:48 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-01 05:48 . 2012-07-19 11:48 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-16 08:38 . 2012-11-28 12:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 12:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 12:24 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-16 16:51 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-16 16:51 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-16 16:51 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 16:51 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-11 21:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-16 16:51 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-16 16:51 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-16 16:51 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-16 16:51 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-16 16:51 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-16 16:51 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-16 16:51 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-16 16:51 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-16 16:51 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 16:51 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-16 16:51 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 14:35 . 2012-10-19 16:58 4608 ----a-w- c:\windows\system32\drivers\vncmirror.sys
2012-10-02 14:35 . 2012-10-19 16:58 26112 ----a-w- c:\windows\system32\vncmirror.dll
2012-09-25 22:47 . 2012-11-16 16:51 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-16 16:51 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-11-28 577536]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-03 967608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]
.
c:\users\Tazz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung SSD Magician.lnk - d:\programme\Samsung SSD Magician\Samsung SSD Magician.exe [2012-7-19 2056192]
TV-Browser.url [2012-9-16 178]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Tazz\AppData\Local\Temp\ALSysIO64.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-10-10 587024]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-09-21 82384]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 vncserver;VNC Server;d:\programme\RealVNC\VNC Server\vncserver.exe [2012-10-02 4773768]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2012-12-19 68440]
R4 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-06-06 3293552]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2011-09-21 49760]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-10-10 705552]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-08-29 145696]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-07-06 93160]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-25 283200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2012-12-19 68416]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2012-09-16 116096]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys [2012-02-09 44992]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2012-12-20 34752]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 54051855
*NewlyCreated* - 75982382
*Deregistered* - 54051855
*Deregistered* - 75982382
*Deregistered* - aswMBR
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-20 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2012-12-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2012-07-02 1569192]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-12-19 1571656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: Interfaces\{24DF9C4C-8269-4C41-9A0F-1E74F4FFBE42}: NameServer = 192.168.1.2
FF - ProfilePath - c:\users\Tazz\AppData\Roaming\Mozilla\Firefox\Profiles\fydbk2t8.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - ExtSQL: 2012-11-19 20:35; elemhidehelper@adblockplus.org; c:\users\Tazz\AppData\Roaming\Mozilla\Firefox\Profiles\fydbk2t8.default\extensions\elemhidehelper@adblockplus.org.xpi
FF - ExtSQL: 2012-12-05 22:10; {a7c6cf7f-112c-4500-a7ea-39801a327e5f}; c:\users\Tazz\AppData\Roaming\Mozilla\Firefox\Profiles\fydbk2t8.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-KProbe - c:\windows\iun6002.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="7EC5B892FA6B419FBA88C2649373D77A4AEF4CF5787911A592CCE59C9FCA8C330F7E7CE85B62EEEABC32A8AFB7686555522AD1341948E6EA58191DC7B24FCDC5F60EAE154B63C3E8AE6DB8695142741ACC785E903FD39DC2BE7160C8CF8FDE692739A3BD826D69BA51157C15F366F41B67724E94FA0B8ACE03428348A1A297B38AE7C4C56CDE5F835AAC0FF9E61E2BAB42CF9506113FD5FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DBA7FD869164D67949DB7CE019D40AA5CC43A2EFC53FA761B497EA318C92C65F7B8315F0370B5A613528948D7947168BD9C7ED887410C2CDA3AC4A64122E99868CE997C9FEADEE0D5FADA0828DCAD342E587E92A04EDD3F0E9DC3CA2952E4C26FB8C42132DA932E400D53AEB9055E5ECBB527345DDA72D370E0D2A3B93B198B2F321A379BC36CE2F736061F80505A04E07358BAE70A7B6D9376C2E5F08338841A7CF44E4EEAB7B4762B7BE08547AC240DD469C7FC43627659CFD3EBE113269D7A5EA41952DAF73F89212F22E23393A34122A01F6EB5C0BAF9E8BDB331987AAE6D21EB6E42626182D2D290B1CBA5014BC626BCA920CD676D81BB28DE9A038271639201CA4D925D6249FE8482826F9C4836316EF50E4359A350C934336D89BF032184904AB7418AA4B469632D5F2840297F96DA32428B4D561898F01B882465E7BECB3832D78AB9F634D678EDCFAB7A6465AE1B36606331E2E3306625E4915D8729430BE619C9EF66B81384A3D2990E507ED4BB789C4CA10B8C9C8D018CCFC2A8A2479176F9A46868896C3A54FDD3712BB4E7BD974009F374C2EF54069CA766FBBE3AC50D8F7D0F53BE35C22578824E94C7CB17D2A922AFA70A3D1E2F489F4C93668116FE00810662C645BA647E8F05904BE9301148630F12BB1E3F97D5862F66D58766C3861D23B4E3763000E12BA608A3AA655AA25E838681AE82049F6C794D9FB98D7473036ECEAB27290E8548F9460E8108DA52E52FB8DC90A6599326CB08268856512929281808BA1DC3611EF8FC98DE5E6404126942A0E7DC9F33CE7CB824EA00BB1FCA3FDA3517F67F8328D3C1A4BBA06B783F3F22F4DC4B8716C0126525D9BDBCDF64DA47C6A797408AA46B8A6A14FB09860EEEB8D59B0CE1E5A0C9F80A5336FE8BB95371A15A53A92B97D734746711F99563EB4A91572CA461D0944209D805CFD650B6CE802272832D47E100A1B8F41F24E4DE82CE4130E8DAFA967229EFB8A2057047BB7076303A6EBF0A91258F307D4280226D82958BED378C289F4822540F75AB79F7D2D03C5D5D4F01F204F9413F9766C57C788EA994F1B7D5C596FD4E5016D1F727DDB03B21800A2E0E1A8398AE5B0A8C85D26CE7E29AEF60C298159343687A9ECF9C97"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Tazz\machine\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
@="!shallow!"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-20 16:04:13
ComboFix-quarantined-files.txt 2012-12-20 15:04
.
Vor Suchlauf: 6 Verzeichnis(se), 35.648.036.864 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 35.772.051.456 Bytes frei
.
- - End Of File - - 9358559AE01B29A3AB006ECC170FAF6F
|
|
20.12.2012, 16:16
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner mit Webcam - Windows 7 x64Zitat:
 das ist ein Synonom für Cracks und Raubkopien  Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GVU Trojaner mit Webcam - Windows 7 x64 |
| .dll, adobe, application/pdf:, autorun, avast, bho, defender, explorer, firefox, firewall, format, gvu trojaner mit webcam, internet security 2013, kaputt, launch, logfile, mozilla, nvidia, nvidia update, object, plug-in, realtek, registry, scan, software, system, taskmanager, tracker, trojaner, virus, webcam, wgsdgsdgdsgsd.exe, windows, windows 7 64 bit |
Linear-Darstellung
