Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.03.2013, 20:05   #1
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Guten Abend,

vermutlich habe ich mir einen Trojaner eingefangen. Microsoft Essentials berichtete mir kürzlich, dass der oben genannte Trojaner erkannt worden sei, ich aber nichts zu tun bräuchte.
Zunächst dachte ich, es würde mit der Installation von einem Spiel zusammenhängen, was ich in dem Moment tat. Hinterher habe ich festgestellt, dass das Problem mit dem Internetexplorer in Verbindung auftritt, ich nutze diesen eben nur, um auf meinvz.de ein einzelnes Flashspiel zu spielen.

Durch Recherchen stieß ich auf dieses Forum und fand den Hinweis, zunächst mit Malwarebytes den Rechner zu prüfen - dieser fand jedoch nichts, stoppte aber eine unerlaubte Aktion zu einer IP, als ich den IExplorer nutzen wollte. Ein erneuter Durchlauf (sowohl mit Essentials als auch mit Malwarebytes) ergab nichts.

Der Versuch, meinvz.de über meinen Standardbrowser anzuwählen, war mit "Erfolg" gekrönt - auch hier stoppte Malwarebytes einen Zugriff, ferner blockte "NoScript" Teile des Flashspiels mit einer Nachricht, dass hier eine falsche oder fremde Seite aufgerufen werden sollte.

Anbei die Textauszüge von:

OTL

Code:
ATTFilter
 
OTL logfile created on: 18.03.2013 18:45:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anti\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 55,16% Memory free
14,00 Gb Paging File | 12,06 Gb Available in Paging File | 86,19% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 46,30 Gb Free Space | 47,41% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,10 Gb Free Space | 78,09% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,51 Gb Free Space | 17,16% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,47 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,91 Gb Free Space | 90,25% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.17 11:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe
PRC - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.20 10:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.12.20 10:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.12.20 10:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.10.17 11:21:04 | 000,168,776 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe
PRC - [2012.10.17 11:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
PRC - [2011.12.03 17:10:33 | 000,189,184 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.03.11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2010.03.11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009.11.07 15:25:10 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2007.04.09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.14 07:17:31 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013.01.10 19:07:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 19:06:39 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.09 22:04:41 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.09 22:04:30 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.09 22:04:25 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013.01.09 22:04:24 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.09 22:04:23 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.09 22:04:22 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.09 22:04:20 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.09 22:04:15 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.10.17 11:21:04 | 000,168,776 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe
MOD - [2012.10.17 11:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
MOD - [2012.06.30 05:18:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
MOD - [2012.06.30 05:18:04 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
MOD - [2012.06.30 05:17:48 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTCore.dll
MOD - [2012.06.30 05:17:40 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTUI.dll
MOD - [2012.06.30 05:17:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTFC.dll
MOD - [2012.06.05 08:23:18 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSSHooks.dll
MOD - [2012.06.05 07:03:40 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTMUI.dll
MOD - [2012.06.05 07:02:42 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTUI.dll
MOD - [2012.06.05 07:02:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTFC.dll
MOD - [2011.05.01 07:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTTSH.dll
MOD - [2011.05.01 07:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTTSH.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.04.06 03:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.12 20:03:47 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 06:41:23 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.01.08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.06.19 05:12:06 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.18 19:07:26 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2011.12.03 17:10:33 | 000,189,184 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.07 15:25:10 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.02 11:23:05 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2012.04.06 06:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 02:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.09 09:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.02.19 19:57:38 | 000,871,408 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.23 16:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 16:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.10.05 10:08:44 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.24 07:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007.04.10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2007.04.10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2007.04.10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2007.04.10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2007.04.10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2007.04.10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2007.04.10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2007.04.10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2007.04.10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2007.04.10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007.04.10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007.04.10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007.04.10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007.04.10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007.04.10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007.04.10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007.04.10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007.04.10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007.04.10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012.10.17 11:21:00 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2009.09.10 08:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meinvz.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 4A C5 72 3A 59 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {900EEA37-B77F-404B-B225-D2EC298058DC}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{57B5E9C0-DDCC-4FC0-9AAA-A99EFED6CEFC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{900EEA37-B77F-404B-B225-D2EC298058DC}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8
FF - prefs.js..extensions.enabledAddons: nasanightlaunch%40example.com:0.6.20130206
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 13:50:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.06.11 18:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions
[2009.12.21 01:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.03.05 06:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions
[2013.03.03 08:09:04 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013.01.31 15:45:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.02.14 18:35:19 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi
[2013.02.23 10:59:45 | 002,345,043 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\nasanightlaunch@example.com.xpi
[2013.03.05 06:05:17 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.14 07:23:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.14 18:35:19 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.02.14 18:33:16 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013.03.08 06:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 06:41:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.03.11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010.03.11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010.03.11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010.03.11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2012.02.18 11:21:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2011.03.22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.03.11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.09 20:59:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7880B74D-1DFC-4B1E-9DFE-1EED515B6BDC}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.08.03 16:57:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.11.02 00:38:02 | 000,000,058 | -H-- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0d8e9394-cb82-11de-b0ab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0d8e9394-cb82-11de-b0ab-806e6f6e6963}\Shell\AutoRun\command - "" = J:\StarCraft II Setup.exe -- [2012.11.02 00:38:02 | 002,020,544 | ---- | M] (Blizzard Entertainment)
O33 - MountPoints2\{e47033b3-edf8-11e1-b78f-001fc61eb744}\Shell - "" = AutoRun
O33 - MountPoints2\{e47033b3-edf8-11e1-b78f-001fc61eb744}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.18 18:36:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe
[2013.03.17 13:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.17 11:13:49 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Roaming\Malwarebytes
[2013.03.17 11:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.17 11:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.17 11:13:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.17 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.17 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\Programs
[2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.03.16 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.03.16 21:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e95598d0.temp
[2013.03.16 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e7271c42.temp
[2013.03.16 20:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3a018b42.temp
[2013.03.16 17:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e6f2b040.temp
[2013.03.16 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.d48c6a9e.temp
[2013.03.16 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.a0d452d4.temp
[2013.03.16 16:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3aaca235.temp
[2013.03.16 16:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.temp
[2013.03.16 16:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.03.09 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\div. Programme
[2013.03.09 14:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.03.08 06:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.26 19:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.26 19:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.16 19:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.02.16 19:42:56 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\EA Core
[2013.02.16 19:42:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013.02.16 19:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2013.02.16 19:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.02.16 18:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.18 18:47:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.18 18:47:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.18 18:43:59 | 000,224,853 | ---- | M] () -- C:\Users\Anti\Desktop\reihenfolge.png
[2013.03.18 18:39:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.18 18:39:50 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.18 18:38:00 | 000,000,020 | ---- | M] () -- C:\Users\Anti\defogger_reenable
[2013.03.18 18:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.17 14:59:39 | 000,488,819 | ---- | M] () -- C:\Users\Anti\Desktop\Malwarezugriff.png
[2013.03.17 14:12:07 | 013,786,977 | ---- | M] () -- C:\Users\Anti\Desktop\mbar-1.01.0.1021.zip
[2013.03.17 11:40:01 | 000,377,856 | ---- | M] () -- C:\Users\Anti\Desktop\gmer_2.1.19155.exe
[2013.03.17 11:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe
[2013.03.17 11:38:53 | 000,050,477 | ---- | M] () -- C:\Users\Anti\Desktop\Defogger.exe
[2013.03.16 22:01:06 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.03.16 21:32:56 | 000,000,000 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk.temp
[2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.14 06:37:55 | 004,958,588 | ---- | M] () -- C:\Windows\{00000008-00000000-00000002-00001102-00000008-10211102}.CDF
[2013.03.09 10:31:59 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.03.06 18:11:16 | 001,642,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.06 18:11:16 | 000,707,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.06 18:11:16 | 000,660,934 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.06 18:11:16 | 000,152,908 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.06 18:11:16 | 000,125,124 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.19 22:44:46 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.18 18:43:59 | 000,224,853 | ---- | C] () -- C:\Users\Anti\Desktop\reihenfolge.png
[2013.03.18 18:38:00 | 000,000,020 | ---- | C] () -- C:\Users\Anti\defogger_reenable
[2013.03.18 18:36:36 | 013,786,977 | ---- | C] () -- C:\Users\Anti\Desktop\mbar-1.01.0.1021.zip
[2013.03.18 18:36:35 | 000,377,856 | ---- | C] () -- C:\Users\Anti\Desktop\gmer_2.1.19155.exe
[2013.03.18 18:36:35 | 000,050,477 | ---- | C] () -- C:\Users\Anti\Desktop\Defogger.exe
[2013.03.17 14:59:39 | 000,488,819 | ---- | C] () -- C:\Users\Anti\Desktop\Malwarezugriff.png
[2013.03.16 22:01:04 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.03.16 21:32:56 | 000,000,000 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk.temp
[2013.03.09 10:31:59 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.03.08 19:24:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.06.20 17:17:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.15 19:21:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.10 22:27:55 | 000,000,412 | ---- | C] () -- C:\Users\Anti\AppData\Roaming\All CPU Meter_Settings.ini
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.11.07 19:05:35 | 000,007,605 | ---- | C] () -- C:\Users\Anti\AppData\Local\Resmon.ResmonCfg
[2009.11.07 16:26:30 | 000,000,092 | ---- | C] () -- C:\Users\Anti\AppData\Local\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.07.16 13:18:04 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Bioshock2
[2010.10.02 08:18:53 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\BITS
[2012.06.11 20:01:27 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\DAEMON Tools Lite
[2009.12.06 14:07:59 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\GetRightToGo
[2012.12.06 17:58:40 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\ICAClient
[2010.07.07 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Leadertech
[2012.12.23 15:08:57 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2010.06.20 13:56:29 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Nokia
[2010.06.20 14:06:56 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\PC Suite
[2011.04.16 07:29:30 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\runic games
[2012.10.15 19:59:15 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Samsung
[2012.08.12 13:44:34 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\TeamViewer
[2009.12.21 01:08:11 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Thunderbird
[2013.03.09 10:30:57 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\TS3Client
[2009.11.07 16:30:19 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Turbine
[2011.06.18 13:17:26 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\wargaming.net
[2011.05.12 18:32:35 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\XRay Engine
 
========== Purity Check ==========
 
 

< End of report >
         
Extra
Code:
ATTFilter
 OTL Extras logfile created on: 18.03.2013 18:45:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anti\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 55,16% Memory free
14,00 Gb Paging File | 12,06 Gb Available in Paging File | 86,19% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 46,30 Gb Free Space | 47,41% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,10 Gb Free Space | 78,09% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,51 Gb Free Space | 17,16% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,47 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,91 Gb Free Space | 90,25% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09839E28-ABC0-4EA5-84A6-C580F3D27107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{15E38D09-512D-4451-85EE-1643B616963F}" = lport=58912 | protocol=17 | dir=in | name=pando media booster | 
"{2926B42D-DBB0-4AE9-9978-A99D94299ACE}" = lport=58912 | protocol=6 | dir=in | name=pando media booster | 
"{432EA76B-4942-4674-9B0F-4FBBCB43C9F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5499EFEB-2D3B-45B6-9A52-A6675273982B}" = lport=40980 | protocol=6 | dir=in | name=test authoring and execution framework service | 
"{5E7CDEBC-27D6-4A3B-AFB4-F8525D82073B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6098B9E1-CFA0-4913-B701-8BDDB0ECA4E8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6739CEF6-3B16-4347-AE82-CD15EE3D8831}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9716D1F8-70E4-4DC1-B8BD-647AC15F8628}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9A7B5E8D-8385-44AA-9E66-831CE332A3E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9B4FE28D-283B-4A53-A8FC-86D381829E54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A5311E5B-AF0F-4032-920E-89D800200892}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A5634912-DC51-49B9-9675-2B8025D224BA}" = lport=58912 | protocol=17 | dir=in | name=pando media booster | 
"{BB4EAE86-5B7C-4EDC-9215-0FE484A7E5F3}" = lport=58912 | protocol=6 | dir=in | name=pando media booster | 
"{BBC3905F-11E1-42DB-987A-B1117B46A7D5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CF10ABEB-752B-4F50-80FA-F8B50743CB63}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D262D3E9-5914-469F-994E-7A8892F09F42}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D825D0DF-D942-4E2B-B030-132318ECE4DF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DC5A2D6E-65F9-4600-BDEF-07F8E700AA6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DD5D4EA8-55BD-4746-A18A-2A2AE5702B0E}" = lport=rpc-epmap | protocol=6 | dir=in | name=test authoring and execution framework service (rpc endpoint mapper) | 
"{E690912F-1279-4008-A697-ABE0D527FE82}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E80E45A4-E645-4FC9-914D-6A7C7938F4DB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E8AA8E93-48C4-461D-9802-40745A1FB09A}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DDB7DD-176F-46E0-8896-1E813AC823E1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0C3B484D-AF1C-4960-BC5F-D8E1C9D5B29A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{0CB8A718-33E9-41DE-99CD-48543C1EF520}" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat | 
"{15D02AC0-838B-402D-911A-7E5678B592D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.exe | 
"{1D73AC2D-0F48-4128-88EE-F8478809F61D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1FC1CFE2-7E11-4E94-A1B8-FF850D84B69C}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{2038EBA0-27F8-41E0-A494-F9AAC7D7F159}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{2D32ECB0-DFD4-4D03-968D-5D11E85195DA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{2DE03716-68A2-44EA-919F-65A3429D6A27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2DE522A4-9FEE-4837-9CA5-2AF98C87009E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{2E486553-B2EA-4CD0-A4B0-66794C0A66EB}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{2EA54C13-3CA1-420F-A6A9-26E6527BA57C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{2FBBB557-F1CE-47F2-9C47-9D036CE59234}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{384D9010-4A0F-4E73-BA4B-67D0CA8FAADF}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe | 
"{38A55526-A768-4556-B563-B2E815C88C4A}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe | 
"{3925B5C4-71F7-43D5-A690-08162B9996BF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{3C56E207-E997-4375-A152-494B470C64ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{41A26827-FEDE-43DD-BC84-55A12BF53B82}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe | 
"{448E043E-D23D-4B73-A4F3-9B98023DE740}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe | 
"{47C9EC04-093A-4736-A9C0-60E9F42610CD}" = protocol=6 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe | 
"{4A5A06CB-BBE5-4F0F-B0E1-4715E261D28E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4D5C5E87-59F9-4315-AAFE-F08FC3A72662}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{50A12E94-5577-4639-BA34-EB721A16295C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5196814F-E8A8-4DBB-8683-F9E5C6988B7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{57622651-0FDD-4D3A-85ED-010AB86BCDEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{597BCAD2-F66D-45D5-ACE2-3FC044C9C54A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5BF61A3A-219F-4D81-BA49-B9A2662CB8FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5C846A4F-0183-4F6D-A687-5A9132962638}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{5CA36A3F-5B8B-474C-BECC-80049F660408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5EFC2240-DDF4-487D-A3C1-4DFB17FA5423}" = protocol=17 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe | 
"{62C54429-4C55-4309-991A-FE9C16A31FD2}" = protocol=6 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe | 
"{66F17F62-E3EF-41ED-B687-E7DC646575EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{67275120-00BF-4C5B-AFE7-1CD9F3810AE4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6ED489B5-737C-4FE8-8680-AC1C0459CD47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{73E14F3D-2241-4B49-A5F9-94B22BFA0916}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe | 
"{74C3096E-7161-4125-BF45-14F983FCEA81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{794E24B4-D7F2-445B-9E08-D25187B3E2A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{79DAAD6E-60FA-46D7-9119-B6FC5D1D15DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{7A0AF599-A862-452B-B489-11D09CC72EC5}" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat | 
"{7B0EA50E-63C2-4B1B-925C-DBEF47AB2F14}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{7B4B93FF-1CE7-4848-B361-B57E9E43E8A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{81E39794-2740-4C72-8509-568D10FDF616}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{84940352-FED9-40FD-BAAC-E6F741BB790F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{86D14627-41EF-407E-814D-89F27C7E96B0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{8A886395-C3DC-4201-BC97-5F1631E5D1E1}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{98BBEA95-315C-448B-9673-493860E5CF54}" = protocol=17 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe | 
"{9C92E0D0-6CAC-48AC-B777-3A67C1FBA851}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe | 
"{9D3F2E67-9FD5-4C68-8492-E25B9AB4CC5D}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{9DD56909-39FD-43F9-B5C1-E70D72824AF9}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | 
"{A09D62C8-D5DB-42D2-91FD-37E58F4CBEE2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{A30206A4-22AA-4916-9636-9A33E31102CB}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe | 
"{A38A8801-8823-491F-9760-6FFFBCACD04E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A559BE55-7CE4-4942-92EC-64BF018784D5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A6245B2A-4DED-4BC9-97CB-B8C50506F325}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{A8E074B9-C532-4E58-869F-AAB8DA9675B6}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{A96AB6BC-47CB-4865-8A2B-AFE7D62CB8B7}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{B167FF0A-3F5F-4E8A-9442-37DC3E61A786}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{B1939052-93B9-4E06-A371-39B0ABAE660A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{B2BCC57F-16C7-4138-9DC2-B9405667E633}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{B56C7ED0-D1E3-4CF0-B575-8B9E588964C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{B67D324F-10AD-4AEE-8839-23857FEE59FB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.exe | 
"{BC3F7C99-CAB1-406E-B646-2924CF16CBBA}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{C2A97B82-A585-44EE-9EF1-69E973F8F656}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{C2F907CB-F01E-4D95-9093-9FF7234C2AB9}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{CC08C57E-939A-441B-A2C4-17F4AD5013C5}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{D7F8167B-E09E-46CD-A36F-D3B95C0D700F}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{D88A52D6-70AE-45B9-A998-AA3C75B4E962}" = protocol=17 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe | 
"{DB678A6D-AD39-4A16-B6B0-C59C117F5055}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{E01019EC-744D-4D82-A263-F32E77C80A7F}" = protocol=6 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe | 
"{E0A7976A-F99F-421E-B320-FC8C8E151183}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EEA311B4-FAA8-4B13-91D7-376BDFBB5EEB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F4DADB3C-C2F5-4471-A223-7ED34872928E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F64FC89F-47D0-4AF9-80B5-4FAB9A80DB24}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F950C5D7-1D3E-44D7-8922-4462B0E4DAB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FA55BA45-5DB4-45E5-8B22-7250A7F3F041}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{FC325BDA-78AC-4DD4-A257-F8CDEEEF529F}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe | 
"TCP Query User{13C32560-1425-4969-B6AD-EF9816AB61AF}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat | 
"TCP Query User{15450AE5-9AA0-4F1A-B837-8ADF655448B4}F:\spiele-7\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe | 
"TCP Query User{6CFDB880-D270-4167-8806-5FE84AF66AAD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{9C7DDDFC-CF25-43DB-9666-45DD1F04AA1B}F:\spiele-7\lotro\lotroclient.exe" = protocol=6 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe | 
"TCP Query User{A5E768D8-1514-4596-ABD4-910588E4900E}F:\spiele\steam\steam.exe" = protocol=6 | dir=in | app=f:\spiele\steam\steam.exe | 
"TCP Query User{CC505C34-D773-478D-87CB-D9209D2A6907}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe | 
"TCP Query User{CCBDA70B-0F7D-4BE2-BCB0-F0B9382AA2AF}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe | 
"UDP Query User{2A7F565A-B4CA-4785-9DF3-5394D652C6B3}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{8738BDA9-F7E6-4F71-B745-A7B92124EB2E}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe | 
"UDP Query User{9FB92513-373A-452E-B7BF-AC4F26AA5699}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe | 
"UDP Query User{DD2097BB-F408-44A4-A1B0-3F161B337989}F:\spiele-7\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe | 
"UDP Query User{E6BE6D34-A68D-476E-92A1-FDB0C6A1B537}F:\spiele\steam\steam.exe" = protocol=17 | dir=in | app=f:\spiele\steam\steam.exe | 
"UDP Query User{E82EA5AB-340E-4D48-ABDE-E0C8B4019D34}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat | 
"UDP Query User{F6807266-FBD5-4F4B-BD03-71974F569FC6}F:\spiele-7\lotro\lotroclient.exe" = protocol=17 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SP6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix Online Plug-in (Web)
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3ff842b6-4ab0-4291-8ebf-0a26b3701b04}" = Windows Driver Kit
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 3.2.0
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60D66D9B-760B-4006-9443-08960A811D4C}" = Windows Driver Frameworks Update Packages
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DA2AF51-EE25-BB21-9106-FF69FC83DDB7}" = Kits Configuration Installer
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix Online Plug-in (USB)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix Online Plug-in (DV)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D1C1F497-452C-89D8-EE26-014184714B78}" = Windows Driver Kit
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix Online Plug-in (HDX)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Stalker Complete 2009 v1.4.4}}_is1" = Stalker Complete 2009 v1.4.4
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.05.01.8027
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Diablo III" = Diablo III
"EA Installer.-2062380449" = EA Installer
"Fraps" = Fraps
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrecisionX" = EVGA Precision X 3.0.4
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 8" = TeamViewer 8
"Winamp" = Winamp
"WinRAR archiver" = WinRAR Archivierer
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.03.2013 01:23:52 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: winamp.exe, Version: 5.6.1.3133, 
Zeitstempel: 0x4d88ec8b  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038dc9  ID des fehlerhaften
 Prozesses: 0x6c44  Startzeit der fehlerhaften Anwendung: 0x01ce1af3e82e1ca6  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Winamp\winamp.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 329e8adf-86e7-11e2-8594-001fc61eb744
 
Error - 07.03.2013 14:16:08 | Computer Name = Chaos-Kiste | Source = Application Hang | ID = 1002
Description = Programm WorldOfTanks.exe, Version 0.8.4.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: d24    Startzeit: 
01ce1b5f83909598    Endzeit: 96    Anwendungspfad: F:\Spiele-7\World_of_Tanks\WorldOfTanks.exe

Berichts-ID:
   
 
Error - 08.03.2013 14:22:41 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a1d3  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a0ed  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00172818  ID des fehlerhaften
 Prozesses: 0x2b48  Startzeit der fehlerhaften Anwendung: 0x01ce1c29d52e8977  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 29439745-881d-11e2-b42a-001fc61eb744
 
Error - 11.03.2013 01:16:05 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lcdmon.exe, Version: 3.6.109.0, Zeitstempel:
 0x4c58421d  Name des fehlerhaften Moduls: lcdmon.exe, Version: 3.6.109.0, Zeitstempel:
 0x4c58421d  Ausnahmecode: 0x40000015  Fehleroffset: 0x000000000009f674  ID des fehlerhaften
 Prozesses: 0xbb0  Startzeit der fehlerhaften Anwendung: 0x01ce1d6775f12fe7  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
Berichtskennung:
 c568f5d2-8a0a-11e2-86a8-001fc61eb744
 
Error - 11.03.2013 01:44:29 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a1d3  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a0ed  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00172818  ID des fehlerhaften
 Prozesses: 0xac4  Startzeit der fehlerhaften Anwendung: 0x01ce1e177361144c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 bd2d1dab-8a0e-11e2-86a8-001fc61eb744
 
Error - 12.03.2013 16:50:46 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a1d3  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a0ed  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00172818  ID des fehlerhaften
 Prozesses: 0x654c  Startzeit der fehlerhaften Anwendung: 0x01ce1f5ea104099e  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 82daa783-8b56-11e2-86a8-001fc61eb744
 
Error - 14.03.2013 01:40:33 | Computer Name = Chaos-Kiste | Source = Windows Search Service | ID = 3007
Description = 
 
Error - 16.03.2013 11:38:39 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a1d3  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a0ed  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00172818  ID des fehlerhaften
 Prozesses: 0xe14  Startzeit der fehlerhaften Anwendung: 0x01ce225b7e298738  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 925ae5d7-8e4f-11e2-ba6e-001fc61eb744
 
Error - 16.03.2013 16:14:37 | Computer Name = Chaos-Kiste | Source = Application Hang | ID = 1002
Description = Programm fraps.exe, Version 3.5.9.15587 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 838    Startzeit: 
01ce225b0eac4df0    Endzeit: 90    Anwendungspfad: C:\Fraps\fraps.exe    Berichts-ID:   
 
Error - 18.03.2013 12:43:53 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LCDMon.exe, Version: 3.6.109.0, Zeitstempel:
 0x4c58421d  Name des fehlerhaften Moduls: LCDMon.exe, Version: 3.6.109.0, Zeitstempel:
 0x4c58421d  Ausnahmecode: 0x40000015  Fehleroffset: 0x000000000009f674  ID des fehlerhaften
 Prozesses: 0xf5c  Startzeit der fehlerhaften Anwendung: 0x01ce23293ea5558c  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Berichtskennung:
 0453c2e1-8feb-11e2-b3ff-001fc61eb744
 
[ System Events ]
Error - 16.03.2013 11:29:36 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 08:40:29 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 08:40:35 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 11:54:52 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 11:55:12 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 11:55:14 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst MsMpSvc erreicht.
 
Error - 17.03.2013 12:04:53 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 17.03.2013 12:04:56 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 18.03.2013 13:40:05 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 18.03.2013 13:40:09 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
 
< End of report >
         
GMER

Code:
ATTFilter
 GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-18 19:38:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HD753LJ rev.1AA01118 698,64GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\Anti\AppData\Local\Temp\fwriipog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                   0000000072831a22 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                   0000000072831ad0 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                   0000000072831b08 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                   0000000072831bba 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                   0000000072831bda 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                  0000000072831a22 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                  0000000072831ad0 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                  0000000072831b08 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                  0000000072831bba 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                  0000000072831bda 2 bytes [83, 72]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                           0000000075f01465 2 bytes [F0, 75]
.text   C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                          0000000075f014bb 2 bytes [F0, 75]
.text   ...                                                                                                                                      * 2
.text   C:\Program Files (x86)\Samsung\Kies\Kies.exe[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                               0000000075f01465 2 bytes [F0, 75]
.text   C:\Program Files (x86)\Samsung\Kies\Kies.exe[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                              0000000075f014bb 2 bytes [F0, 75]
.text   ...                                                                                                                                      * 2
.text   C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3284] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint               0000000077a1000c 1 byte [C3]
.text   C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3284] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin          0000000077a9f85a 5 bytes JMP 0000000177a4d571
.text   C:\Program Files (x86)\Skype\Phone\Skype.exe[3516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                               0000000075f01465 2 bytes [F0, 75]
.text   C:\Program Files (x86)\Skype\Phone\Skype.exe[3516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                              0000000075f014bb 2 bytes [F0, 75]
.text   ...                                                                                                                                      * 2
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075f01465 2 bytes [F0, 75]
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075f014bb 2 bytes [F0, 75]
.text   ...                                                                                                                                      * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\svchost.exe [472:1732]                                                                                               000007fef63f0ea8
Thread  C:\Windows\system32\svchost.exe [472:1836]                                                                                               000007fef63e9db0
Thread  C:\Windows\system32\svchost.exe [472:2564]                                                                                               000007fef63f1c94
Thread  C:\Windows\system32\svchost.exe [472:944]                                                                                                000007fef63eaa10
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [1792:5116]                                                                           000007fefc2a2a7c
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [1792:5188]                                                                           000007fef6cf5124

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                         
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                      C:\Program Files (x86)\DAEMON Tools Lite\
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xEE 0x9D 0x5B 0x8A ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                          0x87 0xAE 0xC3 0xC2 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                           
Reg     HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                     0x13 0x89 0xC3 0x9E ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                     
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                          C:\Program Files (x86)\DAEMON Tools Lite\
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                          0
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                       0xEE 0x9D 0x5B 0x8A ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                            
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                 0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                              0x87 0xAE 0xC3 0xC2 ...
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                       
Reg     HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                         0x13 0x89 0xC3 0x9E ...

---- EOF - GMER 2.1 ----
         
Ich hoffe, die nötigen Informationen sind korrekt abgebildet.

Vielen Dank im Vorab!

Alt 19.03.2013, 12:52   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Hallo und

Zitat:
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Warum bitte eine Ultimate-Edition für Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 19.03.2013, 18:44   #3
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Hallo Cosinus,

nein, dies ist kein Firmen PC, der hätte wahrscheinlich nicht Anti als Benutzername oder Chaos-Kiste als Computer Bezeichnung. Meine liebe Freundin hatte seinerzeit ein Erbarmen mit mir und hatte sich die Ultimate Edition gekauft, wo auch ein Schlüssel für mich abfiel (warum diese Version entzieht sich auch meinem Verständnis, aber egal, nem geschenktem Gaul...). Sonst wäre ich tatsächlich noch bei XP geblieben, oder eventuell auch schon bei 8 angelangt (mit Vista bin ich nicht warm geworden).

Ich hatte Malwarebytes nicht gepostet, da das System nichts gefunden hatte - scusi, hier nun das Logfile

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.17.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anti :: CHAOS-KISTE [Administrator]

Schutz: Aktiviert

17.03.2013 17:07:52
mbam-log-2013-03-17 (17-07-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 389994
Laufzeit: 40 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
__________________

Alt 20.03.2013, 10:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Ok, danke für die kurze Erklärung zu Ultimate

Zitat:
Microsoft Essentials berichtete mir kürzlich, dass der oben genannte Trojaner erkannt worden sei, ich aber nichts zu tun bräuchte.
Hast du da noch den Fundort zu?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.03.2013, 19:26   #5
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Hi Cosinus,

entschuldige bitte die späte Antwort, aber Essentials Infos abzuringen, ist garnicht so einfach. Dank der Ereignisanzeige und viel Geduld hab ich doch noch einen Eintrag gefunden:

Code:
ATTFilter
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
 Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
 	Name: Trojan:JS/Seedabutor.B
 	ID: 2147678632
 	Schweregrad: Schwerwiegend
 	Kategorie: Trojaner
 	Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PH9RS6D\s59215310232470[1].htm
 	Ursprung der Erkennung: Internet
 	Typ der Erkennung: Konkret
 	Quelle der Erkennung: Echtzeitschutz
 	Benutzer: Chaos-Kiste\Anti
 	Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 	Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
 	Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
 Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
 	Name: Trojan:JS/Seedabutor.B
 	ID: 2147678632
 	Schweregrad: Schwerwiegend
 	Kategorie: Trojaner
 	Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKOZHO68\s59089406316513[1].htm
 	Ursprung der Erkennung: Internet
 	Typ der Erkennung: Konkret
 	Quelle der Erkennung: Echtzeitschutz
 	Benutzer: Chaos-Kiste\Anti
 	Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 	Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
 	Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0

Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
 Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
 	Name: Trojan:JS/Seedabutor.B
 	ID: 2147678632
 	Schweregrad: Schwerwiegend
 	Kategorie: Trojaner
 	Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOR3J0TK\s52734453937041[1].htm
 	Ursprung der Erkennung: Internet
 	Typ der Erkennung: Konkret
 	Quelle der Erkennung: Echtzeitschutz
 	Benutzer: Chaos-Kiste\Anti
 	Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 	Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
 	Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0

Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
 Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
 	Name: Trojan:JS/Seedabutor.B
 	ID: 2147678632
 	Schweregrad: Schwerwiegend
 	Kategorie: Trojaner
 	Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKOZHO68\s53227908140648[1].htm
 	Ursprung der Erkennung: Internet
 	Typ der Erkennung: Konkret
 	Quelle der Erkennung: Echtzeitschutz
 	Benutzer: Chaos-Kiste\Anti
 	Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 	Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
 	Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0

Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
 Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
 	Name: Trojan:JS/Seedabutor.B
 	ID: 2147678632
 	Schweregrad: Schwerwiegend
 	Kategorie: Trojaner
 	Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AI3GDSMS\s57697688038445[1].htm
 	Ursprung der Erkennung: Internet
 	Typ der Erkennung: Konkret
 	Quelle der Erkennung: Echtzeitschutz
 	Benutzer: Chaos-Kiste\Anti
 	Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
 	Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
 	Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
         
Update 19:30: Habe alle Funde im Code eingebunden.


Alt 20.03.2013, 23:05   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B

Alt 21.03.2013, 17:17   #7
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Während mein Mikrowellenfrass dahinköchelt, poste ich die Berichte der drei Scans:

MBAR
Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.838000 GHz
Memory total: 4294033408, free: 2559893504

------------ Kernel report ------------
     03/21/2013 16:44:19
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk62x64.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\teamviewervpn.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\LUsbFilt.Sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\cpuz135_x64.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\oleaut32.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004d7a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa8004b15060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.03.21.10
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 4
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d7a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d7ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d7a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80049489b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004b15060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a003208180, 0xfffffa8004d7a060, 0xfffffa8006a7f790
Lower DeviceData: 0xfffff8a00e7914e0, 0xfffffa8004b15060, 0xfffffa80040640f0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 4
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 81B7869C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 209728512
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 209728575  Numsec = 1255415490

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1465129168-1465149168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
         
aswMBR

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-21 16:53:35
-----------------------------
16:53:35.119    OS Version: Windows x64 6.1.7601 Service Pack 1
16:53:35.119    Number of processors: 4 586 0x170A
16:53:35.119    ComputerName: CHAOS-KISTE  UserName: Anti
16:53:35.499    Initialize success
16:55:24.509    AVAST engine defs: 13032101
16:57:59.977    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:57:59.977    Disk 0 Vendor: SAMSUNG_HD753LJ 1AA01118 Size: 715404MB BusType: 3
16:58:00.107    Disk 0 MBR read successfully
16:58:00.107    Disk 0 MBR scan
16:58:00.117    Disk 0 Windows 7 default MBR code
16:58:00.117    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       102406 MB offset 63
16:58:00.117    Disk 0 Partition - 00     0F Extended LBA            612995 MB offset 209728575
16:58:00.147    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       199996 MB offset 209728638
16:58:00.147    Disk 0 Partition - 00     05     Extended             99998 MB offset 619321815
16:58:00.187    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        99998 MB offset 619321878
16:58:00.187    Disk 0 Partition - 00     05     Extended             99998 MB offset 1233711675
16:58:00.227    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS        99998 MB offset 824118498
16:58:00.227    Disk 0 Partition - 00     05     Extended            213002 MB offset 1643304915
16:58:00.247    Disk 0 Partition 5 00     07    HPFS/NTFS NTFS       106555 MB offset 1028915118
16:58:00.277    Disk 0 scanning C:\Windows\system32\drivers
16:58:08.177    Service scanning
16:58:24.787    Modules scanning
16:58:24.787    Disk 0 trace - called modules:
16:58:24.797    
16:58:25.127    AVAST engine scan C:\Windows
16:58:26.367    AVAST engine scan C:\Windows\system32
17:00:46.847    AVAST engine scan C:\Windows\system32\drivers
17:00:56.747    AVAST engine scan C:\Users\Anti
17:05:42.337    AVAST engine scan C:\ProgramData
17:07:15.198    Scan finished successfully
17:10:18.898    Disk 0 MBR has been saved successfully to "C:\Users\Anti\Desktop\MBR.dat"
17:10:18.898    The log file has been saved successfully to "C:\Users\Anti\Desktop\aswMBR.txt"
         
TDSS-Killer
Code:
ATTFilter
17:10:49.0228 3024  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:10:49.0248 3024  ============================================================
17:10:49.0248 3024  Current date / time: 2013/03/21 17:10:49.0248
17:10:49.0248 3024  SystemInfo:
17:10:49.0248 3024  
17:10:49.0248 3024  OS Version: 6.1.7601 ServicePack: 1.0
17:10:49.0248 3024  Product type: Workstation
17:10:49.0248 3024  ComputerName: CHAOS-KISTE
17:10:49.0248 3024  UserName: Anti
17:10:49.0248 3024  Windows directory: C:\Windows
17:10:49.0248 3024  System windows directory: C:\Windows
17:10:49.0248 3024  Running under WOW64
17:10:49.0248 3024  Processor architecture: Intel x64
17:10:49.0248 3024  Number of processors: 4
17:10:49.0248 3024  Page size: 0x1000
17:10:49.0248 3024  Boot type: Normal boot
17:10:49.0248 3024  ============================================================
17:10:50.0318 3024  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:10:50.0318 3024  ============================================================
17:10:50.0318 3024  \Device\Harddisk0\DR0:
17:10:50.0318 3024  MBR partitions:
17:10:50.0318 3024  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
17:10:50.0348 3024  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
17:10:50.0348 3024  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
17:10:50.0368 3024  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
17:10:50.0388 3024  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
17:10:50.0388 3024  ============================================================
17:10:50.0428 3024  C: <-> \Device\Harddisk0\DR0\Partition4
17:10:50.0458 3024  D: <-> \Device\Harddisk0\DR0\Partition1
17:10:50.0488 3024  F: <-> \Device\Harddisk0\DR0\Partition2
17:10:50.0538 3024  G: <-> \Device\Harddisk0\DR0\Partition3
17:10:50.0578 3024  H: <-> \Device\Harddisk0\DR0\Partition5
17:10:50.0578 3024  ============================================================
17:10:50.0578 3024  Initialize success
17:10:50.0578 3024  ============================================================
17:10:53.0308 2864  ============================================================
17:10:53.0308 2864  Scan started
17:10:53.0308 2864  Mode: Manual; 
17:10:53.0308 2864  ============================================================
17:10:54.0358 2864  ================ Scan system memory ========================
17:10:54.0358 2864  System memory - ok
17:10:54.0358 2864  ================ Scan services =============================
17:10:54.0468 2864  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:10:54.0478 2864  1394ohci - ok
17:10:54.0508 2864  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:10:54.0508 2864  ACPI - ok
17:10:54.0518 2864  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:10:54.0518 2864  AcpiPmi - ok
17:10:54.0648 2864  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:54.0648 2864  AdobeARMservice - ok
17:10:54.0778 2864  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:54.0778 2864  AdobeFlashPlayerUpdateSvc - ok
17:10:54.0828 2864  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:10:54.0838 2864  adp94xx - ok
17:10:54.0848 2864  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:10:54.0848 2864  adpahci - ok
17:10:54.0868 2864  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:10:54.0868 2864  adpu320 - ok
17:10:54.0888 2864  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:10:54.0888 2864  AeLookupSvc - ok
17:10:54.0938 2864  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:10:54.0938 2864  AFD - ok
17:10:54.0948 2864  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:10:54.0948 2864  agp440 - ok
17:10:54.0968 2864  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:10:54.0968 2864  ALG - ok
17:10:54.0978 2864  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:10:54.0978 2864  aliide - ok
17:10:55.0038 2864  [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:10:55.0048 2864  AMD External Events Utility - ok
17:10:55.0058 2864  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:10:55.0058 2864  amdide - ok
17:10:55.0058 2864  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:10:55.0058 2864  AmdK8 - ok
17:10:55.0288 2864  [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:10:55.0388 2864  amdkmdag - ok
17:10:55.0468 2864  [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:10:55.0468 2864  amdkmdap - ok
17:10:55.0478 2864  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:10:55.0478 2864  AmdPPM - ok
17:10:55.0508 2864  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:10:55.0508 2864  amdsata - ok
17:10:55.0528 2864  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:10:55.0528 2864  amdsbs - ok
17:10:55.0538 2864  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:10:55.0538 2864  amdxata - ok
17:10:55.0598 2864  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:10:55.0598 2864  AppID - ok
17:10:55.0618 2864  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:10:55.0618 2864  AppIDSvc - ok
17:10:55.0658 2864  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:10:55.0658 2864  Appinfo - ok
17:10:55.0678 2864  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:10:55.0688 2864  AppMgmt - ok
17:10:55.0698 2864  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:10:55.0698 2864  arc - ok
17:10:55.0698 2864  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:10:55.0698 2864  arcsas - ok
17:10:55.0808 2864  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:55.0818 2864  aspnet_state - ok
17:10:55.0828 2864  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:55.0828 2864  AsyncMac - ok
17:10:55.0848 2864  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:10:55.0848 2864  atapi - ok
17:10:55.0888 2864  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:10:55.0888 2864  AtiHDAudioService - ok
17:10:55.0908 2864  [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:10:55.0908 2864  AtiHdmiService - ok
17:10:55.0938 2864  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:55.0948 2864  AudioEndpointBuilder - ok
17:10:55.0958 2864  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:10:55.0958 2864  AudioSrv - ok
17:10:55.0988 2864  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:10:55.0988 2864  AxInstSV - ok
17:10:56.0008 2864  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:10:56.0018 2864  b06bdrv - ok
17:10:56.0038 2864  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:10:56.0038 2864  b57nd60a - ok
17:10:56.0068 2864  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:10:56.0068 2864  BDESVC - ok
17:10:56.0078 2864  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:10:56.0078 2864  Beep - ok
17:10:56.0108 2864  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:10:56.0118 2864  BFE - ok
17:10:56.0138 2864  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:10:56.0148 2864  BITS - ok
17:10:56.0158 2864  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:56.0158 2864  blbdrive - ok
17:10:56.0178 2864  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:10:56.0178 2864  bowser - ok
17:10:56.0178 2864  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:10:56.0178 2864  BrFiltLo - ok
17:10:56.0188 2864  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:10:56.0188 2864  BrFiltUp - ok
17:10:56.0208 2864  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:10:56.0208 2864  Browser - ok
17:10:56.0218 2864  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:10:56.0218 2864  Brserid - ok
17:10:56.0228 2864  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:56.0228 2864  BrSerWdm - ok
17:10:56.0248 2864  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:56.0248 2864  BrUsbMdm - ok
17:10:56.0258 2864  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:56.0258 2864  BrUsbSer - ok
17:10:56.0268 2864  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:56.0268 2864  BTHMODEM - ok
17:10:56.0268 2864  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:10:56.0268 2864  bthserv - ok
17:10:56.0278 2864  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:10:56.0278 2864  cdfs - ok
17:10:56.0318 2864  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:10:56.0318 2864  cdrom - ok
17:10:56.0338 2864  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:10:56.0338 2864  CertPropSvc - ok
17:10:56.0338 2864  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:10:56.0338 2864  circlass - ok
17:10:56.0378 2864  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:10:56.0378 2864  CLFS - ok
17:10:56.0428 2864  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:56.0428 2864  clr_optimization_v2.0.50727_32 - ok
17:10:56.0478 2864  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:10:56.0478 2864  clr_optimization_v2.0.50727_64 - ok
17:10:56.0538 2864  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:56.0538 2864  clr_optimization_v4.0.30319_32 - ok
17:10:56.0558 2864  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:10:56.0578 2864  clr_optimization_v4.0.30319_64 - ok
17:10:56.0588 2864  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:56.0588 2864  CmBatt - ok
17:10:56.0598 2864  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:10:56.0598 2864  cmdide - ok
17:10:56.0618 2864  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:10:56.0628 2864  CNG - ok
17:10:56.0648 2864  [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL    C:\Windows\system32\COMMONFX.DLL
17:10:56.0658 2864  COMMONFX.DLL - ok
17:10:56.0668 2864  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:10:56.0668 2864  Compbatt - ok
17:10:56.0688 2864  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:10:56.0688 2864  CompositeBus - ok
17:10:56.0688 2864  COMSysApp - ok
17:10:56.0738 2864  [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
17:10:56.0738 2864  cpuz135 - ok
17:10:56.0758 2864  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:10:56.0758 2864  crcdisk - ok
17:10:56.0788 2864  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:10:56.0788 2864  CryptSvc - ok
17:10:56.0818 2864  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
17:10:56.0818 2864  CSC - ok
17:10:56.0848 2864  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
17:10:56.0858 2864  CscService - ok
17:10:56.0878 2864  [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL     C:\Windows\system32\CT20XUT.DLL
17:10:56.0878 2864  CT20XUT.DLL - ok
17:10:56.0918 2864  [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
17:10:56.0928 2864  ctac32k - ok
17:10:56.0958 2864  [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
17:10:56.0968 2864  ctaud2k - ok
17:10:56.0988 2864  [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL     C:\Windows\system32\CTAUDFX.DLL
17:10:56.0998 2864  CTAUDFX.DLL - ok
17:10:57.0008 2864  [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL    C:\Windows\system32\CTEAPSFX.DLL
17:10:57.0008 2864  CTEAPSFX.DLL - ok
17:10:57.0028 2864  [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL    C:\Windows\system32\CTEDSPFX.DLL
17:10:57.0028 2864  CTEDSPFX.DLL - ok
17:10:57.0038 2864  [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL    C:\Windows\system32\CTEDSPIO.DLL
17:10:57.0038 2864  CTEDSPIO.DLL - ok
17:10:57.0068 2864  [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL    C:\Windows\system32\CTEDSPSY.DLL
17:10:57.0068 2864  CTEDSPSY.DLL - ok
17:10:57.0068 2864  [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL    C:\Windows\system32\CTERFXFX.DLL
17:10:57.0078 2864  CTERFXFX.DLL - ok
17:10:57.0108 2864  [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL    C:\Windows\system32\CTEXFIFX.DLL
17:10:57.0118 2864  CTEXFIFX.DLL - ok
17:10:57.0128 2864  [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL     C:\Windows\system32\CTHWIUT.DLL
17:10:57.0128 2864  CTHWIUT.DLL - ok
17:10:57.0138 2864  [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
17:10:57.0138 2864  ctprxy2k - ok
17:10:57.0158 2864  [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL     C:\Windows\system32\CTSBLFX.DLL
17:10:57.0168 2864  CTSBLFX.DLL - ok
17:10:57.0178 2864  [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
17:10:57.0178 2864  ctsfm2k - ok
17:10:57.0218 2864  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
17:10:57.0228 2864  ctxusbm - ok
17:10:57.0248 2864  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:10:57.0248 2864  DcomLaunch - ok
17:10:57.0278 2864  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:10:57.0278 2864  defragsvc - ok
17:10:57.0308 2864  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:10:57.0308 2864  DfsC - ok
17:10:57.0358 2864  DgiVecp - ok
17:10:57.0388 2864  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:10:57.0398 2864  dg_ssudbus - ok
17:10:57.0488 2864  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:10:57.0498 2864  Dhcp - ok
17:10:57.0518 2864  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:10:57.0518 2864  discache - ok
17:10:57.0568 2864  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:10:57.0568 2864  Disk - ok
17:10:57.0588 2864  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:10:57.0588 2864  Dnscache - ok
17:10:57.0618 2864  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:10:57.0628 2864  dot3svc - ok
17:10:57.0658 2864  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:10:57.0658 2864  DPS - ok
17:10:57.0698 2864  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:10:57.0698 2864  drmkaud - ok
17:10:57.0728 2864  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:10:57.0738 2864  DXGKrnl - ok
17:10:57.0778 2864  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:10:57.0778 2864  EapHost - ok
17:10:57.0838 2864  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:10:57.0868 2864  ebdrv - ok
17:10:57.0878 2864  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:10:57.0878 2864  EFS - ok
17:10:57.0918 2864  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:10:57.0928 2864  ehRecvr - ok
17:10:57.0948 2864  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:10:57.0958 2864  ehSched - ok
17:10:57.0988 2864  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:10:57.0998 2864  elxstor - ok
17:10:58.0008 2864  [ 1E2F860D9521FB73566C85CD17D58291 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
17:10:58.0018 2864  emupia - ok
17:10:58.0018 2864  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:10:58.0018 2864  ErrDev - ok
17:10:58.0038 2864  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:10:58.0048 2864  EventSystem - ok
17:10:58.0048 2864  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:10:58.0048 2864  exfat - ok
17:10:58.0058 2864  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:10:58.0058 2864  fastfat - ok
17:10:58.0108 2864  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:10:58.0108 2864  Fax - ok
17:10:58.0148 2864  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:10:58.0148 2864  fdc - ok
17:10:58.0278 2864  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:10:58.0308 2864  fdPHost - ok
17:10:58.0328 2864  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:10:58.0328 2864  FDResPub - ok
17:10:58.0328 2864  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:10:58.0328 2864  FileInfo - ok
17:10:58.0348 2864  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:10:58.0348 2864  Filetrace - ok
17:10:58.0358 2864  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:58.0358 2864  flpydisk - ok
17:10:58.0368 2864  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:10:58.0368 2864  FltMgr - ok
17:10:58.0448 2864  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:10:58.0468 2864  FontCache - ok
17:10:58.0498 2864  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:58.0498 2864  FontCache3.0.0.0 - ok
17:10:58.0508 2864  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:10:58.0508 2864  FsDepends - ok
17:10:58.0528 2864  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:10:58.0528 2864  Fs_Rec - ok
17:10:58.0598 2864  [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
17:10:58.0598 2864  Futuremark SystemInfo Service - ok
17:10:58.0638 2864  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:10:58.0638 2864  fvevol - ok
17:10:58.0668 2864  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:10:58.0668 2864  gagp30kx - ok
17:10:58.0688 2864  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:10:58.0688 2864  gpsvc - ok
17:10:58.0758 2864  [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k        C:\Windows\system32\drivers\ha10kx2k.sys
17:10:58.0768 2864  ha10kx2k - ok
17:10:58.0788 2864  [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k        C:\Windows\system32\drivers\hap16v2k.sys
17:10:58.0788 2864  hap16v2k - ok
17:10:58.0828 2864  [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k        C:\Windows\system32\drivers\hap17v2k.sys
17:10:58.0828 2864  hap17v2k - ok
17:10:58.0838 2864  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:10:58.0838 2864  hcw85cir - ok
17:10:58.0878 2864  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:58.0878 2864  HdAudAddService - ok
17:10:58.0908 2864  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:10:58.0908 2864  HDAudBus - ok
17:10:58.0918 2864  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:10:58.0918 2864  HidBatt - ok
17:10:58.0928 2864  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:10:58.0928 2864  HidBth - ok
17:10:58.0938 2864  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:10:58.0938 2864  HidIr - ok
17:10:58.0968 2864  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:10:58.0968 2864  hidserv - ok
17:10:58.0998 2864  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:10:58.0998 2864  HidUsb - ok
17:10:59.0018 2864  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:10:59.0028 2864  hkmsvc - ok
17:10:59.0038 2864  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:59.0048 2864  HomeGroupListener - ok
17:10:59.0068 2864  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:59.0068 2864  HomeGroupProvider - ok
17:10:59.0108 2864  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:10:59.0108 2864  HpSAMD - ok
17:10:59.0138 2864  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:10:59.0148 2864  HTTP - ok
17:10:59.0188 2864  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:10:59.0188 2864  hwpolicy - ok
17:10:59.0208 2864  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:10:59.0208 2864  i8042prt - ok
17:10:59.0218 2864  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:10:59.0218 2864  iaStorV - ok
17:10:59.0258 2864  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:59.0268 2864  idsvc - ok
17:10:59.0288 2864  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:10:59.0288 2864  iirsp - ok
17:10:59.0328 2864  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:10:59.0328 2864  IKEEXT - ok
17:10:59.0358 2864  IntcAzAudAddService - ok
17:10:59.0368 2864  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:10:59.0368 2864  intelide - ok
17:10:59.0378 2864  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:10:59.0388 2864  intelppm - ok
17:10:59.0408 2864  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:10:59.0408 2864  IPBusEnum - ok
17:10:59.0418 2864  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:59.0418 2864  IpFilterDriver - ok
17:10:59.0448 2864  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:10:59.0448 2864  iphlpsvc - ok
17:10:59.0458 2864  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:10:59.0468 2864  IPMIDRV - ok
17:10:59.0468 2864  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:10:59.0468 2864  IPNAT - ok
17:10:59.0478 2864  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:10:59.0478 2864  IRENUM - ok
17:10:59.0478 2864  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:10:59.0478 2864  isapnp - ok
17:10:59.0498 2864  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:10:59.0498 2864  iScsiPrt - ok
17:10:59.0518 2864  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:59.0518 2864  kbdclass - ok
17:10:59.0538 2864  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:59.0538 2864  kbdhid - ok
17:10:59.0548 2864  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:10:59.0548 2864  KeyIso - ok
17:10:59.0568 2864  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:10:59.0568 2864  KSecDD - ok
17:10:59.0588 2864  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:10:59.0588 2864  KSecPkg - ok
17:10:59.0608 2864  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:10:59.0608 2864  ksthunk - ok
17:10:59.0638 2864  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:10:59.0648 2864  KtmRm - ok
17:10:59.0668 2864  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:10:59.0668 2864  LanmanServer - ok
17:10:59.0678 2864  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:59.0678 2864  LanmanWorkstation - ok
17:10:59.0788 2864  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:10:59.0788 2864  LBTServ - ok
17:10:59.0818 2864  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
17:10:59.0818 2864  LGBusEnum - ok
17:10:59.0908 2864  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:10:59.0908 2864  LGVirHid - ok
17:10:59.0968 2864  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:10:59.0968 2864  LHidFilt - ok
17:10:59.0978 2864  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:10:59.0978 2864  lltdio - ok
17:10:59.0988 2864  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:10:59.0998 2864  lltdsvc - ok
17:11:00.0008 2864  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:11:00.0008 2864  lmhosts - ok
17:11:00.0018 2864  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:11:00.0018 2864  LMouFilt - ok
17:11:00.0028 2864  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:11:00.0028 2864  LSI_FC - ok
17:11:00.0048 2864  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:11:00.0048 2864  LSI_SAS - ok
17:11:00.0048 2864  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:11:00.0048 2864  LSI_SAS2 - ok
17:11:00.0058 2864  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:11:00.0058 2864  LSI_SCSI - ok
17:11:00.0098 2864  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:11:00.0098 2864  luafv - ok
17:11:00.0118 2864  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
17:11:00.0118 2864  LUsbFilt - ok
17:11:00.0178 2864  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:11:00.0178 2864  MBAMProtector - ok
17:11:00.0228 2864  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:11:00.0238 2864  MBAMScheduler - ok
17:11:00.0278 2864  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:11:00.0278 2864  MBAMService - ok
17:11:00.0298 2864  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:11:00.0298 2864  Mcx2Svc - ok
17:11:00.0318 2864  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:11:00.0318 2864  megasas - ok
17:11:00.0328 2864  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:11:00.0328 2864  MegaSR - ok
17:11:00.0348 2864  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:11:00.0348 2864  MMCSS - ok
17:11:00.0358 2864  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:11:00.0358 2864  Modem - ok
17:11:00.0378 2864  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:11:00.0378 2864  monitor - ok
17:11:00.0408 2864  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:11:00.0408 2864  mouclass - ok
17:11:00.0408 2864  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:11:00.0418 2864  mouhid - ok
17:11:00.0428 2864  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:11:00.0438 2864  mountmgr - ok
17:11:00.0478 2864  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:11:00.0478 2864  MozillaMaintenance - ok
17:11:00.0538 2864  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:11:00.0538 2864  MpFilter - ok
17:11:00.0548 2864  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:11:00.0548 2864  mpio - ok
17:11:00.0568 2864  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:11:00.0568 2864  mpsdrv - ok
17:11:00.0598 2864  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:11:00.0608 2864  MpsSvc - ok
17:11:00.0628 2864  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:11:00.0628 2864  MRxDAV - ok
17:11:00.0648 2864  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:00.0648 2864  mrxsmb - ok
17:11:00.0678 2864  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:00.0678 2864  mrxsmb10 - ok
17:11:00.0688 2864  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:00.0688 2864  mrxsmb20 - ok
17:11:00.0708 2864  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:11:00.0708 2864  msahci - ok
17:11:00.0728 2864  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:11:00.0728 2864  msdsm - ok
17:11:00.0738 2864  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:11:00.0738 2864  MSDTC - ok
17:11:00.0758 2864  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:11:00.0758 2864  Msfs - ok
17:11:00.0768 2864  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:11:00.0768 2864  mshidkmdf - ok
17:11:00.0778 2864  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:11:00.0778 2864  msisadrv - ok
17:11:00.0848 2864  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:11:00.0848 2864  MSiSCSI - ok
17:11:00.0848 2864  msiserver - ok
17:11:00.0868 2864  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:11:00.0868 2864  MSKSSRV - ok
17:11:00.0928 2864  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:11:00.0928 2864  MsMpSvc - ok
17:11:00.0958 2864  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:00.0958 2864  MSPCLOCK - ok
17:11:00.0958 2864  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:11:00.0958 2864  MSPQM - ok
17:11:00.0978 2864  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:11:00.0988 2864  MsRPC - ok
17:11:00.0998 2864  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:11:00.0998 2864  mssmbios - ok
17:11:01.0018 2864  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:11:01.0018 2864  MSTEE - ok
17:11:01.0018 2864  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:11:01.0018 2864  MTConfig - ok
17:11:01.0048 2864  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:11:01.0048 2864  MTsensor - ok
17:11:01.0078 2864  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:11:01.0078 2864  Mup - ok
17:11:01.0098 2864  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:11:01.0098 2864  napagent - ok
17:11:01.0128 2864  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:11:01.0138 2864  NativeWifiP - ok
17:11:01.0198 2864  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:11:01.0208 2864  NDIS - ok
17:11:01.0228 2864  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:01.0228 2864  NdisCap - ok
17:11:01.0238 2864  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:01.0238 2864  NdisTapi - ok
17:11:01.0258 2864  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:01.0258 2864  Ndisuio - ok
17:11:01.0278 2864  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:01.0278 2864  NdisWan - ok
17:11:01.0288 2864  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:11:01.0288 2864  NDProxy - ok
17:11:01.0298 2864  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:11:01.0298 2864  NetBIOS - ok
17:11:01.0318 2864  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:11:01.0318 2864  NetBT - ok
17:11:01.0328 2864  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:11:01.0328 2864  Netlogon - ok
17:11:01.0348 2864  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:11:01.0348 2864  Netman - ok
17:11:01.0428 2864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0428 2864  NetMsmqActivator - ok
17:11:01.0448 2864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0448 2864  NetPipeActivator - ok
17:11:01.0478 2864  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:11:01.0488 2864  netprofm - ok
17:11:01.0498 2864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0508 2864  NetTcpActivator - ok
17:11:01.0508 2864  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0508 2864  NetTcpPortSharing - ok
17:11:01.0538 2864  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:11:01.0538 2864  nfrd960 - ok
17:11:01.0578 2864  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:11:01.0578 2864  NisDrv - ok
17:11:01.0628 2864  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
17:11:01.0628 2864  NisSrv - ok
17:11:01.0658 2864  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:11:01.0668 2864  NlaSvc - ok
17:11:01.0678 2864  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:11:01.0678 2864  Npfs - ok
17:11:01.0688 2864  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:11:01.0688 2864  nsi - ok
17:11:01.0698 2864  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:11:01.0698 2864  nsiproxy - ok
17:11:01.0748 2864  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:11:01.0768 2864  Ntfs - ok
17:11:01.0788 2864  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:11:01.0788 2864  Null - ok
17:11:02.0038 2864  [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:11:02.0138 2864  nvlddmkm - ok
17:11:02.0188 2864  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:11:02.0198 2864  nvraid - ok
17:11:02.0208 2864  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:11:02.0208 2864  nvstor - ok
17:11:02.0258 2864  [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:11:02.0268 2864  nvsvc - ok
17:11:02.0348 2864  [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:11:02.0358 2864  nvUpdatusService - ok
17:11:02.0428 2864  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:11:02.0428 2864  nv_agp - ok
17:11:02.0538 2864  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:11:02.0548 2864  odserv - ok
17:11:02.0558 2864  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:11:02.0558 2864  ohci1394 - ok
17:11:02.0568 2864  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:11:02.0568 2864  ose - ok
17:11:02.0588 2864  [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
17:11:02.0588 2864  ossrv - ok
17:11:02.0608 2864  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:11:02.0618 2864  p2pimsvc - ok
17:11:02.0638 2864  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:11:02.0638 2864  p2psvc - ok
17:11:02.0668 2864  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:11:02.0668 2864  Parport - ok
17:11:02.0688 2864  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:11:02.0688 2864  partmgr - ok
17:11:02.0698 2864  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:11:02.0708 2864  PcaSvc - ok
17:11:02.0778 2864  pccsmcfd - ok
17:11:02.0788 2864  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:11:02.0798 2864  pci - ok
17:11:02.0818 2864  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:11:02.0818 2864  pciide - ok
17:11:02.0838 2864  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:11:02.0838 2864  pcmcia - ok
17:11:02.0848 2864  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:11:02.0848 2864  pcw - ok
17:11:02.0868 2864  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:11:02.0878 2864  PEAUTH - ok
17:11:02.0918 2864  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:11:02.0938 2864  PeerDistSvc - ok
17:11:02.0998 2864  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:11:02.0998 2864  PerfHost - ok
17:11:03.0038 2864  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:11:03.0058 2864  pla - ok
17:11:03.0088 2864  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:11:03.0098 2864  PlugPlay - ok
17:11:03.0098 2864  PnkBstrA - ok
17:11:03.0098 2864  PnkBstrB - ok
17:11:03.0118 2864  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:11:03.0118 2864  PNRPAutoReg - ok
17:11:03.0118 2864  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:11:03.0128 2864  PNRPsvc - ok
17:11:03.0138 2864  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:11:03.0148 2864  PolicyAgent - ok
17:11:03.0178 2864  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:11:03.0188 2864  Power - ok
17:11:03.0238 2864  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:11:03.0238 2864  PptpMiniport - ok
17:11:03.0258 2864  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:11:03.0258 2864  Processor - ok
17:11:03.0288 2864  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:11:03.0288 2864  ProfSvc - ok
17:11:03.0308 2864  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:11:03.0308 2864  ProtectedStorage - ok
17:11:03.0358 2864  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:11:03.0358 2864  Psched - ok
17:11:03.0388 2864  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:11:03.0408 2864  ql2300 - ok
17:11:03.0418 2864  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:11:03.0418 2864  ql40xx - ok
17:11:03.0438 2864  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:11:03.0448 2864  QWAVE - ok
17:11:03.0448 2864  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:11:03.0458 2864  QWAVEdrv - ok
17:11:03.0508 2864  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:11:03.0508 2864  RapiMgr - ok
17:11:03.0518 2864  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:11:03.0518 2864  RasAcd - ok
17:11:03.0538 2864  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:11:03.0548 2864  RasAgileVpn - ok
17:11:03.0558 2864  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:11:03.0558 2864  RasAuto - ok
17:11:03.0578 2864  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:11:03.0578 2864  Rasl2tp - ok
17:11:03.0598 2864  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:11:03.0598 2864  RasMan - ok
17:11:03.0608 2864  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:11:03.0608 2864  RasPppoe - ok
17:11:03.0608 2864  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:11:03.0618 2864  RasSstp - ok
17:11:03.0638 2864  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:11:03.0638 2864  rdbss - ok
17:11:03.0648 2864  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:11:03.0648 2864  rdpbus - ok
17:11:03.0658 2864  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:11:03.0658 2864  RDPCDD - ok
17:11:03.0688 2864  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:11:03.0688 2864  RDPDR - ok
17:11:03.0708 2864  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:11:03.0708 2864  RDPENCDD - ok
17:11:03.0718 2864  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:11:03.0718 2864  RDPREFMP - ok
17:11:03.0798 2864  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:11:03.0798 2864  RdpVideoMiniport - ok
17:11:03.0828 2864  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:11:03.0828 2864  RDPWD - ok
17:11:03.0858 2864  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:11:03.0858 2864  rdyboost - ok
17:11:03.0888 2864  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:11:03.0888 2864  RemoteAccess - ok
17:11:03.0908 2864  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:11:03.0908 2864  RemoteRegistry - ok
17:11:03.0928 2864  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:11:03.0928 2864  RpcEptMapper - ok
17:11:03.0938 2864  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:11:03.0938 2864  RpcLocator - ok
17:11:03.0968 2864  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:11:03.0968 2864  RpcSs - ok
17:11:03.0978 2864  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:11:03.0978 2864  rspndr - ok
17:11:04.0028 2864  [ D63C9C1A427A134461258B7B8742858F ] RTCore64        C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
17:11:04.0028 2864  RTCore64 - ok
17:11:04.0048 2864  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:11:04.0048 2864  s3cap - ok
17:11:04.0048 2864  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:11:04.0048 2864  SamSs - ok
17:11:04.0058 2864  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:11:04.0058 2864  sbp2port - ok
17:11:04.0078 2864  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:11:04.0078 2864  SCardSvr - ok
17:11:04.0108 2864  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:11:04.0108 2864  scfilter - ok
17:11:04.0138 2864  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:11:04.0148 2864  Schedule - ok
17:11:04.0168 2864  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:11:04.0168 2864  SCPolicySvc - ok
17:11:04.0188 2864  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:11:04.0198 2864  SDRSVC - ok
17:11:04.0228 2864  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:11:04.0228 2864  secdrv - ok
17:11:04.0238 2864  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:11:04.0238 2864  seclogon - ok
17:11:04.0258 2864  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:11:04.0268 2864  SENS - ok
17:11:04.0268 2864  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:11:04.0278 2864  SensrSvc - ok
17:11:04.0278 2864  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:11:04.0278 2864  Serenum - ok
17:11:04.0298 2864  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:11:04.0298 2864  Serial - ok
17:11:04.0318 2864  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:11:04.0318 2864  sermouse - ok
17:11:04.0338 2864  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:11:04.0338 2864  SessionEnv - ok
17:11:04.0348 2864  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:11:04.0348 2864  sffdisk - ok
17:11:04.0358 2864  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:11:04.0358 2864  sffp_mmc - ok
17:11:04.0368 2864  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:11:04.0368 2864  sffp_sd - ok
17:11:04.0378 2864  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:11:04.0378 2864  sfloppy - ok
17:11:04.0408 2864  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:11:04.0418 2864  SharedAccess - ok
17:11:04.0438 2864  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:11:04.0448 2864  ShellHWDetection - ok
17:11:04.0478 2864  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:11:04.0488 2864  SiSRaid2 - ok
17:11:04.0498 2864  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:11:04.0498 2864  SiSRaid4 - ok
17:11:04.0568 2864  [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:11:04.0568 2864  SkypeUpdate - ok
17:11:04.0578 2864  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:11:04.0588 2864  Smb - ok
17:11:04.0608 2864  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:11:04.0608 2864  SNMPTRAP - ok
17:11:04.0628 2864  [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan        C:\Windows\syswow64\speedfan.sys
17:11:04.0628 2864  speedfan - ok
17:11:04.0638 2864  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:11:04.0638 2864  spldr - ok
17:11:04.0668 2864  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:11:04.0678 2864  Spooler - ok
17:11:04.0738 2864  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:11:04.0768 2864  sppsvc - ok
17:11:04.0798 2864  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:11:04.0798 2864  sppuinotify - ok
17:11:04.0848 2864  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\System32\Drivers\sptd.sys
17:11:04.0858 2864  sptd - ok
17:11:04.0898 2864  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:11:04.0898 2864  srv - ok
17:11:04.0918 2864  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:11:04.0918 2864  srv2 - ok
17:11:04.0928 2864  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:11:04.0928 2864  srvnet - ok
17:11:04.0958 2864  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:11:04.0958 2864  SSDPSRV - ok
17:11:04.0988 2864  SSPORT - ok
17:11:04.0998 2864  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:11:05.0008 2864  SstpSvc - ok
17:11:05.0068 2864  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:11:05.0068 2864  ssudmdm - ok
17:11:05.0088 2864  Steam Client Service - ok
17:11:05.0148 2864  [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:11:05.0148 2864  Stereo Service - ok
17:11:05.0168 2864  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:11:05.0168 2864  stexstor - ok
17:11:05.0218 2864  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:11:05.0218 2864  stisvc - ok
17:11:05.0258 2864  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:11:05.0258 2864  storflt - ok
17:11:05.0278 2864  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:11:05.0278 2864  storvsc - ok
17:11:05.0298 2864  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:11:05.0298 2864  swenum - ok
17:11:05.0318 2864  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:11:05.0328 2864  swprv - ok
17:11:05.0348 2864  Synth3dVsc - ok
17:11:05.0428 2864  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:11:05.0448 2864  SysMain - ok
17:11:05.0508 2864  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:11:05.0508 2864  TabletInputService - ok
17:11:05.0528 2864  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:11:05.0538 2864  TapiSrv - ok
17:11:05.0548 2864  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:11:05.0548 2864  TBS - ok
17:11:05.0588 2864  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:11:05.0608 2864  Tcpip - ok
17:11:05.0628 2864  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:11:05.0638 2864  TCPIP6 - ok
17:11:05.0658 2864  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:11:05.0658 2864  tcpipreg - ok
17:11:05.0698 2864  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:11:05.0698 2864  TDPIPE - ok
17:11:05.0718 2864  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:11:05.0718 2864  TDTCP - ok
17:11:05.0748 2864  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:11:05.0748 2864  tdx - ok
17:11:05.0858 2864  [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
17:11:05.0858 2864  Te.Service - ok
17:11:05.0998 2864  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:11:06.0008 2864  TeamViewer8 - ok
17:11:06.0048 2864  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
17:11:06.0048 2864  teamviewervpn - ok
17:11:06.0058 2864  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:11:06.0058 2864  TermDD - ok
17:11:06.0088 2864  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:11:06.0088 2864  TermService - ok
17:11:06.0108 2864  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:11:06.0108 2864  Themes - ok
17:11:06.0128 2864  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:11:06.0128 2864  THREADORDER - ok
17:11:06.0158 2864  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:11:06.0158 2864  TrkWks - ok
17:11:06.0198 2864  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:11:06.0198 2864  TrustedInstaller - ok
17:11:06.0218 2864  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:11:06.0228 2864  tssecsrv - ok
17:11:06.0228 2864  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:11:06.0238 2864  TsUsbFlt - ok
17:11:06.0238 2864  tsusbhub - ok
17:11:06.0268 2864  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:11:06.0278 2864  tunnel - ok
17:11:06.0288 2864  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:11:06.0288 2864  uagp35 - ok
17:11:06.0308 2864  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:11:06.0318 2864  udfs - ok
17:11:06.0348 2864  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:11:06.0348 2864  UI0Detect - ok
17:11:06.0388 2864  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:11:06.0388 2864  uliagpkx - ok
17:11:06.0388 2864  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:11:06.0388 2864  umbus - ok
17:11:06.0408 2864  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:11:06.0408 2864  UmPass - ok
17:11:06.0428 2864  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
17:11:06.0428 2864  UmRdpService - ok
17:11:06.0438 2864  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:11:06.0438 2864  upnphost - ok
17:11:06.0468 2864  upperdev - ok
17:11:06.0508 2864  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:11:06.0508 2864  usbccgp - ok
17:11:06.0518 2864  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:11:06.0518 2864  usbcir - ok
17:11:06.0538 2864  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:11:06.0538 2864  usbehci - ok
17:11:06.0558 2864  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:11:06.0568 2864  usbhub - ok
17:11:06.0578 2864  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:11:06.0588 2864  usbohci - ok
17:11:06.0618 2864  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:11:06.0618 2864  usbprint - ok
17:11:06.0628 2864  UsbserFilt - ok
17:11:06.0648 2864  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:11:06.0648 2864  USBSTOR - ok
17:11:06.0668 2864  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:11:06.0668 2864  usbuhci - ok
17:11:06.0678 2864  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:11:06.0678 2864  UxSms - ok
17:11:06.0688 2864  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:11:06.0688 2864  VaultSvc - ok
17:11:06.0698 2864  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:11:06.0698 2864  vdrvroot - ok
17:11:06.0728 2864  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:11:06.0738 2864  vds - ok
17:11:06.0738 2864  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:11:06.0748 2864  vga - ok
17:11:06.0748 2864  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:11:06.0748 2864  VgaSave - ok
17:11:06.0778 2864  VGPU - ok
17:11:06.0838 2864  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:11:06.0838 2864  vhdmp - ok
17:11:06.0838 2864  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:11:06.0838 2864  viaide - ok
17:11:06.0868 2864  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:11:06.0868 2864  vmbus - ok
17:11:06.0878 2864  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:11:06.0878 2864  VMBusHID - ok
17:11:06.0888 2864  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:11:06.0888 2864  volmgr - ok
17:11:06.0908 2864  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:11:06.0918 2864  volmgrx - ok
17:11:06.0928 2864  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:11:06.0938 2864  volsnap - ok
17:11:06.0968 2864  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:11:06.0968 2864  vsmraid - ok
17:11:07.0008 2864  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:11:07.0018 2864  VSS - ok
17:11:07.0038 2864  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:11:07.0038 2864  vwifibus - ok
17:11:07.0068 2864  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:11:07.0068 2864  W32Time - ok
17:11:07.0078 2864  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:11:07.0078 2864  WacomPen - ok
17:11:07.0098 2864  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:11:07.0098 2864  WANARP - ok
17:11:07.0098 2864  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:11:07.0098 2864  Wanarpv6 - ok
17:11:07.0138 2864  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:11:07.0148 2864  wbengine - ok
17:11:07.0188 2864  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:11:07.0188 2864  WbioSrvc - ok
17:11:07.0208 2864  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:11:07.0218 2864  WcesComm - ok
17:11:07.0228 2864  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:11:07.0238 2864  wcncsvc - ok
17:11:07.0238 2864  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:11:07.0248 2864  WcsPlugInService - ok
17:11:07.0248 2864  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:11:07.0248 2864  Wd - ok
17:11:07.0278 2864  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:11:07.0288 2864  Wdf01000 - ok
17:11:07.0298 2864  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:11:07.0298 2864  WdiServiceHost - ok
17:11:07.0298 2864  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:11:07.0298 2864  WdiSystemHost - ok
17:11:07.0308 2864  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:11:07.0308 2864  WebClient - ok
17:11:07.0328 2864  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:11:07.0328 2864  Wecsvc - ok
17:11:07.0338 2864  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:11:07.0348 2864  wercplsupport - ok
17:11:07.0368 2864  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:11:07.0368 2864  WerSvc - ok
17:11:07.0388 2864  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:11:07.0388 2864  WfpLwf - ok
17:11:07.0388 2864  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:11:07.0388 2864  WIMMount - ok
17:11:07.0418 2864  WinDefend - ok
17:11:07.0418 2864  WinHttpAutoProxySvc - ok
17:11:07.0478 2864  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:11:07.0488 2864  Winmgmt - ok
17:11:07.0538 2864  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:11:07.0558 2864  WinRM - ok
17:11:07.0578 2864  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
17:11:07.0578 2864  WINUSB - ok
17:11:07.0608 2864  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:11:07.0618 2864  Wlansvc - ok
17:11:07.0738 2864  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:11:07.0748 2864  wlidsvc - ok
17:11:07.0778 2864  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:11:07.0778 2864  WmiAcpi - ok
17:11:07.0798 2864  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:11:07.0798 2864  wmiApSrv - ok
17:11:07.0818 2864  WMPNetworkSvc - ok
17:11:07.0828 2864  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:11:07.0838 2864  WPCSvc - ok
17:11:07.0848 2864  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:11:07.0848 2864  WPDBusEnum - ok
17:11:07.0858 2864  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:11:07.0858 2864  ws2ifsl - ok
17:11:07.0868 2864  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:11:07.0868 2864  wscsvc - ok
17:11:07.0878 2864  WSearch - ok
17:11:07.0938 2864  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:11:07.0958 2864  wuauserv - ok
17:11:07.0978 2864  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:11:07.0978 2864  WudfPf - ok
17:11:08.0018 2864  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:11:08.0018 2864  WUDFRd - ok
17:11:08.0038 2864  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:11:08.0038 2864  wudfsvc - ok
17:11:08.0068 2864  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:11:08.0078 2864  WwanSvc - ok
17:11:08.0118 2864  [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:11:08.0118 2864  yukonw7 - ok
17:11:08.0148 2864  ================ Scan global ===============================
17:11:08.0178 2864  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:11:08.0198 2864  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:11:08.0208 2864  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:11:08.0228 2864  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:11:08.0248 2864  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:11:08.0248 2864  [Global] - ok
17:11:08.0248 2864  ================ Scan MBR ==================================
17:11:08.0278 2864  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:11:08.0448 2864  \Device\Harddisk0\DR0 - ok
17:11:08.0448 2864  ================ Scan VBR ==================================
17:11:08.0448 2864  [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
17:11:08.0448 2864  \Device\Harddisk0\DR0\Partition1 - ok
17:11:08.0478 2864  [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
17:11:08.0478 2864  \Device\Harddisk0\DR0\Partition2 - ok
17:11:08.0488 2864  [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
17:11:08.0488 2864  \Device\Harddisk0\DR0\Partition3 - ok
17:11:08.0518 2864  [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
17:11:08.0518 2864  \Device\Harddisk0\DR0\Partition4 - ok
17:11:08.0548 2864  [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
17:11:08.0548 2864  \Device\Harddisk0\DR0\Partition5 - ok
17:11:08.0548 2864  ============================================================
17:11:08.0548 2864  Scan finished
17:11:08.0548 2864  ============================================================
17:11:08.0558 4496  Detected object count: 0
17:11:08.0558 4496  Actual detected object count: 0
         
Ob´s mir schmeckt, hängt davon ab, ob ich noch ein Problemchen habe

Alt 21.03.2013, 17:43   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Bitte die Anleitungen sorgfältiger lesen und umsetzen!

1. falsches Log von MBAR
2. falsche Einstellungen mit tdsskiller
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.03.2013, 18:38   #9
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Guten Abend Cosinus,

anbei die gewünschten Logdaten:

MBAR
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.21.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anti :: CHAOS-KISTE [administrator]

21.03.2013 16:51:59
mbar-log-2013-03-21 (16-51-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28448
Time elapsed: 6 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

tdsskiller
Code:
ATTFilter
18:30:46.0184 14856  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:30:46.0214 14856  ============================================================
18:30:46.0214 14856  Current date / time: 2013/03/22 18:30:46.0214
18:30:46.0214 14856  SystemInfo:
18:30:46.0214 14856  
18:30:46.0214 14856  OS Version: 6.1.7601 ServicePack: 1.0
18:30:46.0214 14856  Product type: Workstation
18:30:46.0214 14856  ComputerName: CHAOS-KISTE
18:30:46.0214 14856  UserName: Anti
18:30:46.0214 14856  Windows directory: C:\Windows
18:30:46.0214 14856  System windows directory: C:\Windows
18:30:46.0214 14856  Running under WOW64
18:30:46.0214 14856  Processor architecture: Intel x64
18:30:46.0214 14856  Number of processors: 4
18:30:46.0214 14856  Page size: 0x1000
18:30:46.0214 14856  Boot type: Normal boot
18:30:46.0214 14856  ============================================================
18:30:47.0424 14856  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:30:47.0424 14856  ============================================================
18:30:47.0424 14856  \Device\Harddisk0\DR0:
18:30:47.0454 14856  MBR partitions:
18:30:47.0454 14856  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
18:30:47.0474 14856  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
18:30:47.0484 14856  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
18:30:47.0494 14856  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
18:30:47.0524 14856  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
18:30:47.0524 14856  ============================================================
18:30:47.0564 14856  C: <-> \Device\Harddisk0\DR0\Partition4
18:30:47.0584 14856  D: <-> \Device\Harddisk0\DR0\Partition1
18:30:47.0614 14856  F: <-> \Device\Harddisk0\DR0\Partition2
18:30:47.0654 14856  G: <-> \Device\Harddisk0\DR0\Partition3
18:30:47.0704 14856  H: <-> \Device\Harddisk0\DR0\Partition5
18:30:47.0704 14856  ============================================================
18:30:47.0704 14856  Initialize success
18:30:47.0704 14856  ============================================================
18:31:45.0055 0220  ============================================================
18:31:45.0055 0220  Scan started
18:31:45.0055 0220  Mode: Manual; SigCheck; TDLFS; 
18:31:45.0055 0220  ============================================================
18:31:46.0615 0220  ================ Scan system memory ========================
18:31:46.0615 0220  System memory - ok
18:31:46.0615 0220  ================ Scan services =============================
18:31:46.0735 0220  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:31:46.0825 0220  1394ohci - ok
18:31:46.0875 0220  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:31:46.0885 0220  ACPI - ok
18:31:46.0895 0220  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:31:46.0965 0220  AcpiPmi - ok
18:31:47.0115 0220  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:31:47.0125 0220  AdobeARMservice - ok
18:31:47.0255 0220  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:31:47.0265 0220  AdobeFlashPlayerUpdateSvc - ok
18:31:47.0305 0220  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:47.0325 0220  adp94xx - ok
18:31:47.0345 0220  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:31:47.0355 0220  adpahci - ok
18:31:47.0375 0220  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:31:47.0385 0220  adpu320 - ok
18:31:47.0405 0220  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:31:47.0495 0220  AeLookupSvc - ok
18:31:47.0545 0220  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:31:47.0615 0220  AFD - ok
18:31:47.0675 0220  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:31:47.0685 0220  agp440 - ok
18:31:47.0705 0220  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:31:47.0745 0220  ALG - ok
18:31:47.0775 0220  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:31:47.0785 0220  aliide - ok
18:31:47.0855 0220  [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:31:47.0925 0220  AMD External Events Utility - ok
18:31:47.0925 0220  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:31:47.0935 0220  amdide - ok
18:31:47.0955 0220  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:31:47.0995 0220  AmdK8 - ok
18:31:48.0215 0220  [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:31:48.0415 0220  amdkmdag - ok
18:31:48.0495 0220  [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:31:48.0525 0220  amdkmdap - ok
18:31:48.0535 0220  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:31:48.0575 0220  AmdPPM - ok
18:31:48.0625 0220  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:31:48.0635 0220  amdsata - ok
18:31:48.0655 0220  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:48.0665 0220  amdsbs - ok
18:31:48.0685 0220  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:31:48.0695 0220  amdxata - ok
18:31:48.0745 0220  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:31:48.0875 0220  AppID - ok
18:31:48.0905 0220  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:31:48.0945 0220  AppIDSvc - ok
18:31:48.0995 0220  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:31:49.0035 0220  Appinfo - ok
18:31:49.0065 0220  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:31:49.0115 0220  AppMgmt - ok
18:31:49.0135 0220  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:31:49.0145 0220  arc - ok
18:31:49.0145 0220  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:31:49.0155 0220  arcsas - ok
18:31:49.0275 0220  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:31:49.0345 0220  aspnet_state - ok
18:31:49.0385 0220  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:49.0425 0220  AsyncMac - ok
18:31:49.0455 0220  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:31:49.0465 0220  atapi - ok
18:31:49.0545 0220  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:31:49.0555 0220  AtiHDAudioService - ok
18:31:49.0575 0220  [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:31:49.0585 0220  AtiHdmiService - ok
18:31:49.0625 0220  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:31:49.0705 0220  AudioEndpointBuilder - ok
18:31:49.0715 0220  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:31:49.0745 0220  AudioSrv - ok
18:31:49.0765 0220  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:31:49.0825 0220  AxInstSV - ok
18:31:49.0845 0220  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:31:49.0875 0220  b06bdrv - ok
18:31:49.0905 0220  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:31:49.0945 0220  b57nd60a - ok
18:31:49.0975 0220  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:31:50.0025 0220  BDESVC - ok
18:31:50.0035 0220  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:31:50.0085 0220  Beep - ok
18:31:50.0135 0220  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:31:50.0165 0220  BFE - ok
18:31:50.0185 0220  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:31:50.0295 0220  BITS - ok
18:31:50.0315 0220  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:50.0335 0220  blbdrive - ok
18:31:50.0355 0220  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:31:50.0365 0220  bowser - ok
18:31:50.0385 0220  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:50.0425 0220  BrFiltLo - ok
18:31:50.0445 0220  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:50.0465 0220  BrFiltUp - ok
18:31:50.0485 0220  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:31:50.0505 0220  Browser - ok
18:31:50.0505 0220  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:31:50.0535 0220  Brserid - ok
18:31:50.0545 0220  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:31:50.0555 0220  BrSerWdm - ok
18:31:50.0565 0220  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:31:50.0595 0220  BrUsbMdm - ok
18:31:50.0605 0220  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:31:50.0615 0220  BrUsbSer - ok
18:31:50.0635 0220  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:31:50.0675 0220  BTHMODEM - ok
18:31:50.0705 0220  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:31:50.0755 0220  bthserv - ok
18:31:50.0765 0220  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:31:50.0815 0220  cdfs - ok
18:31:50.0855 0220  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:31:50.0955 0220  cdrom - ok
18:31:51.0015 0220  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:31:51.0035 0220  CertPropSvc - ok
18:31:51.0045 0220  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:31:51.0055 0220  circlass - ok
18:31:51.0085 0220  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:31:51.0095 0220  CLFS - ok
18:31:51.0155 0220  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:31:51.0165 0220  clr_optimization_v2.0.50727_32 - ok
18:31:51.0235 0220  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:31:51.0235 0220  clr_optimization_v2.0.50727_64 - ok
18:31:51.0305 0220  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:31:51.0365 0220  clr_optimization_v4.0.30319_32 - ok
18:31:51.0385 0220  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:31:51.0395 0220  clr_optimization_v4.0.30319_64 - ok
18:31:51.0425 0220  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:31:51.0465 0220  CmBatt - ok
18:31:51.0475 0220  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:31:51.0485 0220  cmdide - ok
18:31:51.0515 0220  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
18:31:51.0585 0220  CNG - ok
18:31:51.0615 0220  [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL    C:\Windows\system32\COMMONFX.DLL
18:31:51.0675 0220  COMMONFX.DLL - ok
18:31:51.0685 0220  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:31:51.0695 0220  Compbatt - ok
18:31:51.0725 0220  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:31:51.0745 0220  CompositeBus - ok
18:31:51.0755 0220  COMSysApp - ok
18:31:51.0805 0220  [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
18:31:51.0845 0220  cpuz135 - ok
18:31:51.0845 0220  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:31:51.0855 0220  crcdisk - ok
18:31:51.0885 0220  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:31:51.0945 0220  CryptSvc - ok
18:31:51.0965 0220  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
18:31:52.0025 0220  CSC - ok
18:31:52.0045 0220  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
18:31:52.0075 0220  CscService - ok
18:31:52.0095 0220  [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL     C:\Windows\system32\CT20XUT.DLL
18:31:52.0105 0220  CT20XUT.DLL - ok
18:31:52.0175 0220  [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
18:31:52.0185 0220  ctac32k - ok
18:31:52.0215 0220  [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
18:31:52.0235 0220  ctaud2k - ok
18:31:52.0255 0220  [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL     C:\Windows\system32\CTAUDFX.DLL
18:31:52.0275 0220  CTAUDFX.DLL - ok
18:31:52.0285 0220  [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL    C:\Windows\system32\CTEAPSFX.DLL
18:31:52.0295 0220  CTEAPSFX.DLL - ok
18:31:52.0325 0220  [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL    C:\Windows\system32\CTEDSPFX.DLL
18:31:52.0335 0220  CTEDSPFX.DLL - ok
18:31:52.0345 0220  [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL    C:\Windows\system32\CTEDSPIO.DLL
18:31:52.0355 0220  CTEDSPIO.DLL - ok
18:31:52.0375 0220  [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL    C:\Windows\system32\CTEDSPSY.DLL
18:31:52.0385 0220  CTEDSPSY.DLL - ok
18:31:52.0385 0220  [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL    C:\Windows\system32\CTERFXFX.DLL
18:31:52.0395 0220  CTERFXFX.DLL - ok
18:31:52.0435 0220  [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL    C:\Windows\system32\CTEXFIFX.DLL
18:31:52.0465 0220  CTEXFIFX.DLL - ok
18:31:52.0475 0220  [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL     C:\Windows\system32\CTHWIUT.DLL
18:31:52.0485 0220  CTHWIUT.DLL - ok
18:31:52.0495 0220  [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
18:31:52.0505 0220  ctprxy2k - ok
18:31:52.0515 0220  [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL     C:\Windows\system32\CTSBLFX.DLL
18:31:52.0535 0220  CTSBLFX.DLL - ok
18:31:52.0555 0220  [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
18:31:52.0565 0220  ctsfm2k - ok
18:31:52.0605 0220  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
18:31:52.0615 0220  ctxusbm - ok
18:31:52.0665 0220  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:31:52.0705 0220  DcomLaunch - ok
18:31:52.0745 0220  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:31:52.0805 0220  defragsvc - ok
18:31:52.0845 0220  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:31:52.0885 0220  DfsC - ok
18:31:52.0935 0220  DgiVecp - ok
18:31:52.0965 0220  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:31:52.0975 0220  dg_ssudbus - ok
18:31:52.0995 0220  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:31:53.0065 0220  Dhcp - ok
18:31:53.0085 0220  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:31:53.0115 0220  discache - ok
18:31:53.0135 0220  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:31:53.0145 0220  Disk - ok
18:31:53.0165 0220  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:31:53.0235 0220  Dnscache - ok
18:31:53.0255 0220  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:31:53.0295 0220  dot3svc - ok
18:31:53.0315 0220  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:31:53.0355 0220  DPS - ok
18:31:53.0385 0220  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:31:53.0405 0220  drmkaud - ok
18:31:53.0445 0220  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:31:53.0465 0220  DXGKrnl - ok
18:31:53.0495 0220  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:31:53.0525 0220  EapHost - ok
18:31:53.0585 0220  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:31:53.0665 0220  ebdrv - ok
18:31:53.0675 0220  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:31:53.0725 0220  EFS - ok
18:31:53.0775 0220  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:31:53.0805 0220  ehRecvr - ok
18:31:53.0825 0220  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:31:53.0835 0220  ehSched - ok
18:31:53.0855 0220  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:31:53.0875 0220  elxstor - ok
18:31:53.0885 0220  [ 1E2F860D9521FB73566C85CD17D58291 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
18:31:53.0895 0220  emupia - ok
18:31:53.0905 0220  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:31:53.0925 0220  ErrDev - ok
18:31:53.0965 0220  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:31:53.0995 0220  EventSystem - ok
18:31:54.0005 0220  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:31:54.0065 0220  exfat - ok
18:31:54.0065 0220  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:31:54.0115 0220  fastfat - ok
18:31:54.0155 0220  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:31:54.0235 0220  Fax - ok
18:31:54.0245 0220  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:31:54.0255 0220  fdc - ok
18:31:54.0275 0220  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:31:54.0305 0220  fdPHost - ok
18:31:54.0305 0220  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:31:54.0355 0220  FDResPub - ok
18:31:54.0385 0220  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:31:54.0395 0220  FileInfo - ok
18:31:54.0405 0220  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:31:54.0435 0220  Filetrace - ok
18:31:54.0455 0220  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:54.0505 0220  flpydisk - ok
18:31:54.0525 0220  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:31:54.0545 0220  FltMgr - ok
18:31:54.0635 0220  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:31:54.0675 0220  FontCache - ok
18:31:54.0715 0220  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:31:54.0725 0220  FontCache3.0.0.0 - ok
18:31:54.0735 0220  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:31:54.0745 0220  FsDepends - ok
18:31:54.0755 0220  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:31:54.0765 0220  Fs_Rec - ok
18:31:54.0855 0220  [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:31:54.0865 0220  Futuremark SystemInfo Service - ok
18:31:54.0905 0220  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:31:54.0925 0220  fvevol - ok
18:31:54.0935 0220  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:31:54.0945 0220  gagp30kx - ok
18:31:54.0975 0220  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:31:55.0015 0220  gpsvc - ok
18:31:55.0065 0220  [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k        C:\Windows\system32\drivers\ha10kx2k.sys
18:31:55.0115 0220  ha10kx2k - ok
18:31:55.0145 0220  [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k        C:\Windows\system32\drivers\hap16v2k.sys
18:31:55.0165 0220  hap16v2k - ok
18:31:55.0195 0220  [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k        C:\Windows\system32\drivers\hap17v2k.sys
18:31:55.0215 0220  hap17v2k - ok
18:31:55.0225 0220  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:31:55.0265 0220  hcw85cir - ok
18:31:55.0335 0220  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:31:55.0365 0220  HdAudAddService - ok
18:31:55.0425 0220  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:31:55.0455 0220  HDAudBus - ok
18:31:55.0465 0220  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:31:55.0495 0220  HidBatt - ok
18:31:55.0515 0220  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:31:55.0525 0220  HidBth - ok
18:31:55.0525 0220  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:31:55.0565 0220  HidIr - ok
18:31:55.0585 0220  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:31:55.0635 0220  hidserv - ok
18:31:55.0695 0220  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:31:55.0705 0220  HidUsb - ok
18:31:55.0725 0220  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:31:55.0775 0220  hkmsvc - ok
18:31:55.0815 0220  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:31:55.0835 0220  HomeGroupListener - ok
18:31:55.0845 0220  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:31:55.0865 0220  HomeGroupProvider - ok
18:31:55.0875 0220  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:31:55.0885 0220  HpSAMD - ok
18:31:55.0925 0220  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:31:55.0985 0220  HTTP - ok
18:31:56.0005 0220  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:31:56.0015 0220  hwpolicy - ok
18:31:56.0035 0220  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:31:56.0045 0220  i8042prt - ok
18:31:56.0095 0220  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:31:56.0115 0220  iaStorV - ok
18:31:56.0155 0220  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:31:56.0175 0220  idsvc - ok
18:31:56.0195 0220  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:31:56.0205 0220  iirsp - ok
18:31:56.0235 0220  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:31:56.0295 0220  IKEEXT - ok
18:31:56.0345 0220  IntcAzAudAddService - ok
18:31:56.0355 0220  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:31:56.0365 0220  intelide - ok
18:31:56.0375 0220  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:31:56.0395 0220  intelppm - ok
18:31:56.0405 0220  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:31:56.0445 0220  IPBusEnum - ok
18:31:56.0475 0220  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:56.0515 0220  IpFilterDriver - ok
18:31:56.0555 0220  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:31:56.0585 0220  iphlpsvc - ok
18:31:56.0605 0220  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:31:56.0645 0220  IPMIDRV - ok
18:31:56.0675 0220  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:31:56.0705 0220  IPNAT - ok
18:31:56.0745 0220  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:31:56.0775 0220  IRENUM - ok
18:31:56.0785 0220  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:31:56.0795 0220  isapnp - ok
18:31:56.0815 0220  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:31:56.0835 0220  iScsiPrt - ok
18:31:56.0855 0220  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:31:56.0865 0220  kbdclass - ok
18:31:56.0885 0220  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:31:56.0895 0220  kbdhid - ok
18:31:56.0895 0220  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:31:56.0905 0220  KeyIso - ok
18:31:56.0925 0220  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:31:56.0935 0220  KSecDD - ok
18:31:56.0955 0220  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:31:56.0965 0220  KSecPkg - ok
18:31:56.0985 0220  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:31:57.0015 0220  ksthunk - ok
18:31:57.0045 0220  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:31:57.0085 0220  KtmRm - ok
18:31:57.0115 0220  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:31:57.0165 0220  LanmanServer - ok
18:31:57.0195 0220  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:31:57.0225 0220  LanmanWorkstation - ok
18:31:57.0335 0220  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:31:57.0345 0220  LBTServ - ok
18:31:57.0395 0220  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
18:31:57.0405 0220  LGBusEnum - ok
18:31:57.0475 0220  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:31:57.0485 0220  LGVirHid - ok
18:31:57.0555 0220  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:31:57.0565 0220  LHidFilt - ok
18:31:57.0605 0220  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:31:57.0665 0220  lltdio - ok
18:31:57.0695 0220  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:31:57.0735 0220  lltdsvc - ok
18:31:57.0745 0220  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:31:57.0775 0220  lmhosts - ok
18:31:57.0775 0220  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:31:57.0785 0220  LMouFilt - ok
18:31:57.0815 0220  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:57.0825 0220  LSI_FC - ok
18:31:57.0835 0220  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:57.0845 0220  LSI_SAS - ok
18:31:57.0845 0220  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:57.0855 0220  LSI_SAS2 - ok
18:31:57.0855 0220  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:57.0865 0220  LSI_SCSI - ok
18:31:57.0885 0220  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:31:57.0945 0220  luafv - ok
18:31:57.0985 0220  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
18:31:57.0995 0220  LUsbFilt - ok
18:31:58.0065 0220  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:31:58.0075 0220  MBAMProtector - ok
18:31:58.0115 0220  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:31:58.0125 0220  MBAMScheduler - ok
18:31:58.0175 0220  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:31:58.0185 0220  MBAMService - ok
18:31:58.0215 0220  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:31:58.0235 0220  Mcx2Svc - ok
18:31:58.0245 0220  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:31:58.0255 0220  megasas - ok
18:31:58.0265 0220  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:58.0285 0220  MegaSR - ok
18:31:58.0305 0220  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:31:58.0345 0220  MMCSS - ok
18:31:58.0365 0220  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:31:58.0395 0220  Modem - ok
18:31:58.0435 0220  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:31:58.0455 0220  monitor - ok
18:31:58.0515 0220  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:31:58.0515 0220  mouclass - ok
18:31:58.0555 0220  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:31:58.0585 0220  mouhid - ok
18:31:58.0605 0220  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:31:58.0615 0220  mountmgr - ok
18:31:58.0675 0220  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:31:58.0685 0220  MozillaMaintenance - ok
18:31:58.0715 0220  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:31:58.0735 0220  MpFilter - ok
18:31:58.0745 0220  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:31:58.0765 0220  mpio - ok
18:31:58.0775 0220  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:31:58.0815 0220  mpsdrv - ok
18:31:58.0915 0220  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:31:59.0025 0220  MpsSvc - ok
18:31:59.0065 0220  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:31:59.0105 0220  MRxDAV - ok
18:31:59.0125 0220  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:59.0185 0220  mrxsmb - ok
18:31:59.0235 0220  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:59.0255 0220  mrxsmb10 - ok
18:31:59.0275 0220  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:59.0285 0220  mrxsmb20 - ok
18:31:59.0295 0220  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:31:59.0305 0220  msahci - ok
18:31:59.0315 0220  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:31:59.0335 0220  msdsm - ok
18:31:59.0345 0220  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:31:59.0365 0220  MSDTC - ok
18:31:59.0385 0220  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:31:59.0415 0220  Msfs - ok
18:31:59.0425 0220  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:31:59.0475 0220  mshidkmdf - ok
18:31:59.0495 0220  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:31:59.0505 0220  msisadrv - ok
18:31:59.0545 0220  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:31:59.0575 0220  MSiSCSI - ok
18:31:59.0585 0220  msiserver - ok
18:31:59.0605 0220  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:31:59.0645 0220  MSKSSRV - ok
18:31:59.0735 0220  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:31:59.0745 0220  MsMpSvc - ok
18:31:59.0775 0220  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:59.0815 0220  MSPCLOCK - ok
18:31:59.0815 0220  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:31:59.0855 0220  MSPQM - ok
18:31:59.0875 0220  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:31:59.0895 0220  MsRPC - ok
18:31:59.0905 0220  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:31:59.0915 0220  mssmbios - ok
18:31:59.0925 0220  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:31:59.0955 0220  MSTEE - ok
18:31:59.0975 0220  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:32:00.0015 0220  MTConfig - ok
18:32:00.0055 0220  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
18:32:00.0115 0220  MTsensor - ok
18:32:00.0145 0220  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:32:00.0155 0220  Mup - ok
18:32:00.0185 0220  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:32:00.0245 0220  napagent - ok
18:32:00.0285 0220  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:32:00.0295 0220  NativeWifiP - ok
18:32:00.0335 0220  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:32:00.0365 0220  NDIS - ok
18:32:00.0375 0220  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:32:00.0405 0220  NdisCap - ok
18:32:00.0415 0220  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:00.0475 0220  NdisTapi - ok
18:32:00.0495 0220  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:00.0525 0220  Ndisuio - ok
18:32:00.0555 0220  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:00.0585 0220  NdisWan - ok
18:32:00.0625 0220  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:32:00.0655 0220  NDProxy - ok
18:32:00.0655 0220  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:32:00.0695 0220  NetBIOS - ok
18:32:00.0705 0220  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:32:00.0755 0220  NetBT - ok
18:32:00.0775 0220  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:32:00.0785 0220  Netlogon - ok
18:32:00.0835 0220  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:32:00.0925 0220  Netman - ok
18:32:00.0995 0220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0015 0220  NetMsmqActivator - ok
18:32:01.0015 0220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0025 0220  NetPipeActivator - ok
18:32:01.0065 0220  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:32:01.0105 0220  netprofm - ok
18:32:01.0115 0220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0125 0220  NetTcpActivator - ok
18:32:01.0125 0220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0135 0220  NetTcpPortSharing - ok
18:32:01.0145 0220  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:32:01.0155 0220  nfrd960 - ok
18:32:01.0195 0220  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:32:01.0215 0220  NisDrv - ok
18:32:01.0275 0220  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
18:32:01.0285 0220  NisSrv - ok
18:32:01.0315 0220  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:32:01.0345 0220  NlaSvc - ok
18:32:01.0355 0220  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:32:01.0385 0220  Npfs - ok
18:32:01.0405 0220  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:32:01.0445 0220  nsi - ok
18:32:01.0455 0220  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:32:01.0495 0220  nsiproxy - ok
18:32:01.0545 0220  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:32:01.0575 0220  Ntfs - ok
18:32:01.0585 0220  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:32:01.0615 0220  Null - ok
18:32:01.0845 0220  [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:32:02.0025 0220  nvlddmkm - ok
18:32:02.0085 0220  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:32:02.0105 0220  nvraid - ok
18:32:02.0105 0220  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:32:02.0125 0220  nvstor - ok
18:32:02.0155 0220  [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:32:02.0175 0220  nvsvc - ok
18:32:02.0245 0220  [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:32:02.0275 0220  nvUpdatusService - ok
18:32:02.0325 0220  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:32:02.0345 0220  nv_agp - ok
18:32:02.0455 0220  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:32:02.0465 0220  odserv - ok
18:32:02.0485 0220  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:32:02.0495 0220  ohci1394 - ok
18:32:02.0515 0220  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:32:02.0525 0220  ose - ok
18:32:02.0545 0220  [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
18:32:02.0555 0220  ossrv - ok
18:32:02.0575 0220  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:32:02.0605 0220  p2pimsvc - ok
18:32:02.0625 0220  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:32:02.0635 0220  p2psvc - ok
18:32:02.0675 0220  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:32:02.0695 0220  Parport - ok
18:32:02.0715 0220  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:32:02.0735 0220  partmgr - ok
18:32:02.0745 0220  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:32:02.0765 0220  PcaSvc - ok
18:32:02.0795 0220  pccsmcfd - ok
18:32:02.0805 0220  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:32:02.0815 0220  pci - ok
18:32:02.0835 0220  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:32:02.0835 0220  pciide - ok
18:32:02.0855 0220  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:02.0865 0220  pcmcia - ok
18:32:02.0875 0220  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:32:02.0885 0220  pcw - ok
18:32:02.0905 0220  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:32:02.0975 0220  PEAUTH - ok
18:32:03.0025 0220  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:32:03.0095 0220  PeerDistSvc - ok
18:32:03.0155 0220  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:32:03.0175 0220  PerfHost - ok
18:32:03.0215 0220  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:32:03.0275 0220  pla - ok
18:32:03.0325 0220  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:32:03.0345 0220  PlugPlay - ok
18:32:03.0375 0220  PnkBstrA - ok
18:32:03.0385 0220  PnkBstrB - ok
18:32:03.0415 0220  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:32:03.0435 0220  PNRPAutoReg - ok
18:32:03.0455 0220  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:32:03.0465 0220  PNRPsvc - ok
18:32:03.0485 0220  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:32:03.0535 0220  PolicyAgent - ok
18:32:03.0575 0220  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:32:03.0615 0220  Power - ok
18:32:03.0665 0220  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:32:03.0705 0220  PptpMiniport - ok
18:32:03.0745 0220  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:32:03.0775 0220  Processor - ok
18:32:03.0815 0220  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:32:03.0835 0220  ProfSvc - ok
18:32:03.0835 0220  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:32:03.0845 0220  ProtectedStorage - ok
18:32:03.0895 0220  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:32:03.0935 0220  Psched - ok
18:32:03.0975 0220  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:32:04.0015 0220  ql2300 - ok
18:32:04.0025 0220  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:32:04.0035 0220  ql40xx - ok
18:32:04.0065 0220  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:32:04.0085 0220  QWAVE - ok
18:32:04.0095 0220  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:32:04.0125 0220  QWAVEdrv - ok
18:32:04.0185 0220  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
18:32:04.0195 0220  RapiMgr - ok
18:32:04.0215 0220  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:32:04.0245 0220  RasAcd - ok
18:32:04.0265 0220  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:32:04.0285 0220  RasAgileVpn - ok
18:32:04.0305 0220  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:32:04.0335 0220  RasAuto - ok
18:32:04.0345 0220  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:04.0385 0220  Rasl2tp - ok
18:32:04.0405 0220  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:32:04.0435 0220  RasMan - ok
18:32:04.0455 0220  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:04.0495 0220  RasPppoe - ok
18:32:04.0505 0220  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:32:04.0535 0220  RasSstp - ok
18:32:04.0565 0220  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:32:04.0605 0220  rdbss - ok
18:32:04.0615 0220  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:32:04.0635 0220  rdpbus - ok
18:32:04.0645 0220  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:32:04.0675 0220  RDPCDD - ok
18:32:04.0715 0220  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:32:04.0735 0220  RDPDR - ok
18:32:04.0765 0220  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:32:04.0795 0220  RDPENCDD - ok
18:32:04.0805 0220  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:32:04.0835 0220  RDPREFMP - ok
18:32:04.0895 0220  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:32:04.0945 0220  RdpVideoMiniport - ok
18:32:04.0985 0220  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:32:05.0055 0220  RDPWD - ok
18:32:05.0075 0220  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:32:05.0095 0220  rdyboost - ok
18:32:05.0115 0220  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:32:05.0155 0220  RemoteAccess - ok
18:32:05.0185 0220  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:32:05.0225 0220  RemoteRegistry - ok
18:32:05.0255 0220  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:32:05.0295 0220  RpcEptMapper - ok
18:32:05.0315 0220  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:32:05.0345 0220  RpcLocator - ok
18:32:05.0365 0220  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:32:05.0395 0220  RpcSs - ok
18:32:05.0405 0220  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:32:05.0435 0220  rspndr - ok
18:32:05.0505 0220  [ D63C9C1A427A134461258B7B8742858F ] RTCore64        C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
18:32:05.0515 0220  RTCore64 - ok
18:32:05.0545 0220  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:32:05.0575 0220  s3cap - ok
18:32:05.0585 0220  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:32:05.0595 0220  SamSs - ok
18:32:05.0605 0220  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:32:05.0615 0220  sbp2port - ok
18:32:05.0635 0220  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:32:05.0675 0220  SCardSvr - ok
18:32:05.0695 0220  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:32:05.0725 0220  scfilter - ok
18:32:05.0755 0220  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:32:05.0805 0220  Schedule - ok
18:32:05.0845 0220  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:32:05.0865 0220  SCPolicySvc - ok
18:32:05.0895 0220  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:32:05.0945 0220  SDRSVC - ok
18:32:05.0965 0220  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:32:06.0005 0220  secdrv - ok
18:32:06.0015 0220  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:32:06.0055 0220  seclogon - ok
18:32:06.0075 0220  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:32:06.0125 0220  SENS - ok
18:32:06.0135 0220  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:32:06.0175 0220  SensrSvc - ok
18:32:06.0195 0220  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:32:06.0215 0220  Serenum - ok
18:32:06.0245 0220  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:32:06.0255 0220  Serial - ok
18:32:06.0285 0220  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:32:06.0295 0220  sermouse - ok
18:32:06.0325 0220  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:32:06.0365 0220  SessionEnv - ok
18:32:06.0375 0220  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:32:06.0395 0220  sffdisk - ok
18:32:06.0405 0220  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:32:06.0445 0220  sffp_mmc - ok
18:32:06.0455 0220  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:32:06.0485 0220  sffp_sd - ok
18:32:06.0495 0220  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:32:06.0505 0220  sfloppy - ok
18:32:06.0555 0220  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:32:06.0585 0220  SharedAccess - ok
18:32:06.0605 0220  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:32:06.0635 0220  ShellHWDetection - ok
18:32:06.0655 0220  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:32:06.0665 0220  SiSRaid2 - ok
18:32:06.0675 0220  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:32:06.0685 0220  SiSRaid4 - ok
18:32:06.0765 0220  [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:32:06.0765 0220  SkypeUpdate - ok
18:32:06.0785 0220  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:32:06.0815 0220  Smb - ok
18:32:06.0855 0220  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:32:06.0865 0220  SNMPTRAP - ok
18:32:06.0905 0220  [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:32:06.0915 0220  speedfan - ok
18:32:06.0925 0220  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:32:06.0935 0220  spldr - ok
18:32:06.0965 0220  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:32:06.0995 0220  Spooler - ok
18:32:07.0065 0220  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:32:07.0155 0220  sppsvc - ok
18:32:07.0175 0220  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:32:07.0215 0220  sppuinotify - ok
18:32:07.0255 0220  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\System32\Drivers\sptd.sys
18:32:07.0275 0220  sptd - ok
18:32:07.0315 0220  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:32:07.0345 0220  srv - ok
18:32:07.0365 0220  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:32:07.0395 0220  srv2 - ok
18:32:07.0425 0220  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:32:07.0435 0220  srvnet - ok
18:32:07.0465 0220  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:32:07.0525 0220  SSDPSRV - ok
18:32:07.0565 0220  SSPORT - ok
18:32:07.0595 0220  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:32:07.0625 0220  SstpSvc - ok
18:32:07.0675 0220  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:32:07.0685 0220  ssudmdm - ok
18:32:07.0715 0220  Steam Client Service - ok
18:32:07.0775 0220  [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:32:07.0795 0220  Stereo Service - ok
18:32:07.0805 0220  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:32:07.0815 0220  stexstor - ok
18:32:07.0925 0220  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:32:07.0975 0220  stisvc - ok
18:32:08.0015 0220  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:32:08.0025 0220  storflt - ok
18:32:08.0055 0220  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:32:08.0065 0220  storvsc - ok
18:32:08.0085 0220  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:32:08.0095 0220  swenum - ok
18:32:08.0145 0220  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:32:08.0195 0220  swprv - ok
18:32:08.0215 0220  Synth3dVsc - ok
18:32:08.0285 0220  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:32:08.0325 0220  SysMain - ok
18:32:08.0345 0220  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:32:08.0355 0220  TabletInputService - ok
18:32:08.0385 0220  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:32:08.0425 0220  TapiSrv - ok
18:32:08.0445 0220  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:32:08.0475 0220  TBS - ok
18:32:08.0525 0220  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:32:08.0565 0220  Tcpip - ok
18:32:08.0595 0220  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:32:08.0645 0220  TCPIP6 - ok
18:32:08.0675 0220  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:32:08.0685 0220  tcpipreg - ok
18:32:08.0705 0220  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:32:08.0745 0220  TDPIPE - ok
18:32:08.0775 0220  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:32:08.0785 0220  TDTCP - ok
18:32:08.0815 0220  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:32:08.0855 0220  tdx - ok
18:32:08.0935 0220  [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
18:32:08.0965 0220  Te.Service ( UnsignedFile.Multi.Generic ) - warning
18:32:08.0965 0220  Te.Service - detected UnsignedFile.Multi.Generic (1)
18:32:09.0095 0220  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:32:09.0155 0220  TeamViewer8 - ok
18:32:09.0205 0220  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
18:32:09.0205 0220  teamviewervpn - ok
18:32:09.0245 0220  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:32:09.0255 0220  TermDD - ok
18:32:09.0275 0220  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:32:09.0315 0220  TermService - ok
18:32:09.0345 0220  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:32:09.0375 0220  Themes - ok
18:32:09.0405 0220  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:32:09.0435 0220  THREADORDER - ok
18:32:09.0445 0220  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:32:09.0485 0220  TrkWks - ok
18:32:09.0535 0220  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:32:09.0585 0220  TrustedInstaller - ok
18:32:09.0615 0220  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:32:09.0635 0220  tssecsrv - ok
18:32:09.0655 0220  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:32:09.0675 0220  TsUsbFlt - ok
18:32:09.0675 0220  tsusbhub - ok
18:32:09.0735 0220  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:32:09.0775 0220  tunnel - ok
18:32:09.0805 0220  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:32:09.0815 0220  uagp35 - ok
18:32:09.0825 0220  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:32:09.0875 0220  udfs - ok
18:32:09.0925 0220  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:32:09.0935 0220  UI0Detect - ok
18:32:09.0965 0220  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:32:09.0975 0220  uliagpkx - ok
18:32:09.0985 0220  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:32:09.0995 0220  umbus - ok
18:32:10.0005 0220  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:32:10.0025 0220  UmPass - ok
18:32:10.0045 0220  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
18:32:10.0065 0220  UmRdpService - ok
18:32:10.0095 0220  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:32:10.0145 0220  upnphost - ok
18:32:10.0165 0220  upperdev - ok
18:32:10.0205 0220  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:32:10.0245 0220  usbccgp - ok
18:32:10.0315 0220  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:32:10.0325 0220  usbcir - ok
18:32:10.0355 0220  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:32:10.0365 0220  usbehci - ok
18:32:10.0395 0220  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:32:10.0435 0220  usbhub - ok
18:32:10.0445 0220  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:32:10.0455 0220  usbohci - ok
18:32:10.0485 0220  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:32:10.0495 0220  usbprint - ok
18:32:10.0505 0220  UsbserFilt - ok
18:32:10.0545 0220  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:32:10.0605 0220  USBSTOR - ok
18:32:10.0655 0220  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:32:10.0675 0220  usbuhci - ok
18:32:10.0685 0220  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:32:10.0735 0220  UxSms - ok
18:32:10.0745 0220  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:32:10.0755 0220  VaultSvc - ok
18:32:10.0795 0220  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:32:10.0805 0220  vdrvroot - ok
18:32:10.0835 0220  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:32:10.0875 0220  vds - ok
18:32:10.0895 0220  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:32:10.0905 0220  vga - ok
18:32:10.0915 0220  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:32:10.0955 0220  VgaSave - ok
18:32:10.0975 0220  VGPU - ok
18:32:10.0985 0220  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:32:10.0995 0220  vhdmp - ok
18:32:11.0005 0220  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:32:11.0015 0220  viaide - ok
18:32:11.0035 0220  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:32:11.0045 0220  vmbus - ok
18:32:11.0055 0220  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:32:11.0065 0220  VMBusHID - ok
18:32:11.0085 0220  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:32:11.0095 0220  volmgr - ok
18:32:11.0115 0220  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:32:11.0125 0220  volmgrx - ok
18:32:11.0145 0220  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:32:11.0155 0220  volsnap - ok
18:32:11.0175 0220  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:32:11.0185 0220  vsmraid - ok
18:32:11.0245 0220  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:32:11.0295 0220  VSS - ok
18:32:11.0315 0220  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:32:11.0335 0220  vwifibus - ok
18:32:11.0355 0220  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:32:11.0385 0220  W32Time - ok
18:32:11.0395 0220  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:32:11.0415 0220  WacomPen - ok
18:32:11.0435 0220  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:32:11.0475 0220  WANARP - ok
18:32:11.0485 0220  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:32:11.0505 0220  Wanarpv6 - ok
18:32:11.0545 0220  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:32:11.0585 0220  wbengine - ok
18:32:11.0625 0220  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:32:11.0645 0220  WbioSrvc - ok
18:32:11.0705 0220  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
18:32:11.0715 0220  WcesComm - ok
18:32:11.0725 0220  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:32:11.0775 0220  wcncsvc - ok
18:32:11.0785 0220  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:32:11.0795 0220  WcsPlugInService - ok
18:32:11.0805 0220  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:32:11.0815 0220  Wd - ok
18:32:11.0845 0220  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:32:11.0865 0220  Wdf01000 - ok
18:32:11.0875 0220  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:32:11.0925 0220  WdiServiceHost - ok
18:32:11.0925 0220  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:32:11.0945 0220  WdiSystemHost - ok
18:32:11.0965 0220  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:32:11.0995 0220  WebClient - ok
18:32:12.0015 0220  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:32:12.0065 0220  Wecsvc - ok
18:32:12.0075 0220  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:32:12.0115 0220  wercplsupport - ok
18:32:12.0145 0220  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:32:12.0185 0220  WerSvc - ok
18:32:12.0195 0220  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:32:12.0225 0220  WfpLwf - ok
18:32:12.0225 0220  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:32:12.0235 0220  WIMMount - ok
18:32:12.0255 0220  WinDefend - ok
18:32:12.0265 0220  WinHttpAutoProxySvc - ok
18:32:12.0375 0220  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:32:12.0405 0220  Winmgmt - ok
18:32:12.0455 0220  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:32:12.0515 0220  WinRM - ok
18:32:12.0545 0220  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
18:32:12.0565 0220  WINUSB - ok
18:32:12.0595 0220  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:32:12.0625 0220  Wlansvc - ok
18:32:12.0735 0220  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:32:12.0765 0220  wlidsvc - ok
18:32:12.0795 0220  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:32:12.0805 0220  WmiAcpi - ok
18:32:12.0815 0220  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:32:12.0845 0220  wmiApSrv - ok
18:32:12.0865 0220  WMPNetworkSvc - ok
18:32:12.0895 0220  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:32:12.0915 0220  WPCSvc - ok
18:32:12.0945 0220  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:32:12.0955 0220  WPDBusEnum - ok
18:32:12.0975 0220  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:32:13.0005 0220  ws2ifsl - ok
18:32:13.0015 0220  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:32:13.0045 0220  wscsvc - ok
18:32:13.0045 0220  WSearch - ok
18:32:13.0125 0220  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:32:13.0175 0220  wuauserv - ok
18:32:13.0205 0220  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:32:13.0265 0220  WudfPf - ok
18:32:13.0295 0220  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:32:13.0305 0220  WUDFRd - ok
18:32:13.0335 0220  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:32:13.0375 0220  wudfsvc - ok
18:32:13.0405 0220  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:32:13.0435 0220  WwanSvc - ok
18:32:13.0485 0220  [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:32:13.0515 0220  yukonw7 - ok
18:32:13.0535 0220  ================ Scan global ===============================
18:32:13.0555 0220  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:32:13.0585 0220  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:13.0585 0220  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:13.0605 0220  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:32:13.0625 0220  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:32:13.0635 0220  [Global] - ok
18:32:13.0635 0220  ================ Scan MBR ==================================
18:32:13.0645 0220  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:32:13.0915 0220  \Device\Harddisk0\DR0 - ok
18:32:13.0915 0220  ================ Scan VBR ==================================
18:32:13.0915 0220  [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
18:32:13.0915 0220  \Device\Harddisk0\DR0\Partition1 - ok
18:32:13.0915 0220  [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
18:32:13.0915 0220  \Device\Harddisk0\DR0\Partition2 - ok
18:32:13.0935 0220  [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
18:32:13.0935 0220  \Device\Harddisk0\DR0\Partition3 - ok
18:32:13.0955 0220  [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
18:32:13.0955 0220  \Device\Harddisk0\DR0\Partition4 - ok
18:32:13.0985 0220  [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
18:32:13.0985 0220  \Device\Harddisk0\DR0\Partition5 - ok
18:32:13.0985 0220  ============================================================
18:32:13.0985 0220  Scan finished
18:32:13.0985 0220  ============================================================
18:32:13.0995 5376  Detected object count: 1
18:32:13.0995 5376  Actual detected object count: 1
18:32:24.0055 5376  Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:32:24.0055 5376  Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Letzteres hatte etwas gefunden, aber keinen Neustart oder ähnliches verlangt. Wie angewiesen sind keine Korrekturmaßnahmen erfolgt.

Gruß Fitzendrix

Alt 22.03.2013, 18:48   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Zitat:
TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
Immer noch nicht richtig
Du hast den tdsskiller vorher nicht neu runtergeladen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.03.2013, 18:52   #11
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Ah saddamt, stimmt - das habe ich vergessen: das Laden hat gestern nicht so recht funktioniert (bekam nur eine Meldung wegen Umzug auf der Seite), hatte die Vorgängerversion genommen....

Bin mal kurz ne Mauer suchen... Danach folgt der dritte Versuch.

Update (18.57Uhr):

Code:
ATTFilter
18:53:25.0150 8556  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:53:25.0390 8556  ============================================================
18:53:25.0390 8556  Current date / time: 2013/03/22 18:53:25.0390
18:53:25.0390 8556  SystemInfo:
18:53:25.0390 8556  
18:53:25.0390 8556  OS Version: 6.1.7601 ServicePack: 1.0
18:53:25.0390 8556  Product type: Workstation
18:53:25.0390 8556  ComputerName: CHAOS-KISTE
18:53:25.0390 8556  UserName: Anti
18:53:25.0390 8556  Windows directory: C:\Windows
18:53:25.0390 8556  System windows directory: C:\Windows
18:53:25.0390 8556  Running under WOW64
18:53:25.0390 8556  Processor architecture: Intel x64
18:53:25.0390 8556  Number of processors: 4
18:53:25.0390 8556  Page size: 0x1000
18:53:25.0390 8556  Boot type: Normal boot
18:53:25.0390 8556  ============================================================
18:53:26.0650 8556  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:53:26.0710 8556  ============================================================
18:53:26.0710 8556  \Device\Harddisk0\DR0:
18:53:26.0710 8556  MBR partitions:
18:53:26.0710 8556  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
18:53:26.0720 8556  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
18:53:26.0730 8556  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
18:53:26.0750 8556  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
18:53:26.0790 8556  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
18:53:26.0790 8556  ============================================================
18:53:26.0840 8556  C: <-> \Device\Harddisk0\DR0\Partition4
18:53:26.0860 8556  D: <-> \Device\Harddisk0\DR0\Partition1
18:53:26.0900 8556  F: <-> \Device\Harddisk0\DR0\Partition2
18:53:26.0960 8556  G: <-> \Device\Harddisk0\DR0\Partition3
18:53:27.0000 8556  H: <-> \Device\Harddisk0\DR0\Partition5
18:53:27.0000 8556  ============================================================
18:53:27.0000 8556  Initialize success
18:53:27.0000 8556  ============================================================
18:53:49.0950 18036  ============================================================
18:53:49.0950 18036  Scan started
18:53:49.0950 18036  Mode: Manual; SigCheck; TDLFS; 
18:53:49.0950 18036  ============================================================
18:53:50.0590 18036  ================ Scan system memory ========================
18:53:50.0590 18036  System memory - ok
18:53:50.0590 18036  ================ Scan services =============================
18:53:50.0670 18036  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:53:50.0720 18036  1394ohci - ok
18:53:50.0770 18036  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:53:50.0790 18036  ACPI - ok
18:53:50.0800 18036  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:53:50.0810 18036  AcpiPmi - ok
18:53:50.0900 18036  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:53:50.0910 18036  AdobeARMservice - ok
18:53:51.0030 18036  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:53:51.0040 18036  AdobeFlashPlayerUpdateSvc - ok
18:53:51.0080 18036  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:53:51.0100 18036  adp94xx - ok
18:53:51.0110 18036  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:53:51.0130 18036  adpahci - ok
18:53:51.0140 18036  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:53:51.0150 18036  adpu320 - ok
18:53:51.0190 18036  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:53:51.0220 18036  AeLookupSvc - ok
18:53:51.0320 18036  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:53:51.0330 18036  AFD - ok
18:53:51.0390 18036  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:53:51.0400 18036  agp440 - ok
18:53:51.0410 18036  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:53:51.0420 18036  ALG - ok
18:53:51.0430 18036  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:53:51.0430 18036  aliide - ok
18:53:51.0510 18036  [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:53:51.0520 18036  AMD External Events Utility - ok
18:53:51.0530 18036  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:53:51.0540 18036  amdide - ok
18:53:51.0550 18036  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:53:51.0560 18036  AmdK8 - ok
18:53:51.0780 18036  [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:51.0880 18036  amdkmdag - ok
18:53:51.0940 18036  [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:53:51.0960 18036  amdkmdap - ok
18:53:51.0960 18036  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:53:51.0970 18036  AmdPPM - ok
18:53:52.0000 18036  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:53:52.0010 18036  amdsata - ok
18:53:52.0030 18036  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:53:52.0040 18036  amdsbs - ok
18:53:52.0040 18036  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:53:52.0050 18036  amdxata - ok
18:53:52.0120 18036  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:53:52.0150 18036  AppID - ok
18:53:52.0170 18036  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:53:52.0200 18036  AppIDSvc - ok
18:53:52.0250 18036  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:53:52.0280 18036  Appinfo - ok
18:53:52.0310 18036  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:53:52.0320 18036  AppMgmt - ok
18:53:52.0340 18036  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:53:52.0350 18036  arc - ok
18:53:52.0350 18036  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:53:52.0360 18036  arcsas - ok
18:53:52.0470 18036  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:53:52.0480 18036  aspnet_state - ok
18:53:52.0510 18036  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:53:52.0530 18036  AsyncMac - ok
18:53:52.0550 18036  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:53:52.0560 18036  atapi - ok
18:53:52.0610 18036  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:53:52.0620 18036  AtiHDAudioService - ok
18:53:52.0630 18036  [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:53:52.0640 18036  AtiHdmiService - ok
18:53:52.0670 18036  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:53:52.0700 18036  AudioEndpointBuilder - ok
18:53:52.0710 18036  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:53:52.0740 18036  AudioSrv - ok
18:53:52.0770 18036  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:53:52.0780 18036  AxInstSV - ok
18:53:52.0810 18036  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:53:52.0820 18036  b06bdrv - ok
18:53:52.0830 18036  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:53:52.0850 18036  b57nd60a - ok
18:53:52.0870 18036  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:53:52.0880 18036  BDESVC - ok
18:53:52.0890 18036  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:53:52.0920 18036  Beep - ok
18:53:52.0970 18036  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:53:53.0000 18036  BFE - ok
18:53:53.0020 18036  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:53:53.0060 18036  BITS - ok
18:53:53.0070 18036  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:53:53.0080 18036  blbdrive - ok
18:53:53.0100 18036  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:53:53.0110 18036  bowser - ok
18:53:53.0110 18036  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:53:53.0130 18036  BrFiltLo - ok
18:53:53.0140 18036  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:53:53.0150 18036  BrFiltUp - ok
18:53:53.0170 18036  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:53:53.0190 18036  Browser - ok
18:53:53.0190 18036  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:53:53.0200 18036  Brserid - ok
18:53:53.0220 18036  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:53:53.0230 18036  BrSerWdm - ok
18:53:53.0280 18036  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:53:53.0290 18036  BrUsbMdm - ok
18:53:53.0300 18036  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:53:53.0310 18036  BrUsbSer - ok
18:53:53.0320 18036  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:53:53.0330 18036  BTHMODEM - ok
18:53:53.0340 18036  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:53:53.0370 18036  bthserv - ok
18:53:53.0370 18036  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:53:53.0400 18036  cdfs - ok
18:53:53.0410 18036  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:53:53.0430 18036  cdrom - ok
18:53:53.0440 18036  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:53:53.0470 18036  CertPropSvc - ok
18:53:53.0480 18036  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:53:53.0490 18036  circlass - ok
18:53:53.0520 18036  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:53:53.0530 18036  CLFS - ok
18:53:53.0580 18036  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:53.0580 18036  clr_optimization_v2.0.50727_32 - ok
18:53:53.0630 18036  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:53:53.0640 18036  clr_optimization_v2.0.50727_64 - ok
18:53:53.0700 18036  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:53:53.0710 18036  clr_optimization_v4.0.30319_32 - ok
18:53:53.0720 18036  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:53:53.0730 18036  clr_optimization_v4.0.30319_64 - ok
18:53:53.0750 18036  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:53:53.0760 18036  CmBatt - ok
18:53:53.0770 18036  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:53:53.0780 18036  cmdide - ok
18:53:53.0810 18036  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
18:53:53.0830 18036  CNG - ok
18:53:53.0850 18036  [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL    C:\Windows\system32\COMMONFX.DLL
18:53:53.0860 18036  COMMONFX.DLL - ok
18:53:53.0870 18036  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:53:53.0880 18036  Compbatt - ok
18:53:53.0940 18036  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:53:53.0960 18036  CompositeBus - ok
18:53:53.0960 18036  COMSysApp - ok
18:53:54.0000 18036  [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
18:53:54.0010 18036  cpuz135 - ok
18:53:54.0030 18036  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:53:54.0030 18036  crcdisk - ok
18:53:54.0080 18036  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:53:54.0090 18036  CryptSvc - ok
18:53:54.0120 18036  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
18:53:54.0130 18036  CSC - ok
18:53:54.0160 18036  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
18:53:54.0170 18036  CscService - ok
18:53:54.0200 18036  [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL     C:\Windows\system32\CT20XUT.DLL
18:53:54.0210 18036  CT20XUT.DLL - ok
18:53:54.0250 18036  [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
18:53:54.0260 18036  ctac32k - ok
18:53:54.0290 18036  [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
18:53:54.0310 18036  ctaud2k - ok
18:53:54.0330 18036  [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL     C:\Windows\system32\CTAUDFX.DLL
18:53:54.0340 18036  CTAUDFX.DLL - ok
18:53:54.0360 18036  [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL    C:\Windows\system32\CTEAPSFX.DLL
18:53:54.0370 18036  CTEAPSFX.DLL - ok
18:53:54.0390 18036  [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL    C:\Windows\system32\CTEDSPFX.DLL
18:53:54.0400 18036  CTEDSPFX.DLL - ok
18:53:54.0410 18036  [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL    C:\Windows\system32\CTEDSPIO.DLL
18:53:54.0420 18036  CTEDSPIO.DLL - ok
18:53:54.0420 18036  [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL    C:\Windows\system32\CTEDSPSY.DLL
18:53:54.0440 18036  CTEDSPSY.DLL - ok
18:53:54.0440 18036  [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL    C:\Windows\system32\CTERFXFX.DLL
18:53:54.0450 18036  CTERFXFX.DLL - ok
18:53:54.0490 18036  [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL    C:\Windows\system32\CTEXFIFX.DLL
18:53:54.0510 18036  CTEXFIFX.DLL - ok
18:53:54.0520 18036  [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL     C:\Windows\system32\CTHWIUT.DLL
18:53:54.0530 18036  CTHWIUT.DLL - ok
18:53:54.0540 18036  [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
18:53:54.0550 18036  ctprxy2k - ok
18:53:54.0570 18036  [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL     C:\Windows\system32\CTSBLFX.DLL
18:53:54.0590 18036  CTSBLFX.DLL - ok
18:53:54.0590 18036  [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
18:53:54.0610 18036  ctsfm2k - ok
18:53:54.0660 18036  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
18:53:54.0670 18036  ctxusbm - ok
18:53:54.0730 18036  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:53:54.0770 18036  DcomLaunch - ok
18:53:54.0790 18036  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:53:54.0820 18036  defragsvc - ok
18:53:54.0850 18036  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:53:54.0880 18036  DfsC - ok
18:53:54.0920 18036  DgiVecp - ok
18:53:54.0960 18036  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:53:54.0960 18036  dg_ssudbus - ok
18:53:55.0000 18036  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:53:55.0010 18036  Dhcp - ok
18:53:55.0030 18036  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:53:55.0060 18036  discache - ok
18:53:55.0080 18036  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:53:55.0090 18036  Disk - ok
18:53:55.0110 18036  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:53:55.0120 18036  Dnscache - ok
18:53:55.0150 18036  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:53:55.0180 18036  dot3svc - ok
18:53:55.0210 18036  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:53:55.0240 18036  DPS - ok
18:53:55.0280 18036  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:53:55.0290 18036  drmkaud - ok
18:53:55.0320 18036  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:53:55.0340 18036  DXGKrnl - ok
18:53:55.0360 18036  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:53:55.0390 18036  EapHost - ok
18:53:55.0470 18036  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:53:55.0510 18036  ebdrv - ok
18:53:55.0520 18036  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:53:55.0530 18036  EFS - ok
18:53:55.0570 18036  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:53:55.0580 18036  ehRecvr - ok
18:53:55.0610 18036  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:53:55.0620 18036  ehSched - ok
18:53:55.0640 18036  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:53:55.0650 18036  elxstor - ok
18:53:55.0670 18036  [ 1E2F860D9521FB73566C85CD17D58291 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
18:53:55.0680 18036  emupia - ok
18:53:55.0700 18036  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:53:55.0710 18036  ErrDev - ok
18:53:55.0730 18036  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:53:55.0760 18036  EventSystem - ok
18:53:55.0770 18036  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:53:55.0800 18036  exfat - ok
18:53:55.0800 18036  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:53:55.0830 18036  fastfat - ok
18:53:55.0870 18036  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:53:55.0880 18036  Fax - ok
18:53:55.0890 18036  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:53:55.0900 18036  fdc - ok
18:53:55.0910 18036  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:53:55.0940 18036  fdPHost - ok
18:53:55.0950 18036  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:53:55.0970 18036  FDResPub - ok
18:53:55.0990 18036  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:53:56.0000 18036  FileInfo - ok
18:53:56.0010 18036  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:53:56.0030 18036  Filetrace - ok
18:53:56.0040 18036  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:56.0050 18036  flpydisk - ok
18:53:56.0070 18036  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:53:56.0080 18036  FltMgr - ok
18:53:56.0170 18036  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:53:56.0190 18036  FontCache - ok
18:53:56.0220 18036  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:56.0230 18036  FontCache3.0.0.0 - ok
18:53:56.0250 18036  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:53:56.0260 18036  FsDepends - ok
18:53:56.0270 18036  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:53:56.0280 18036  Fs_Rec - ok
18:53:56.0350 18036  [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:53:56.0360 18036  Futuremark SystemInfo Service - ok
18:53:56.0400 18036  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:53:56.0410 18036  fvevol - ok
18:53:56.0440 18036  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:53:56.0450 18036  gagp30kx - ok
18:53:56.0480 18036  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:53:56.0510 18036  gpsvc - ok
18:53:56.0560 18036  [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k        C:\Windows\system32\drivers\ha10kx2k.sys
18:53:56.0580 18036  ha10kx2k - ok
18:53:56.0600 18036  [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k        C:\Windows\system32\drivers\hap16v2k.sys
18:53:56.0610 18036  hap16v2k - ok
18:53:56.0650 18036  [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k        C:\Windows\system32\drivers\hap17v2k.sys
18:53:56.0660 18036  hap17v2k - ok
18:53:56.0680 18036  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:53:56.0690 18036  hcw85cir - ok
18:53:56.0740 18036  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:53:56.0750 18036  HdAudAddService - ok
18:53:56.0820 18036  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:53:56.0830 18036  HDAudBus - ok
18:53:56.0840 18036  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:53:56.0850 18036  HidBatt - ok
18:53:56.0870 18036  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:53:56.0880 18036  HidBth - ok
18:53:56.0890 18036  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:53:56.0900 18036  HidIr - ok
18:53:56.0920 18036  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:53:56.0950 18036  hidserv - ok
18:53:56.0980 18036  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:53:56.0990 18036  HidUsb - ok
18:53:57.0020 18036  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:53:57.0040 18036  hkmsvc - ok
18:53:57.0070 18036  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:53:57.0080 18036  HomeGroupListener - ok
18:53:57.0100 18036  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:53:57.0110 18036  HomeGroupProvider - ok
18:53:57.0130 18036  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:53:57.0140 18036  HpSAMD - ok
18:53:57.0180 18036  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:53:57.0210 18036  HTTP - ok
18:53:57.0230 18036  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:53:57.0240 18036  hwpolicy - ok
18:53:57.0260 18036  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:53:57.0270 18036  i8042prt - ok
18:53:57.0290 18036  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:53:57.0310 18036  iaStorV - ok
18:53:57.0340 18036  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:57.0360 18036  idsvc - ok
18:53:57.0390 18036  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:53:57.0400 18036  iirsp - ok
18:53:57.0430 18036  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:53:57.0460 18036  IKEEXT - ok
18:53:57.0510 18036  IntcAzAudAddService - ok
18:53:57.0520 18036  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:53:57.0530 18036  intelide - ok
18:53:57.0550 18036  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:53:57.0560 18036  intelppm - ok
18:53:57.0580 18036  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:53:57.0620 18036  IPBusEnum - ok
18:53:57.0650 18036  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:57.0670 18036  IpFilterDriver - ok
18:53:57.0700 18036  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:53:57.0720 18036  iphlpsvc - ok
18:53:57.0730 18036  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:53:57.0740 18036  IPMIDRV - ok
18:53:57.0750 18036  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:53:57.0780 18036  IPNAT - ok
18:53:57.0810 18036  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:53:57.0820 18036  IRENUM - ok
18:53:57.0830 18036  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:53:57.0840 18036  isapnp - ok
18:53:57.0850 18036  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:53:57.0860 18036  iScsiPrt - ok
18:53:57.0880 18036  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:57.0890 18036  kbdclass - ok
18:53:57.0900 18036  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:57.0910 18036  kbdhid - ok
18:53:57.0930 18036  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:53:57.0940 18036  KeyIso - ok
18:53:57.0960 18036  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:53:57.0970 18036  KSecDD - ok
18:53:57.0990 18036  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:53:58.0000 18036  KSecPkg - ok
18:53:58.0010 18036  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:53:58.0040 18036  ksthunk - ok
18:53:58.0070 18036  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:53:58.0100 18036  KtmRm - ok
18:53:58.0120 18036  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:53:58.0150 18036  LanmanServer - ok
18:53:58.0170 18036  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:58.0200 18036  LanmanWorkstation - ok
18:53:58.0310 18036  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:53:58.0330 18036  LBTServ - ok
18:53:58.0390 18036  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
18:53:58.0390 18036  LGBusEnum - ok
18:53:58.0420 18036  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:53:58.0430 18036  LGVirHid - ok
18:53:58.0480 18036  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:53:58.0490 18036  LHidFilt - ok
18:53:58.0520 18036  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:53:58.0540 18036  lltdio - ok
18:53:58.0570 18036  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:53:58.0600 18036  lltdsvc - ok
18:53:58.0610 18036  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:53:58.0640 18036  lmhosts - ok
18:53:58.0640 18036  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:53:58.0650 18036  LMouFilt - ok
18:53:58.0700 18036  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:53:58.0710 18036  LSI_FC - ok
18:53:58.0720 18036  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:53:58.0730 18036  LSI_SAS - ok
18:53:58.0730 18036  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:53:58.0740 18036  LSI_SAS2 - ok
18:53:58.0750 18036  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:53:58.0760 18036  LSI_SCSI - ok
18:53:58.0810 18036  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:53:58.0840 18036  luafv - ok
18:53:58.0920 18036  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
18:53:58.0930 18036  LUsbFilt - ok
18:53:59.0100 18036  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:53:59.0110 18036  MBAMProtector - ok
18:53:59.0140 18036  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:53:59.0150 18036  MBAMScheduler - ok
18:53:59.0190 18036  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:59.0210 18036  MBAMService - ok
18:53:59.0240 18036  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:53:59.0250 18036  Mcx2Svc - ok
18:53:59.0260 18036  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:53:59.0270 18036  megasas - ok
18:53:59.0290 18036  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:53:59.0300 18036  MegaSR - ok
18:53:59.0300 18036  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:53:59.0330 18036  MMCSS - ok
18:53:59.0340 18036  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:53:59.0360 18036  Modem - ok
18:53:59.0390 18036  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:53:59.0400 18036  monitor - ok
18:53:59.0430 18036  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:53:59.0440 18036  mouclass - ok
18:53:59.0450 18036  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:53:59.0460 18036  mouhid - ok
18:53:59.0480 18036  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:53:59.0490 18036  mountmgr - ok
18:53:59.0540 18036  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:53:59.0550 18036  MozillaMaintenance - ok
18:53:59.0600 18036  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:53:59.0610 18036  MpFilter - ok
18:53:59.0630 18036  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:53:59.0640 18036  mpio - ok
18:53:59.0660 18036  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:53:59.0690 18036  mpsdrv - ok
18:53:59.0720 18036  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:53:59.0750 18036  MpsSvc - ok
18:53:59.0770 18036  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:53:59.0790 18036  MRxDAV - ok
18:53:59.0810 18036  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:59.0820 18036  mrxsmb - ok
18:53:59.0870 18036  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:59.0880 18036  mrxsmb10 - ok
18:53:59.0880 18036  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:59.0890 18036  mrxsmb20 - ok
18:53:59.0900 18036  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:53:59.0910 18036  msahci - ok
18:53:59.0930 18036  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:53:59.0940 18036  msdsm - ok
18:53:59.0950 18036  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:53:59.0960 18036  MSDTC - ok
18:53:59.0990 18036  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:54:00.0010 18036  Msfs - ok
18:54:00.0020 18036  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:54:00.0050 18036  mshidkmdf - ok
18:54:00.0060 18036  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:54:00.0070 18036  msisadrv - ok
18:54:00.0090 18036  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:54:00.0120 18036  MSiSCSI - ok
18:54:00.0120 18036  msiserver - ok
18:54:00.0140 18036  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:54:00.0170 18036  MSKSSRV - ok
18:54:00.0240 18036  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:54:00.0250 18036  MsMpSvc - ok
18:54:00.0270 18036  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:54:00.0300 18036  MSPCLOCK - ok
18:54:00.0300 18036  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:54:00.0330 18036  MSPQM - ok
18:54:00.0350 18036  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:54:00.0370 18036  MsRPC - ok
18:54:00.0370 18036  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:54:00.0380 18036  mssmbios - ok
18:54:00.0380 18036  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:54:00.0410 18036  MSTEE - ok
18:54:00.0420 18036  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:54:00.0430 18036  MTConfig - ok
18:54:00.0460 18036  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
18:54:00.0470 18036  MTsensor - ok
18:54:00.0500 18036  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:54:00.0510 18036  Mup - ok
18:54:00.0550 18036  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:54:00.0580 18036  napagent - ok
18:54:00.0610 18036  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:54:00.0630 18036  NativeWifiP - ok
18:54:00.0670 18036  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:54:00.0680 18036  NDIS - ok
18:54:00.0710 18036  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:54:00.0740 18036  NdisCap - ok
18:54:00.0750 18036  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:54:00.0780 18036  NdisTapi - ok
18:54:00.0810 18036  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:54:00.0830 18036  Ndisuio - ok
18:54:00.0860 18036  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:54:00.0890 18036  NdisWan - ok
18:54:00.0910 18036  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:54:00.0940 18036  NDProxy - ok
18:54:00.0940 18036  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:54:00.0970 18036  NetBIOS - ok
18:54:00.0980 18036  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:54:01.0010 18036  NetBT - ok
18:54:01.0020 18036  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:54:01.0030 18036  Netlogon - ok
18:54:01.0060 18036  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:54:01.0090 18036  Netman - ok
18:54:01.0140 18036  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0150 18036  NetMsmqActivator - ok
18:54:01.0150 18036  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0160 18036  NetPipeActivator - ok
18:54:01.0180 18036  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:54:01.0210 18036  netprofm - ok
18:54:01.0230 18036  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0240 18036  NetTcpActivator - ok
18:54:01.0240 18036  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0250 18036  NetTcpPortSharing - ok
18:54:01.0270 18036  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:54:01.0280 18036  nfrd960 - ok
18:54:01.0340 18036  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:54:01.0360 18036  NisDrv - ok
18:54:01.0420 18036  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
18:54:01.0430 18036  NisSrv - ok
18:54:01.0500 18036  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:54:01.0520 18036  NlaSvc - ok
18:54:01.0580 18036  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:54:01.0610 18036  Npfs - ok
18:54:01.0680 18036  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:54:01.0710 18036  nsi - ok
18:54:01.0720 18036  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:54:01.0740 18036  nsiproxy - ok
18:54:01.0790 18036  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:54:01.0820 18036  Ntfs - ok
18:54:01.0830 18036  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:54:01.0860 18036  Null - ok
18:54:02.0090 18036  [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:54:02.0230 18036  nvlddmkm - ok
18:54:02.0300 18036  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:54:02.0310 18036  nvraid - ok
18:54:02.0320 18036  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:54:02.0330 18036  nvstor - ok
18:54:02.0370 18036  [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:54:02.0390 18036  nvsvc - ok
18:54:02.0460 18036  [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:54:02.0490 18036  nvUpdatusService - ok
18:54:02.0530 18036  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:54:02.0540 18036  nv_agp - ok
18:54:02.0620 18036  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:54:02.0630 18036  odserv - ok
18:54:02.0640 18036  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:54:02.0650 18036  ohci1394 - ok
18:54:02.0670 18036  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:54:02.0680 18036  ose - ok
18:54:02.0690 18036  [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
18:54:02.0700 18036  ossrv - ok
18:54:02.0730 18036  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:54:02.0740 18036  p2pimsvc - ok
18:54:02.0760 18036  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:54:02.0770 18036  p2psvc - ok
18:54:02.0790 18036  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:54:02.0800 18036  Parport - ok
18:54:02.0820 18036  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:54:02.0830 18036  partmgr - ok
18:54:02.0840 18036  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:54:02.0860 18036  PcaSvc - ok
18:54:02.0890 18036  pccsmcfd - ok
18:54:02.0900 18036  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:54:02.0910 18036  pci - ok
18:54:02.0920 18036  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:54:02.0930 18036  pciide - ok
18:54:02.0950 18036  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:54:02.0960 18036  pcmcia - ok
18:54:02.0970 18036  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:54:02.0980 18036  pcw - ok
18:54:03.0000 18036  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:54:03.0040 18036  PEAUTH - ok
18:54:03.0080 18036  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:54:03.0100 18036  PeerDistSvc - ok
18:54:03.0170 18036  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:54:03.0180 18036  PerfHost - ok
18:54:03.0230 18036  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:54:03.0270 18036  pla - ok
18:54:03.0320 18036  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:54:03.0340 18036  PlugPlay - ok
18:54:03.0350 18036  PnkBstrA - ok
18:54:03.0350 18036  PnkBstrB - ok
18:54:03.0360 18036  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:54:03.0370 18036  PNRPAutoReg - ok
18:54:03.0390 18036  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:54:03.0400 18036  PNRPsvc - ok
18:54:03.0420 18036  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:54:03.0450 18036  PolicyAgent - ok
18:54:03.0480 18036  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:54:03.0510 18036  Power - ok
18:54:03.0550 18036  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:54:03.0580 18036  PptpMiniport - ok
18:54:03.0590 18036  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:54:03.0600 18036  Processor - ok
18:54:03.0640 18036  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:54:03.0650 18036  ProfSvc - ok
18:54:03.0660 18036  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:54:03.0670 18036  ProtectedStorage - ok
18:54:03.0710 18036  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:54:03.0740 18036  Psched - ok
18:54:03.0770 18036  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:54:03.0800 18036  ql2300 - ok
18:54:03.0810 18036  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:54:03.0820 18036  ql40xx - ok
18:54:03.0830 18036  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:54:03.0850 18036  QWAVE - ok
18:54:03.0860 18036  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:54:03.0870 18036  QWAVEdrv - ok
18:54:03.0910 18036  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
18:54:03.0920 18036  RapiMgr - ok
18:54:03.0940 18036  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:54:03.0970 18036  RasAcd - ok
18:54:03.0980 18036  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:54:04.0010 18036  RasAgileVpn - ok
18:54:04.0020 18036  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:54:04.0050 18036  RasAuto - ok
18:54:04.0070 18036  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:54:04.0100 18036  Rasl2tp - ok
18:54:04.0120 18036  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:54:04.0150 18036  RasMan - ok
18:54:04.0160 18036  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:54:04.0190 18036  RasPppoe - ok
18:54:04.0200 18036  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:54:04.0230 18036  RasSstp - ok
18:54:04.0250 18036  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:54:04.0280 18036  rdbss - ok
18:54:04.0290 18036  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:54:04.0310 18036  rdpbus - ok
18:54:04.0310 18036  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:54:04.0340 18036  RDPCDD - ok
18:54:04.0380 18036  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:54:04.0390 18036  RDPDR - ok
18:54:04.0410 18036  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:54:04.0430 18036  RDPENCDD - ok
18:54:04.0450 18036  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:54:04.0480 18036  RDPREFMP - ok
18:54:04.0530 18036  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:54:04.0540 18036  RdpVideoMiniport - ok
18:54:04.0580 18036  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:54:04.0590 18036  RDPWD - ok
18:54:04.0610 18036  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:54:04.0620 18036  rdyboost - ok
18:54:04.0650 18036  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:54:04.0680 18036  RemoteAccess - ok
18:54:04.0700 18036  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:54:04.0730 18036  RemoteRegistry - ok
18:54:04.0760 18036  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:54:04.0780 18036  RpcEptMapper - ok
18:54:04.0790 18036  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:54:04.0800 18036  RpcLocator - ok
18:54:04.0830 18036  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:54:04.0860 18036  RpcSs - ok
18:54:04.0870 18036  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:54:04.0900 18036  rspndr - ok
18:54:04.0950 18036  [ D63C9C1A427A134461258B7B8742858F ] RTCore64        C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
18:54:04.0960 18036  RTCore64 - ok
18:54:05.0000 18036  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:54:05.0010 18036  s3cap - ok
18:54:05.0010 18036  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:54:05.0020 18036  SamSs - ok
18:54:05.0040 18036  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:54:05.0050 18036  sbp2port - ok
18:54:05.0070 18036  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:54:05.0100 18036  SCardSvr - ok
18:54:05.0120 18036  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:54:05.0140 18036  scfilter - ok
18:54:05.0170 18036  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:54:05.0210 18036  Schedule - ok
18:54:05.0240 18036  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:54:05.0270 18036  SCPolicySvc - ok
18:54:05.0290 18036  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:54:05.0300 18036  SDRSVC - ok
18:54:05.0310 18036  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:54:05.0340 18036  secdrv - ok
18:54:05.0350 18036  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:54:05.0380 18036  seclogon - ok
18:54:05.0380 18036  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:54:05.0410 18036  SENS - ok
18:54:05.0420 18036  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:54:05.0430 18036  SensrSvc - ok
18:54:05.0430 18036  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:54:05.0440 18036  Serenum - ok
18:54:05.0460 18036  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:54:05.0470 18036  Serial - ok
18:54:05.0500 18036  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:54:05.0510 18036  sermouse - ok
18:54:05.0540 18036  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:54:05.0570 18036  SessionEnv - ok
18:54:05.0580 18036  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:54:05.0590 18036  sffdisk - ok
18:54:05.0610 18036  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:54:05.0620 18036  sffp_mmc - ok
18:54:05.0630 18036  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:54:05.0640 18036  sffp_sd - ok
18:54:05.0650 18036  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:54:05.0660 18036  sfloppy - ok
18:54:05.0700 18036  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:54:05.0730 18036  SharedAccess - ok
18:54:05.0750 18036  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:54:05.0780 18036  ShellHWDetection - ok
18:54:05.0780 18036  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:54:05.0790 18036  SiSRaid2 - ok
18:54:05.0810 18036  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:54:05.0820 18036  SiSRaid4 - ok
18:54:05.0870 18036  [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:54:05.0880 18036  SkypeUpdate - ok
18:54:05.0890 18036  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:54:05.0920 18036  Smb - ok
18:54:05.0940 18036  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:54:05.0950 18036  SNMPTRAP - ok
18:54:05.0960 18036  [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:54:05.0970 18036  speedfan - ok
18:54:05.0990 18036  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:54:05.0990 18036  spldr - ok
18:54:06.0040 18036  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:54:06.0060 18036  Spooler - ok
18:54:06.0130 18036  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:54:06.0180 18036  sppsvc - ok
18:54:06.0200 18036  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:54:06.0230 18036  sppuinotify - ok
18:54:06.0280 18036  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\System32\Drivers\sptd.sys
18:54:06.0300 18036  sptd - ok
18:54:06.0320 18036  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:54:06.0340 18036  srv - ok
18:54:06.0350 18036  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:54:06.0360 18036  srv2 - ok
18:54:06.0370 18036  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:54:06.0380 18036  srvnet - ok
18:54:06.0410 18036  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:54:06.0440 18036  SSDPSRV - ok
18:54:06.0460 18036  SSPORT - ok
18:54:06.0470 18036  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:54:06.0500 18036  SstpSvc - ok
18:54:06.0550 18036  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:54:06.0560 18036  ssudmdm - ok
18:54:06.0590 18036  Steam Client Service - ok
18:54:06.0650 18036  [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:54:06.0670 18036  Stereo Service - ok
18:54:06.0680 18036  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:54:06.0690 18036  stexstor - ok
18:54:06.0740 18036  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:54:06.0760 18036  stisvc - ok
18:54:06.0780 18036  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:54:06.0790 18036  storflt - ok
18:54:06.0800 18036  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:54:06.0810 18036  storvsc - ok
18:54:06.0840 18036  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:54:06.0850 18036  swenum - ok
18:54:06.0870 18036  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:54:06.0910 18036  swprv - ok
18:54:06.0920 18036  Synth3dVsc - ok
18:54:06.0970 18036  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:54:07.0000 18036  SysMain - ok
18:54:07.0010 18036  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:54:07.0030 18036  TabletInputService - ok
18:54:07.0050 18036  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:54:07.0080 18036  TapiSrv - ok
18:54:07.0090 18036  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:54:07.0120 18036  TBS - ok
18:54:07.0170 18036  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:54:07.0200 18036  Tcpip - ok
18:54:07.0220 18036  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:54:07.0250 18036  TCPIP6 - ok
18:54:07.0270 18036  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:54:07.0280 18036  tcpipreg - ok
18:54:07.0290 18036  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:54:07.0300 18036  TDPIPE - ok
18:54:07.0310 18036  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:54:07.0320 18036  TDTCP - ok
18:54:07.0360 18036  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:54:07.0380 18036  tdx - ok
18:54:07.0480 18036  [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
18:54:07.0480 18036  Te.Service ( UnsignedFile.Multi.Generic ) - warning
18:54:07.0480 18036  Te.Service - detected UnsignedFile.Multi.Generic (1)
18:54:07.0590 18036  [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:54:07.0640 18036  TeamViewer8 - ok
18:54:07.0670 18036  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
18:54:07.0680 18036  teamviewervpn - ok
18:54:07.0690 18036  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:54:07.0700 18036  TermDD - ok
18:54:07.0730 18036  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:54:07.0760 18036  TermService - ok
18:54:07.0770 18036  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:54:07.0790 18036  Themes - ok
18:54:07.0810 18036  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:54:07.0840 18036  THREADORDER - ok
18:54:07.0850 18036  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:54:07.0880 18036  TrkWks - ok
18:54:07.0920 18036  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:54:07.0950 18036  TrustedInstaller - ok
18:54:07.0970 18036  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:54:08.0000 18036  tssecsrv - ok
18:54:08.0020 18036  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:54:08.0030 18036  TsUsbFlt - ok
18:54:08.0030 18036  tsusbhub - ok
18:54:08.0060 18036  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:54:08.0090 18036  tunnel - ok
18:54:08.0110 18036  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:54:08.0120 18036  uagp35 - ok
18:54:08.0140 18036  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:54:08.0170 18036  udfs - ok
18:54:08.0180 18036  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:54:08.0190 18036  UI0Detect - ok
18:54:08.0210 18036  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:54:08.0220 18036  uliagpkx - ok
18:54:08.0220 18036  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:54:08.0240 18036  umbus - ok
18:54:08.0250 18036  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:54:08.0260 18036  UmPass - ok
18:54:08.0270 18036  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
18:54:08.0290 18036  UmRdpService - ok
18:54:08.0300 18036  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:54:08.0330 18036  upnphost - ok
18:54:08.0350 18036  upperdev - ok
18:54:08.0370 18036  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:54:08.0380 18036  usbccgp - ok
18:54:08.0390 18036  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:54:08.0410 18036  usbcir - ok
18:54:08.0430 18036  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:54:08.0440 18036  usbehci - ok
18:54:08.0470 18036  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:54:08.0480 18036  usbhub - ok
18:54:08.0500 18036  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:54:08.0510 18036  usbohci - ok
18:54:08.0530 18036  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:54:08.0540 18036  usbprint - ok
18:54:08.0550 18036  UsbserFilt - ok
18:54:08.0580 18036  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:54:08.0590 18036  USBSTOR - ok
18:54:08.0620 18036  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:54:08.0630 18036  usbuhci - ok
18:54:08.0640 18036  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:54:08.0670 18036  UxSms - ok
18:54:08.0680 18036  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:54:08.0690 18036  VaultSvc - ok
18:54:08.0700 18036  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:54:08.0710 18036  vdrvroot - ok
18:54:08.0750 18036  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:54:08.0780 18036  vds - ok
18:54:08.0780 18036  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:54:08.0800 18036  vga - ok
18:54:08.0810 18036  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:54:08.0830 18036  VgaSave - ok
18:54:08.0840 18036  VGPU - ok
18:54:08.0860 18036  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:54:08.0870 18036  vhdmp - ok
18:54:08.0880 18036  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:54:08.0890 18036  viaide - ok
18:54:08.0910 18036  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:54:08.0920 18036  vmbus - ok
18:54:08.0930 18036  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:54:08.0940 18036  VMBusHID - ok
18:54:08.0960 18036  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:54:08.0970 18036  volmgr - ok
18:54:08.0990 18036  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:54:09.0010 18036  volmgrx - ok
18:54:09.0020 18036  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:54:09.0030 18036  volsnap - ok
18:54:09.0060 18036  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:54:09.0070 18036  vsmraid - ok
18:54:09.0110 18036  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:54:09.0150 18036  VSS - ok
18:54:09.0160 18036  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:54:09.0170 18036  vwifibus - ok
18:54:09.0210 18036  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:54:09.0240 18036  W32Time - ok
18:54:09.0240 18036  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:54:09.0250 18036  WacomPen - ok
18:54:09.0280 18036  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:54:09.0300 18036  WANARP - ok
18:54:09.0310 18036  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:54:09.0330 18036  Wanarpv6 - ok
18:54:09.0370 18036  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:54:09.0390 18036  wbengine - ok
18:54:09.0410 18036  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:54:09.0420 18036  WbioSrvc - ok
18:54:09.0480 18036  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
18:54:09.0490 18036  WcesComm - ok
18:54:09.0490 18036  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:54:09.0510 18036  wcncsvc - ok
18:54:09.0520 18036  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:54:09.0540 18036  WcsPlugInService - ok
18:54:09.0540 18036  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:54:09.0550 18036  Wd - ok
18:54:09.0580 18036  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:54:09.0600 18036  Wdf01000 - ok
18:54:09.0610 18036  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:54:09.0630 18036  WdiServiceHost - ok
18:54:09.0630 18036  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:54:09.0640 18036  WdiSystemHost - ok
18:54:09.0660 18036  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:54:09.0680 18036  WebClient - ok
18:54:09.0690 18036  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:54:09.0720 18036  Wecsvc - ok
18:54:09.0730 18036  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:54:09.0760 18036  wercplsupport - ok
18:54:09.0780 18036  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:54:09.0810 18036  WerSvc - ok
18:54:09.0830 18036  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:54:09.0850 18036  WfpLwf - ok
18:54:09.0860 18036  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:54:09.0870 18036  WIMMount - ok
18:54:09.0880 18036  WinDefend - ok
18:54:09.0920 18036  WinHttpAutoProxySvc - ok
18:54:09.0970 18036  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:54:10.0000 18036  Winmgmt - ok
18:54:10.0040 18036  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:54:10.0090 18036  WinRM - ok
18:54:10.0100 18036  [ FE88B288356E7B47B74B13372ADD906D ] WINUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
18:54:10.0110 18036  WINUSB - ok
18:54:10.0140 18036  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:54:10.0170 18036  Wlansvc - ok
18:54:10.0280 18036  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:54:10.0310 18036  wlidsvc - ok
18:54:10.0330 18036  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:54:10.0340 18036  WmiAcpi - ok
18:54:10.0360 18036  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:54:10.0370 18036  wmiApSrv - ok
18:54:10.0380 18036  WMPNetworkSvc - ok
18:54:10.0380 18036  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:54:10.0400 18036  WPCSvc - ok
18:54:10.0410 18036  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:54:10.0430 18036  WPDBusEnum - ok
18:54:10.0430 18036  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:54:10.0460 18036  ws2ifsl - ok
18:54:10.0470 18036  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:54:10.0480 18036  wscsvc - ok
18:54:10.0480 18036  WSearch - ok
18:54:10.0560 18036  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:54:10.0600 18036  wuauserv - ok
18:54:10.0620 18036  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:54:10.0630 18036  WudfPf - ok
18:54:10.0660 18036  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:54:10.0670 18036  WUDFRd - ok
18:54:10.0690 18036  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:54:10.0700 18036  wudfsvc - ok
18:54:10.0730 18036  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:54:10.0740 18036  WwanSvc - ok
18:54:10.0780 18036  [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:54:10.0800 18036  yukonw7 - ok
18:54:10.0810 18036  ================ Scan global ===============================
18:54:10.0840 18036  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:54:10.0870 18036  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:10.0880 18036  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:10.0900 18036  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:54:10.0920 18036  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:54:10.0920 18036  [Global] - ok
18:54:10.0920 18036  ================ Scan MBR ==================================
18:54:10.0940 18036  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:54:11.0210 18036  \Device\Harddisk0\DR0 - ok
18:54:11.0210 18036  ================ Scan VBR ==================================
18:54:11.0210 18036  [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
18:54:11.0210 18036  \Device\Harddisk0\DR0\Partition1 - ok
18:54:11.0230 18036  [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
18:54:11.0230 18036  \Device\Harddisk0\DR0\Partition2 - ok
18:54:11.0270 18036  [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
18:54:11.0270 18036  \Device\Harddisk0\DR0\Partition3 - ok
18:54:11.0280 18036  [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
18:54:11.0280 18036  \Device\Harddisk0\DR0\Partition4 - ok
18:54:11.0320 18036  [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
18:54:11.0320 18036  \Device\Harddisk0\DR0\Partition5 - ok
18:54:11.0320 18036  ============================================================
18:54:11.0320 18036  Scan finished
18:54:11.0320 18036  ============================================================
18:54:11.0320 18016  Detected object count: 1
18:54:11.0320 18016  Actual detected object count: 1
18:56:38.0820 18016  Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:38.0820 18016  Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
11.02.13 ist hoffentlich die aktuellste Version?

Geändert von Fitzendrix (22.03.2013 um 18:58 Uhr)

Alt 23.03.2013, 10:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 23.03.2013, 12:08   #13
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Hallo Cosinus,

das Programm ComboFix ist bei dem ersten Durchlauf bei Erstellung der Logdatei vermutlich gestorben - nach ca. 20min hatte sich da immer noch nichts getan.

Der zweite Durchlauf war erfolgreich, hier die Daten:

[code]
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-03-21.02 - Anti 23.03.2013  10:48:20.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4095.2554 [GMT 1:00]
ausgeführt von:: c:\users\Anti\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
H:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-23 bis 2013-03-23  ))))))))))))))))))))))))))))))
.
.
2013-03-23 09:51 . 2013-03-23 09:51	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-03-23 09:51 . 2013-03-23 09:51	--------	d-----w-	c:\users\Gideon\AppData\Local\temp
2013-03-23 09:51 . 2013-03-23 09:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-23 07:12 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17A130A3-82FD-4CC2-A853-9D23DDDEE124}\mpengine.dll
2013-03-22 17:57 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-22 04:52 . 2012-12-13 05:38	972264	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7F501CA-215A-4EBC-999F-8231B1D61A88}\gapaengine.dll
2013-03-17 12:50 . 2013-03-17 13:47	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-03-17 10:13 . 2013-03-17 10:13	--------	d-----w-	c:\users\Anti\AppData\Roaming\Malwarebytes
2013-03-17 10:13 . 2013-03-17 10:13	--------	d-----w-	c:\programdata\Malwarebytes
2013-03-17 10:13 . 2013-03-17 10:13	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-17 10:13 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-17 10:13 . 2013-03-17 10:13	--------	d-----w-	c:\users\Anti\AppData\Local\Programs
2013-03-16 21:01 . 2013-03-16 21:01	--------	d-----w-	c:\programdata\Blizzard Entertainment
2013-03-16 21:00 . 2013-03-16 21:00	--------	d-----w-	c:\programdata\Battle.net
2013-03-14 05:38 . 2013-02-02 06:47	1392128	----a-w-	c:\windows\system32\wininet.dll
2013-03-13 05:36 . 2012-12-13 05:38	972264	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-03-09 13:31 . 2013-03-09 13:31	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-02-26 18:17 . 2013-02-26 18:17	--------	d-----w-	c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-16 15:13 . 2010-07-07 17:35	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-03-14 05:40 . 2009-11-07 11:10	72013344	----a-w-	c:\windows\system32\MRT.exe
2013-03-12 19:03 . 2012-04-11 06:05	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-12 19:03 . 2012-03-24 07:14	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-14 05:19	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 05:19	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 05:19	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-03-14 05:19	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-03-14 05:19	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 05:19	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-02-10 03:25 . 2012-11-03 15:17	17987192	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2012-11-03 15:17	15038296	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2012-11-03 15:17	2854344	----a-w-	c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2012-11-03 15:17	2528840	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2012-11-03 15:17	15275744	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-02-10 01:04 . 2012-11-03 15:19	6393120	----a-w-	c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2012-11-03 15:19	3472672	----a-w-	c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2012-11-03 15:19	877856	----a-w-	c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2012-11-03 15:19	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2012-11-03 15:19	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2012-11-03 15:19	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-02-09 17:43 . 2013-02-09 17:43	555808	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-01-30 10:53 . 2009-11-07 11:11	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-20 14:59 . 2013-01-20 14:59	230320	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-08-30 21:03	130008	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:53 . 2013-02-13 05:27	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 05:27	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 05:26	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-13 05:26	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 05:26	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 05:26	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 05:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 05:26	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 05:26	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 05:26	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 05:26	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-13 05:26	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 05:26	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-12-18 578560]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-20 844296]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18709248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AsioThk32Reg"="CTASIO.DLL" [2007-04-09 80896]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"AsioReg"="CTASIO.DLL" [2007-04-09 80896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-19 871408]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 87600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264]
S2 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-05-18 127488]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-07-02 35112]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 19:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"="CTASIO.DLL" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.meinvz.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\
FF - ExtSQL: 2013-02-14 18:33; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-02-14 18:35; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2013-02-14 18:35; browserprotect@browserprotect.com; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2013-02-14 18:38; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:83,44,a9,fd,0c,d7,36,5b,6f,de,4b,5f,44,84,e1,cc,34,7b,ea,53,99,c4,35,
   94,c4,51,30,51,ee,13,8a,5b,60,8f,8b,e5,89,a2,01,33,8e,52,27,7c,ea,a9,d1,2c,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:d6,f6,cc,9c,34,1e,37,d3,c5,00,e7,ac,81,cf,a7,f5,1c,8a,6e,be,79,
   da,3c,e9,9d,65,7b,6b,ec,69,02,55,e6,90,b3,66,e5,0a,2c,6a,fd,77,63,37,5f,df,\
"rkeysecu"=hex:75,f7,ec,8a,6e,fd,4a,62,4b,6f,18,cd,d0,d3,57,15
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-23  10:53:12
ComboFix-quarantined-files.txt  2013-03-23 09:53
.
Vor Suchlauf: 21 Verzeichnis(se), 49.915.154.432 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 49.706.426.368 Bytes frei
.
- - End Of File - - AFE90F402BC6B0DF5503709912F751CB
         
--- --- ---

Alt 23.03.2013, 16:24   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.03.2013, 12:26   #15
Fitzendrix
 
mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Standard

mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B



Hallo Cosinus:

Junkware
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Ultimate x64
Ran by Anti on 24.03.2013 at  9:56:34,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi
Successfully deleted the following from C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\prefs.js

user_pref("extensions.browserprotect.searchProviderExceptions", "hxxp://en.wikipedia.org/wiki/Special:Search;hxxp://search.yahoo.com/search;hxxp://www.amazon.com/exec/obidos/e
Emptied folder: C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\minidumps [131 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2013 at 10:04:10,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
adwCleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.115 - Datei am 24/03/2013 um 10:56:08 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Anti - CHAOS-KISTE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Anti\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1294 octets] - [24/03/2013 10:33:56]
AdwCleaner[S1].txt - [330 octets] - [24/03/2013 10:34:26]
AdwCleaner[S2].txt - [1288 octets] - [24/03/2013 10:56:08]

########## EOF - C:\AdwCleaner[S2].txt - [1348 octets] ##########
         
--- --- ---


und OTL
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.03.2013 11:00:28 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anti\Desktop\Neuer Ordner
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,95% Memory free
14,00 Gb Paging File | 12,08 Gb Available in Paging File | 86,32% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 47,01 Gb Free Space | 48,14% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,13 Gb Free Space | 78,13% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,46 Gb Free Space | 17,13% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,33 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,45 Gb Free Space | 89,80% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Anti\Desktop\Neuer Ordner\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe ()
PRC - C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe ()
PRC - C:\Program Files (x86)\EVGA Precision X\Bundle\EVGAVoltageTuner\EVGAVoltageTuner.exe (EVGA Corp.)
PRC - C:\Fraps\fraps.exe (Beepa P/L)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - G:\Setupordner\Systemprogramme\lcdsirreal278\LCDSirReal.exe ()
PRC - C:\Windows\SysWOW64\CtHelper.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe ()
MOD - C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTMUI.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTHAL.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTCore.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTUI.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTFC.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSSHooks.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTMUI.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTUI.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTFC.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\RTTSH.dll ()
MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTTSH.dll ()
MOD - G:\Setupordner\Systemprogramme\lcdsirreal278\LCDSirReal.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (COMMONFX.DLL) -- C:\Windows\SysNative\COMMONFX.DLL (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (hap17v2k) -- C:\Windows\SysNative\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV:64bit: - (hap16v2k) -- C:\Windows\SysNative\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV:64bit: - (ha10kx2k) -- C:\Windows\SysNative\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (CTHWIUT.DLL) -- C:\Windows\SysNative\CTHWIUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.DLL) -- C:\Windows\SysNative\CT20XUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX.DLL) -- C:\Windows\SysNative\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEDSPSY.DLL) -- C:\Windows\SysNative\CTEDSPSY.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPIO.DLL) -- C:\Windows\SysNative\CTEDSPIO.DLL (Creative Technology Ltd)
DRV:64bit: - (CTERFXFX.DLL) -- C:\Windows\SysNative\CTERFXFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPFX.DLL) -- C:\Windows\SysNative\CTEDSPFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEAPSFX.DLL) -- C:\Windows\SysNative\CTEAPSFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX.DLL) -- C:\Windows\SysNative\CTSBLFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX.DLL) -- C:\Windows\SysNative\CTAUDFX.DLL (Creative Technology Ltd)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (RTCore64) -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys ()
DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meinvz.de/
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 4A C5 72 3A 59 CD 01  [binary data]
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{57B5E9C0-DDCC-4FC0-9AAA-A99EFED6CEFC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{900EEA37-B77F-404B-B225-D2EC298058DC}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1007\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8
FF - prefs.js..extensions.enabledAddons: nasanightlaunch%40example.com:0.6.20130206
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 13:50:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.06.11 18:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions
[2009.12.21 01:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.03.24 10:03:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions
[2013.03.03 08:09:04 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013.01.31 15:45:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.02.23 10:59:45 | 002,345,043 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\nasanightlaunch@example.com.xpi
[2013.03.05 06:05:17 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.14 07:23:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.14 18:35:19 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.02.14 18:33:16 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013.03.08 06:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 06:41:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.03.11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010.03.11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010.03.11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010.03.11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2012.02.18 11:21:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2011.03.22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.03.11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.09 20:59:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.03.23 10:37:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-18..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7880B74D-1DFC-4B1E-9DFE-1EED515B6BDC}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.08.03 16:57:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.11.02 00:38:02 | 000,000,058 | -H-- | M] () - J:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.24 09:56:31 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.03.24 09:56:11 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.24 09:51:53 | 000,550,069 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Anti\Desktop\JRT.exe
[2013.03.23 21:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.03.23 21:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.03.23 21:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.03.23 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.03.23 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.03.23 21:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.03.23 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.03.23 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.03.23 21:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.03.23 20:37:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.23 10:53:14 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.23 10:26:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.23 10:26:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.23 10:26:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.23 10:26:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.23 10:26:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.23 10:23:08 | 005,042,224 | R--- | C] (Swearware) -- C:\Users\Anti\Desktop\ComboFix.exe
[2013.03.21 16:42:06 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\mbar-1.01.0.1021
[2013.03.18 20:12:45 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\Neuer Ordner
[2013.03.17 13:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.17 11:13:49 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Roaming\Malwarebytes
[2013.03.17 11:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.17 11:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.17 11:13:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.17 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.17 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\Programs
[2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.03.16 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.03.16 21:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e95598d0.temp
[2013.03.16 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e7271c42.temp
[2013.03.16 20:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3a018b42.temp
[2013.03.16 17:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e6f2b040.temp
[2013.03.16 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.d48c6a9e.temp
[2013.03.16 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.a0d452d4.temp
[2013.03.16 16:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3aaca235.temp
[2013.03.16 16:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.temp
[2013.03.16 16:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.03.14 06:39:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 06:39:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 06:39:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 06:39:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 06:39:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 06:39:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 06:39:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 06:39:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 06:39:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 06:39:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 06:39:00 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 06:39:00 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 06:38:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.14 06:38:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 06:38:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.09 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\div. Programme
[2013.03.09 14:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.03.09 14:28:52 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.09 14:28:52 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.09 14:28:52 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.09 14:28:52 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.09 14:28:52 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.09 14:28:52 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.09 14:28:52 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.09 14:28:52 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.09 14:28:52 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.09 14:28:52 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.09 14:28:52 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.09 14:28:52 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.09 14:28:52 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.09 14:28:52 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.09 14:28:52 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.08 06:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.27 06:38:15 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 06:38:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 06:38:15 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 06:38:15 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 06:38:12 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 06:38:12 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 06:38:10 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 06:38:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 06:38:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 06:38:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 06:38:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 06:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 06:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 06:38:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 06:38:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 06:38:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 06:38:09 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 06:38:09 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 06:38:09 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 06:38:09 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 06:38:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 06:38:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 06:38:08 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 06:38:08 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 06:38:08 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 06:38:08 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 06:38:08 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 06:38:08 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 06:38:08 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 06:38:07 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 06:38:07 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 06:38:07 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 06:38:07 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.26 19:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.26 19:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.24 11:03:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.24 10:58:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.24 10:57:52 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.24 10:52:49 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 10:52:49 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 09:52:31 | 000,609,993 | ---- | M] () -- C:\Users\Anti\Desktop\adwcleaner.exe
[2013.03.24 09:52:11 | 000,550,069 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Anti\Desktop\JRT.exe
[2013.03.23 20:40:00 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2013.03.23 10:37:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.23 10:23:30 | 005,042,224 | R--- | M] (Swearware) -- C:\Users\Anti\Desktop\ComboFix.exe
[2013.03.18 18:38:00 | 000,000,020 | ---- | M] () -- C:\Users\Anti\defogger_reenable
[2013.03.16 22:01:06 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.16 14:15:12 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx
[2013.03.14 06:37:55 | 004,958,588 | ---- | M] () -- C:\Windows\{00000008-00000000-00000002-00001102-00000008-10211102}.CDF
[2013.03.12 20:03:47 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.12 20:03:47 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.09 10:31:59 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.03.06 18:11:16 | 001,642,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.06 18:11:16 | 000,707,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.06 18:11:16 | 000,660,934 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.06 18:11:16 | 000,152,908 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.06 18:11:16 | 000,125,124 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.24 09:52:27 | 000,609,993 | ---- | C] () -- C:\Users\Anti\Desktop\adwcleaner.exe
[2013.03.23 10:26:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.23 10:26:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.23 10:26:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.23 10:26:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.23 10:26:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.18 18:38:00 | 000,000,020 | ---- | C] () -- C:\Users\Anti\defogger_reenable
[2013.03.16 22:01:04 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.03.09 10:31:59 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.03.08 19:24:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.06.20 17:17:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.15 19:21:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.10 22:27:55 | 000,000,412 | ---- | C] () -- C:\Users\Anti\AppData\Roaming\All CPU Meter_Settings.ini
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.11.07 19:05:35 | 000,007,605 | ---- | C] () -- C:\Users\Anti\AppData\Local\Resmon.ResmonCfg
[2009.11.07 16:26:30 | 000,000,092 | ---- | C] () -- C:\Users\Anti\AppData\Local\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---


sowie Extras
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 24.03.2013 11:00:28 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anti\Desktop\Neuer Ordner
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,95% Memory free
14,00 Gb Paging File | 12,08 Gb Available in Paging File | 86,32% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 47,01 Gb Free Space | 48,14% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,13 Gb Free Space | 78,13% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,46 Gb Free Space | 17,13% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,33 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,45 Gb Free Space | 89,80% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09839E28-ABC0-4EA5-84A6-C580F3D27107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{15E38D09-512D-4451-85EE-1643B616963F}" = lport=58912 | protocol=17 | dir=in | name=pando media booster | 
"{26D796BD-8D95-4F00-BC65-C7D6343506C0}" = lport=40980 | protocol=6 | dir=in | name=test authoring and execution framework service | 
"{2926B42D-DBB0-4AE9-9978-A99D94299ACE}" = lport=58912 | protocol=6 | dir=in | name=pando media booster | 
"{432EA76B-4942-4674-9B0F-4FBBCB43C9F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5B920D1A-3875-41B9-92C0-09C1B2743775}" = lport=rpc-epmap | protocol=6 | dir=in | name=test authoring and execution framework service (rpc endpoint mapper) | 
"{5E7CDEBC-27D6-4A3B-AFB4-F8525D82073B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6098B9E1-CFA0-4913-B701-8BDDB0ECA4E8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6739CEF6-3B16-4347-AE82-CD15EE3D8831}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9716D1F8-70E4-4DC1-B8BD-647AC15F8628}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9A7B5E8D-8385-44AA-9E66-831CE332A3E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9B4FE28D-283B-4A53-A8FC-86D381829E54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A5311E5B-AF0F-4032-920E-89D800200892}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A5634912-DC51-49B9-9675-2B8025D224BA}" = lport=58912 | protocol=17 | dir=in | name=pando media booster | 
"{BB4EAE86-5B7C-4EDC-9215-0FE484A7E5F3}" = lport=58912 | protocol=6 | dir=in | name=pando media booster | 
"{BBC3905F-11E1-42DB-987A-B1117B46A7D5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CF10ABEB-752B-4F50-80FA-F8B50743CB63}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D262D3E9-5914-469F-994E-7A8892F09F42}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D825D0DF-D942-4E2B-B030-132318ECE4DF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DC5A2D6E-65F9-4600-BDEF-07F8E700AA6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E690912F-1279-4008-A697-ABE0D527FE82}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E80E45A4-E645-4FC9-914D-6A7C7938F4DB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E8AA8E93-48C4-461D-9802-40745A1FB09A}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DDB7DD-176F-46E0-8896-1E813AC823E1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0C3B484D-AF1C-4960-BC5F-D8E1C9D5B29A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{0CB8A718-33E9-41DE-99CD-48543C1EF520}" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat | 
"{15D02AC0-838B-402D-911A-7E5678B592D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.exe | 
"{1D73AC2D-0F48-4128-88EE-F8478809F61D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1FC1CFE2-7E11-4E94-A1B8-FF850D84B69C}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{2038EBA0-27F8-41E0-A494-F9AAC7D7F159}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{2D32ECB0-DFD4-4D03-968D-5D11E85195DA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{2DE03716-68A2-44EA-919F-65A3429D6A27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2DE522A4-9FEE-4837-9CA5-2AF98C87009E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{2E486553-B2EA-4CD0-A4B0-66794C0A66EB}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{2EA54C13-3CA1-420F-A6A9-26E6527BA57C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{2FBBB557-F1CE-47F2-9C47-9D036CE59234}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{384D9010-4A0F-4E73-BA4B-67D0CA8FAADF}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe | 
"{38A55526-A768-4556-B563-B2E815C88C4A}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe | 
"{3925B5C4-71F7-43D5-A690-08162B9996BF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{3C56E207-E997-4375-A152-494B470C64ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{41A26827-FEDE-43DD-BC84-55A12BF53B82}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe | 
"{448E043E-D23D-4B73-A4F3-9B98023DE740}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe | 
"{47C9EC04-093A-4736-A9C0-60E9F42610CD}" = protocol=6 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe | 
"{4A5A06CB-BBE5-4F0F-B0E1-4715E261D28E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4D5C5E87-59F9-4315-AAFE-F08FC3A72662}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{50A12E94-5577-4639-BA34-EB721A16295C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5196814F-E8A8-4DBB-8683-F9E5C6988B7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{57622651-0FDD-4D3A-85ED-010AB86BCDEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{597BCAD2-F66D-45D5-ACE2-3FC044C9C54A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5BF61A3A-219F-4D81-BA49-B9A2662CB8FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5C846A4F-0183-4F6D-A687-5A9132962638}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{5CA36A3F-5B8B-474C-BECC-80049F660408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5EFC2240-DDF4-487D-A3C1-4DFB17FA5423}" = protocol=17 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe | 
"{62C54429-4C55-4309-991A-FE9C16A31FD2}" = protocol=6 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe | 
"{66F17F62-E3EF-41ED-B687-E7DC646575EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{67275120-00BF-4C5B-AFE7-1CD9F3810AE4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6ED489B5-737C-4FE8-8680-AC1C0459CD47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{73E14F3D-2241-4B49-A5F9-94B22BFA0916}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe | 
"{74C3096E-7161-4125-BF45-14F983FCEA81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{794E24B4-D7F2-445B-9E08-D25187B3E2A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{79DAAD6E-60FA-46D7-9119-B6FC5D1D15DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{7A0AF599-A862-452B-B489-11D09CC72EC5}" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat | 
"{7B0EA50E-63C2-4B1B-925C-DBEF47AB2F14}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{7B4B93FF-1CE7-4848-B361-B57E9E43E8A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{81E39794-2740-4C72-8509-568D10FDF616}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{84940352-FED9-40FD-BAAC-E6F741BB790F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{86D14627-41EF-407E-814D-89F27C7E96B0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{8A886395-C3DC-4201-BC97-5F1631E5D1E1}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{98BBEA95-315C-448B-9673-493860E5CF54}" = protocol=17 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe | 
"{9C92E0D0-6CAC-48AC-B777-3A67C1FBA851}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe | 
"{9D3F2E67-9FD5-4C68-8492-E25B9AB4CC5D}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{9DD56909-39FD-43F9-B5C1-E70D72824AF9}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | 
"{A09D62C8-D5DB-42D2-91FD-37E58F4CBEE2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{A30206A4-22AA-4916-9636-9A33E31102CB}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe | 
"{A38A8801-8823-491F-9760-6FFFBCACD04E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A559BE55-7CE4-4942-92EC-64BF018784D5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A6245B2A-4DED-4BC9-97CB-B8C50506F325}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{A8E074B9-C532-4E58-869F-AAB8DA9675B6}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{A96AB6BC-47CB-4865-8A2B-AFE7D62CB8B7}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{B167FF0A-3F5F-4E8A-9442-37DC3E61A786}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{B1939052-93B9-4E06-A371-39B0ABAE660A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{B2BCC57F-16C7-4138-9DC2-B9405667E633}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{B56C7ED0-D1E3-4CF0-B575-8B9E588964C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{B67D324F-10AD-4AEE-8839-23857FEE59FB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.exe | 
"{BC3F7C99-CAB1-406E-B646-2924CF16CBBA}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | 
"{C2A97B82-A585-44EE-9EF1-69E973F8F656}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{C2F907CB-F01E-4D95-9093-9FF7234C2AB9}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{CC08C57E-939A-441B-A2C4-17F4AD5013C5}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{D7F8167B-E09E-46CD-A36F-D3B95C0D700F}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{D88A52D6-70AE-45B9-A998-AA3C75B4E962}" = protocol=17 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe | 
"{DB678A6D-AD39-4A16-B6B0-C59C117F5055}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{E01019EC-744D-4D82-A263-F32E77C80A7F}" = protocol=6 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe | 
"{E0A7976A-F99F-421E-B320-FC8C8E151183}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EEA311B4-FAA8-4B13-91D7-376BDFBB5EEB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F4DADB3C-C2F5-4471-A223-7ED34872928E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F64FC89F-47D0-4AF9-80B5-4FAB9A80DB24}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F950C5D7-1D3E-44D7-8922-4462B0E4DAB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FA55BA45-5DB4-45E5-8B22-7250A7F3F041}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{FC325BDA-78AC-4DD4-A257-F8CDEEEF529F}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe | 
"TCP Query User{13C32560-1425-4969-B6AD-EF9816AB61AF}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat | 
"TCP Query User{15450AE5-9AA0-4F1A-B837-8ADF655448B4}F:\spiele-7\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe | 
"TCP Query User{6CFDB880-D270-4167-8806-5FE84AF66AAD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{9C7DDDFC-CF25-43DB-9666-45DD1F04AA1B}F:\spiele-7\lotro\lotroclient.exe" = protocol=6 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe | 
"TCP Query User{A5E768D8-1514-4596-ABD4-910588E4900E}F:\spiele\steam\steam.exe" = protocol=6 | dir=in | app=f:\spiele\steam\steam.exe | 
"TCP Query User{CC505C34-D773-478D-87CB-D9209D2A6907}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe | 
"TCP Query User{CCBDA70B-0F7D-4BE2-BCB0-F0B9382AA2AF}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe | 
"UDP Query User{2A7F565A-B4CA-4785-9DF3-5394D652C6B3}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{8738BDA9-F7E6-4F71-B745-A7B92124EB2E}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe | 
"UDP Query User{9FB92513-373A-452E-B7BF-AC4F26AA5699}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe | 
"UDP Query User{DD2097BB-F408-44A4-A1B0-3F161B337989}F:\spiele-7\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe | 
"UDP Query User{E6BE6D34-A68D-476E-92A1-FDB0C6A1B537}F:\spiele\steam\steam.exe" = protocol=17 | dir=in | app=f:\spiele\steam\steam.exe | 
"UDP Query User{E82EA5AB-340E-4D48-ABDE-E0C8B4019D34}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat | 
"UDP Query User{F6807266-FBD5-4F4B-BD03-71974F569FC6}F:\spiele-7\lotro\lotroclient.exe" = protocol=17 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SP6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix Online Plug-in (Web)
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = Catalyst Control Center
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3ff842b6-4ab0-4291-8ebf-0a26b3701b04}" = Windows Driver Kit
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 3.2.0
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60D66D9B-760B-4006-9443-08960A811D4C}" = Windows Driver Frameworks Update Packages
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6DA2AF51-EE25-BB21-9106-FF69FC83DDB7}" = Kits Configuration Installer
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix Online Plug-in (USB)
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix Online Plug-in (DV)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A11E24AD-A7EB-78C9-F792-AD9CDDB8B651}" = Catalyst Control Center InstallProxy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D1C1F497-452C-89D8-EE26-014184714B78}" = Windows Driver Kit
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix Online Plug-in (HDX)
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Stalker Complete 2009 v1.4.4}}_is1" = Stalker Complete 2009 v1.4.4
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.05.01.8027
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Diablo III" = Diablo III
"EA Installer.-2062380449" = EA Installer
"Fraps" = Fraps
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrecisionX" = EVGA Precision X 3.0.4
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 8" = TeamViewer 8
"Winamp" = Winamp
"WinRAR archiver" = WinRAR Archivierer
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 24.03.2013 05:24:03 | Computer Name = Chaos-Kiste | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.147.356.0     Aktualisierungsquelle: %%859

	Aktualisierungsphase:
 %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: %%800     Aktualisierungstyp: %%803

	Benutzer:
 NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:      Vorherige Modulversion: 1.1.9302.0     Fehlercode:
 0x8024402c     Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
 Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
 unter "Hilfe und Support". 
 
Error - 24.03.2013 05:45:19 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.03.2013 05:45:25 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.03.2013 05:58:11 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 24.03.2013 05:58:19 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
 
< End of report >
         
--- --- ---


Gruß Fitzendrix

Antwort

Themen zu mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B
7-zip, black, cpu-z, explorer, firefox, flash player, hängen, install.exe, installation, js/seedabutor.b, launch, microsoft essentials, mozilla, ntdll.dll, object, office 2007, pando media booster, plug-in, problem, prüfen, registry, rundll, scan, security, senden, software, svchost.exe, teamspeak, trojan:js/seedabutor.b, trojaner, windows



Ähnliche Themen: mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B


  1. Wahrscheinliche infektion mit Trojaner, Information durch e-mail von t-online
    Log-Analyse und Auswertung - 12.08.2015 (19)
  2. 2 Trojaner eingefangen durch E-Mail-Anhänge // Trojan-Banker.Win32.Agent.ubo und Trojan.Win32.Yakes.ghny
    Log-Analyse und Auswertung - 19.07.2015 (28)
  3. Windows 7: Microsoft Security Essentials entdeckt drei Trojaner: JS/Seedabutor.B, Java/CVE-2012-1723 und JS/Blacole.W
    Log-Analyse und Auswertung - 02.12.2014 (13)
  4. Seedabutor entfernen
    Anleitungen, FAQs & Links - 01.10.2014 (2)
  5. Trojaner Infektion, Pc langsamer als sonst, Mikrofon vom Laptop spinnt, pc hängt, TR/Patched.Ren.Gen' [trojan]gefunden
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (13)
  6. mögliche Infektion
    Netzwerk und Hardware - 18.08.2013 (1)
  7. Infektion durch Trojan.Agent.ED, EXP/2012-1723.GE, TR/PSW.Fareit.1142 und weitere Malware
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (35)
  8. diverse Trojaner und Malware gefunden, infektion evtl. durch 22kB dateianhang
    Log-Analyse und Auswertung - 31.01.2013 (3)
  9. Mögliche Infektion mit ZeroAccess
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (11)
  10. Mögliche Infektion mit ZeroAccess
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (1)
  11. Mögliche Infizierung durch USB-Stick?
    Log-Analyse und Auswertung - 17.12.2012 (3)
  12. Trojaner-Infektion auf Windows Vista (Exploit.Drop, Trojan.Ransom.Gen...)
    Log-Analyse und Auswertung - 30.08.2012 (3)
  13. TR/Crypt.ULPM.Gen mögliche Infektion
    Plagegeister aller Art und deren Bekämpfung - 09.04.2012 (3)
  14. Mögliche Infektion des PC und Bluescreen
    Log-Analyse und Auswertung - 10.01.2011 (8)
  15. Mögliche Infektion ?
    Log-Analyse und Auswertung - 31.03.2010 (1)
  16. Infektion durch TR/Spy.Gen
    Plagegeister aller Art und deren Bekämpfung - 12.11.2009 (2)
  17. Mögliche Infektion / Viele Verbindungen
    Plagegeister aller Art und deren Bekämpfung - 07.06.2008 (3)

Zum Thema mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B - Guten Abend, vermutlich habe ich mir einen Trojaner eingefangen. Microsoft Essentials berichtete mir kürzlich, dass der oben genannte Trojaner erkannt worden sei, ich aber nichts zu tun bräuchte. Zunächst dachte - mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B...
Archiv
Du betrachtest: mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.