| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7 : Firefox öffnet unsichtbare tabsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.01.2014, 18:47
| #31 |
 |  Win 7 : Firefox öffnet unsichtbare tabs oke Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.05.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mesut :: MESUT-PC [administrator]
05.01.2014 18:51:10
mbar-log-2014-01-05 (18-51-10).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 265155
Time elapsed: 11 minute(s), 49 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von Zerozo (05.01.2014 um 19:11 Uhr) |
|
06.01.2014, 16:21
| #32 |
| /// the machine /// TB-Ausbilder    | Win 7 : Firefox öffnet unsichtbare tabs Downloade dir bitte
__________________ TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). und lass bitte noch GMER scannen.
__________________ |
|
06.01.2014, 17:18
| #33 |
| | Win 7 : Firefox öffnet unsichtbare tabs TDSS
__________________Code:
ATTFilter 17:15:09.0594 3652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:15:12.0130 3652 ============================================================
17:15:12.0130 3652 Current date / time: 2014/01/06 17:15:12.0130
17:15:12.0130 3652 SystemInfo:
17:15:12.0130 3652
17:15:12.0130 3652 OS Version: 6.1.7601 ServicePack: 1.0
17:15:12.0130 3652 Product type: Workstation
17:15:12.0130 3652 ComputerName: MESUT-PC
17:15:12.0131 3652 UserName: Mesut
17:15:12.0131 3652 Windows directory: C:\Windows
17:15:12.0131 3652 System windows directory: C:\Windows
17:15:12.0131 3652 Running under WOW64
17:15:12.0131 3652 Processor architecture: Intel x64
17:15:12.0131 3652 Number of processors: 3
17:15:12.0131 3652 Page size: 0x1000
17:15:12.0131 3652 Boot type: Normal boot
17:15:12.0131 3652 ============================================================
17:15:13.0540 3652 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:13.0543 3652 ============================================================
17:15:13.0543 3652 \Device\Harddisk0\DR0:
17:15:13.0543 3652 MBR partitions:
17:15:13.0543 3652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:15:13.0544 3652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
17:15:13.0544 3652 ============================================================
17:15:13.0574 3652 C: <-> \Device\Harddisk0\DR0\Partition2
17:15:13.0574 3652 ============================================================
17:15:13.0574 3652 Initialize success
17:15:13.0574 3652 ============================================================
17:15:16.0756 4268 ============================================================
17:15:16.0757 4268 Scan started
17:15:16.0757 4268 Mode: Manual;
17:15:16.0757 4268 ============================================================
17:15:18.0126 4268 ================ Scan system memory ========================
17:15:18.0126 4268 Scan interrupted by user!
17:15:18.0126 4268 ================ Scan services =============================
17:15:18.0172 4268 Scan interrupted by user!
17:15:18.0172 4268 ================ Scan global ===============================
17:15:18.0172 4268 Scan interrupted by user!
17:15:18.0172 4268 ================ Scan MBR ==================================
17:15:18.0172 4268 Scan interrupted by user!
17:15:18.0172 4268 ================ Scan VBR ==================================
17:15:18.0172 4268 Scan interrupted by user!
17:15:18.0172 4268 ============================================================
17:15:18.0172 4268 Scan finished
17:15:18.0172 4268 ============================================================
17:15:18.0191 1504 Detected object count: 0
17:15:18.0191 1504 Actual detected object count: 0
17:15:38.0972 1236 ============================================================
17:15:38.0972 1236 Scan started
17:15:38.0972 1236 Mode: Manual; SigCheck; TDLFS;
17:15:38.0972 1236 ============================================================
17:15:44.0191 1236 ================ Scan system memory ========================
17:15:44.0191 1236 System memory - ok
17:15:44.0192 1236 ================ Scan services =============================
17:15:49.0926 1236 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:15:49.0981 1236 1394ohci - ok
17:15:50.0047 1236 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:15:50.0063 1236 ACPI - ok
17:15:50.0103 1236 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:15:50.0122 1236 AcpiPmi - ok
17:15:50.0169 1236 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:15:50.0189 1236 adp94xx - ok
17:15:50.0208 1236 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:15:50.0225 1236 adpahci - ok
17:15:50.0257 1236 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:15:50.0269 1236 adpu320 - ok
17:15:50.0311 1236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:15:50.0342 1236 AeLookupSvc - ok
17:15:50.0407 1236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:15:50.0443 1236 AFD - ok
17:15:50.0489 1236 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:15:50.0793 1236 agp440 - ok
17:15:50.0951 1236 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:15:50.0990 1236 ALG - ok
17:15:51.0088 1236 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:15:51.0122 1236 aliide - ok
17:15:51.0472 1236 AMD FUEL Service - ok
17:15:51.0555 1236 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:15:51.0572 1236 amdide - ok
17:15:51.0602 1236 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:15:51.0619 1236 AmdK8 - ok
17:15:51.0642 1236 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:15:51.0655 1236 AmdPPM - ok
17:15:51.0690 1236 [ 12A5062C06E03FF70DB47800F91C7A13 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:15:51.0709 1236 amdsata - ok
17:15:51.0754 1236 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:15:51.0766 1236 amdsbs - ok
17:15:51.0789 1236 [ 8A7F289B45CEACAC761E14D5FAC59EB9 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:15:51.0799 1236 amdxata - ok
17:15:51.0863 1236 [ 563EFD021AEB95CAE619643AD82F9D9F ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:15:51.0868 1236 AODDriver4.2.0 ( UnsignedFile.Multi.Generic ) - warning
17:15:51.0868 1236 AODDriver4.2.0 - detected UnsignedFile.Multi.Generic (1)
17:15:51.0898 1236 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:15:51.0926 1236 AppID - ok
17:15:51.0951 1236 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:15:51.0978 1236 AppIDSvc - ok
17:15:52.0010 1236 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
17:15:52.0022 1236 Appinfo - ok
17:15:52.0047 1236 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:15:52.0062 1236 AppMgmt - ok
17:15:52.0101 1236 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:15:52.0112 1236 arc - ok
17:15:52.0120 1236 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:15:52.0130 1236 arcsas - ok
17:15:52.0368 1236 [ 4F68A6B5705221CCC1CC73F00D79A9E9 ] ArcService C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
17:15:52.0379 1236 ArcService - ok
17:15:52.0875 1236 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:15:52.0894 1236 aspnet_state - ok
17:15:52.0946 1236 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:15:52.0957 1236 aswFsBlk - ok
17:15:53.0018 1236 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:15:53.0032 1236 aswMonFlt - ok
17:15:53.0059 1236 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:15:53.0070 1236 aswRdr - ok
17:15:53.0101 1236 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:15:53.0113 1236 aswRvrt - ok
17:15:53.0180 1236 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:15:53.0219 1236 aswSnx - ok
17:15:53.0238 1236 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:15:53.0260 1236 aswSP - ok
17:15:53.0272 1236 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:15:53.0285 1236 aswTdi - ok
17:15:53.0314 1236 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:15:53.0328 1236 aswVmm - ok
17:15:53.0369 1236 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:15:53.0400 1236 AsyncMac - ok
17:15:53.0437 1236 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:15:53.0450 1236 atapi - ok
17:15:53.0501 1236 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
17:15:53.0514 1236 AtiPcie - ok
17:15:53.0552 1236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:15:53.0589 1236 AudioEndpointBuilder - ok
17:15:53.0598 1236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:15:53.0633 1236 AudioSrv - ok
17:15:53.0740 1236 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:15:53.0752 1236 avast! Antivirus - ok
17:15:53.0792 1236 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:15:53.0807 1236 AxInstSV - ok
17:15:53.0860 1236 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:15:53.0890 1236 b06bdrv - ok
17:15:53.0933 1236 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:15:53.0949 1236 b57nd60a - ok
17:15:53.0993 1236 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:15:54.0007 1236 BDESVC - ok
17:15:54.0012 1236 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:15:54.0040 1236 Beep - ok
17:15:54.0100 1236 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:15:54.0138 1236 BFE - ok
17:15:54.0176 1236 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:15:54.0219 1236 BITS - ok
17:15:54.0257 1236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:15:54.0269 1236 blbdrive - ok
17:15:54.0274 1236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:15:54.0306 1236 bowser - ok
17:15:54.0335 1236 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:15:54.0353 1236 BrFiltLo - ok
17:15:54.0365 1236 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:15:54.0383 1236 BrFiltUp - ok
17:15:54.0415 1236 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:15:54.0449 1236 BridgeMP - ok
17:15:54.0503 1236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:15:54.0520 1236 Browser - ok
17:15:54.0717 1236 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:15:54.0741 1236 Brserid - ok
17:15:54.0779 1236 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:15:54.0794 1236 BrSerWdm - ok
17:15:54.0808 1236 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:15:54.0822 1236 BrUsbMdm - ok
17:15:54.0828 1236 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:15:54.0842 1236 BrUsbSer - ok
17:15:54.0859 1236 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:15:54.0873 1236 BTHMODEM - ok
17:15:54.0919 1236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:15:54.0950 1236 bthserv - ok
17:15:54.0979 1236 catchme - ok
17:15:55.0004 1236 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:15:55.0096 1236 cdfs - ok
17:15:55.0146 1236 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:15:55.0166 1236 cdrom - ok
17:15:55.0196 1236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:15:55.0226 1236 CertPropSvc - ok
17:15:55.0251 1236 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:15:55.0286 1236 circlass - ok
17:15:55.0319 1236 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:15:55.0336 1236 CLFS - ok
17:15:55.0444 1236 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:55.0456 1236 clr_optimization_v2.0.50727_32 - ok
17:15:55.0493 1236 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:15:55.0507 1236 clr_optimization_v2.0.50727_64 - ok
17:15:55.0726 1236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:55.0738 1236 clr_optimization_v4.0.30319_32 - ok
17:15:55.0782 1236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:15:55.0793 1236 clr_optimization_v4.0.30319_64 - ok
17:15:55.0831 1236 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:15:55.0843 1236 CmBatt - ok
17:15:55.0847 1236 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:15:55.0858 1236 cmdide - ok
17:15:55.0898 1236 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:15:55.0920 1236 CNG - ok
17:15:55.0964 1236 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:15:55.0973 1236 Compbatt - ok
17:15:55.0996 1236 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:15:56.0011 1236 CompositeBus - ok
17:15:56.0016 1236 COMSysApp - ok
17:15:56.0023 1236 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:15:56.0035 1236 crcdisk - ok
17:15:56.0079 1236 [ 7FDC4626B01106A8EF328C88C7C0DEE3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:15:56.0100 1236 CryptSvc - ok
17:15:56.0123 1236 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:15:56.0150 1236 CSC - ok
17:15:56.0185 1236 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:15:56.0208 1236 CscService - ok
17:15:56.0257 1236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:15:56.0290 1236 DcomLaunch - ok
17:15:56.0317 1236 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:15:56.0355 1236 defragsvc - ok
17:15:56.0401 1236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:15:56.0434 1236 DfsC - ok
17:15:56.0489 1236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:15:56.0622 1236 Dhcp - ok
17:15:56.0712 1236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:15:56.0744 1236 discache - ok
17:15:56.0800 1236 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:15:56.0810 1236 Disk - ok
17:15:56.0832 1236 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:15:56.0854 1236 dmvsc - ok
17:15:56.0883 1236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:15:56.0896 1236 Dnscache - ok
17:15:56.0907 1236 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:15:56.0943 1236 dot3svc - ok
17:15:56.0954 1236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:15:56.0981 1236 DPS - ok
17:15:57.0022 1236 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:15:57.0041 1236 drmkaud - ok
17:15:57.0088 1236 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:15:57.0114 1236 DXGKrnl - ok
17:15:57.0138 1236 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:15:57.0150 1236 E1G60 - ok
17:15:57.0180 1236 EagleX64 - ok
17:15:57.0211 1236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:15:57.0242 1236 EapHost - ok
17:15:57.0309 1236 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:15:57.0386 1236 ebdrv - ok
17:15:57.0409 1236 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:15:57.0436 1236 EFS - ok
17:15:57.0531 1236 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:15:57.0555 1236 ehRecvr - ok
17:15:57.0565 1236 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:15:57.0581 1236 ehSched - ok
17:15:57.0628 1236 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:15:57.0645 1236 elxstor - ok
17:15:57.0649 1236 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:15:57.0665 1236 ErrDev - ok
17:15:57.0704 1236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:15:57.0742 1236 EventSystem - ok
17:15:57.0757 1236 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:15:57.0788 1236 exfat - ok
17:15:57.0880 1236 FairplayKD - ok
17:15:57.0898 1236 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:15:57.0933 1236 fastfat - ok
17:15:57.0975 1236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:15:57.0999 1236 Fax - ok
17:15:58.0016 1236 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:15:58.0032 1236 fdc - ok
17:15:58.0065 1236 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:15:58.0094 1236 fdPHost - ok
17:15:58.0103 1236 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:15:58.0135 1236 FDResPub - ok
17:15:58.0161 1236 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:15:58.0172 1236 FileInfo - ok
17:15:58.0176 1236 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:15:58.0209 1236 Filetrace - ok
17:15:58.0214 1236 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:15:58.0229 1236 flpydisk - ok
17:15:58.0248 1236 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:15:58.0262 1236 FltMgr - ok
17:15:58.0570 1236 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:15:58.0756 1236 FontCache - ok
17:15:58.0839 1236 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:15:58.0866 1236 FontCache3.0.0.0 - ok
17:15:59.0058 1236 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:15:59.0124 1236 FsDepends - ok
17:15:59.0235 1236 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:15:59.0292 1236 Fs_Rec - ok
17:15:59.0429 1236 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:15:59.0462 1236 fvevol - ok
17:15:59.0557 1236 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:15:59.0570 1236 gagp30kx - ok
17:15:59.0605 1236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:15:59.0645 1236 gpsvc - ok
17:15:59.0778 1236 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:59.0790 1236 gupdate - ok
17:15:59.0795 1236 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:59.0803 1236 gupdatem - ok
17:15:59.0879 1236 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:15:59.0890 1236 hamachi - ok
17:16:00.0569 1236 [ E24E88736B13BC54CA93E7F86A0F4FCF ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:16:00.0759 1236 Hamachi2Svc - ok
17:16:00.0851 1236 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:16:00.0867 1236 hcw85cir - ok
17:16:01.0033 1236 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:16:01.0063 1236 HdAudAddService - ok
17:16:01.0122 1236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:16:01.0148 1236 HDAudBus - ok
17:16:01.0177 1236 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:16:01.0194 1236 HidBatt - ok
17:16:01.0204 1236 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:16:01.0222 1236 HidBth - ok
17:16:01.0259 1236 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:16:01.0273 1236 HidIr - ok
17:16:01.0352 1236 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:16:01.0403 1236 hidserv - ok
17:16:01.0517 1236 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:16:01.0540 1236 HidUsb - ok
17:16:01.0600 1236 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:16:01.0642 1236 hkmsvc - ok
17:16:01.0716 1236 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:16:01.0778 1236 HomeGroupListener - ok
17:16:01.0951 1236 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:16:02.0004 1236 HomeGroupProvider - ok
17:16:02.0072 1236 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:16:02.0089 1236 HpSAMD - ok
17:16:02.0207 1236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:16:02.0266 1236 HTTP - ok
17:16:02.0292 1236 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:16:02.0314 1236 hwpolicy - ok
17:16:02.0339 1236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:16:02.0380 1236 i8042prt - ok
17:16:02.0438 1236 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:16:02.0461 1236 iaStorV - ok
17:16:02.0842 1236 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:16:02.0889 1236 idsvc - ok
17:16:02.0948 1236 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:16:02.0976 1236 iirsp - ok
17:16:03.0251 1236 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:16:03.0308 1236 IKEEXT - ok
17:16:03.0336 1236 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:16:03.0363 1236 intelide - ok
17:16:03.0415 1236 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:16:03.0442 1236 intelppm - ok
17:16:03.0483 1236 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:16:03.0534 1236 IPBusEnum - ok
17:16:03.0560 1236 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:16:03.0636 1236 IpFilterDriver - ok
17:16:03.0855 1236 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:16:03.0894 1236 iphlpsvc - ok
17:16:03.0973 1236 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:16:04.0035 1236 IPMIDRV - ok
17:16:04.0062 1236 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:16:04.0113 1236 IPNAT - ok
17:16:04.0243 1236 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:16:04.0282 1236 IRENUM - ok
17:16:04.0321 1236 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:16:04.0351 1236 isapnp - ok
17:16:04.0497 1236 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:16:04.0595 1236 iScsiPrt - ok
17:16:04.0744 1236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:16:04.0804 1236 kbdclass - ok
17:16:04.0955 1236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:16:05.0263 1236 kbdhid - ok
17:16:05.0339 1236 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:16:05.0353 1236 KeyIso - ok
17:16:05.0477 1236 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:16:05.0553 1236 KSecDD - ok
17:16:05.0771 1236 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:16:05.0788 1236 KSecPkg - ok
17:16:05.0833 1236 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:16:05.0889 1236 ksthunk - ok
17:16:06.0227 1236 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:16:06.0287 1236 KtmRm - ok
17:16:06.0331 1236 [ A43A9920D2409BB9DA747D2FD20A2E61 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:16:06.0368 1236 L1C - ok
17:16:06.0470 1236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:16:06.0517 1236 LanmanServer - ok
17:16:06.0642 1236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:16:06.0730 1236 LanmanWorkstation - ok
17:16:06.0798 1236 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:16:06.0889 1236 lltdio - ok
17:16:07.0224 1236 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:16:07.0313 1236 lltdsvc - ok
17:16:07.0374 1236 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:16:07.0474 1236 lmhosts - ok
17:16:07.0773 1236 [ 02468469C450CD16FB66A56FAB70138B ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
17:16:07.0808 1236 LMIGuardianSvc - ok
17:16:07.0854 1236 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:16:07.0879 1236 LSI_FC - ok
17:16:07.0912 1236 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:16:07.0946 1236 LSI_SAS - ok
17:16:07.0968 1236 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:16:07.0992 1236 LSI_SAS2 - ok
17:16:08.0037 1236 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:16:08.0066 1236 LSI_SCSI - ok
17:16:08.0097 1236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:16:08.0146 1236 luafv - ok
17:16:08.0200 1236 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:16:08.0235 1236 Mcx2Svc - ok
17:16:08.0264 1236 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:16:08.0290 1236 megasas - ok
17:16:08.0370 1236 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:16:08.0390 1236 MegaSR - ok
17:16:08.0564 1236 [ B6CCDC7F88354F2D053A8ADF13DD3AAB ] Mkd2Nadr C:\Windows\system32\drivers\Mkd2Nadr.sys
17:16:08.0594 1236 Mkd2Nadr - ok
17:16:08.0947 1236 [ 28630C95D8F1CC313E80B8EF376648F2 ] Mkd3kfNt C:\Windows\system32\drivers\Mkd3kfNt.sys
17:16:08.0975 1236 Mkd3kfNt - ok
17:16:09.0048 1236 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:16:09.0095 1236 MMCSS - ok
17:16:09.0169 1236 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:16:09.0227 1236 Modem - ok
17:16:09.0258 1236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:16:09.0271 1236 monitor - ok
17:16:09.0326 1236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:16:09.0349 1236 mouclass - ok
17:16:09.0393 1236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:16:09.0423 1236 mouhid - ok
17:16:09.0497 1236 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:16:09.0527 1236 mountmgr - ok
17:16:09.0588 1236 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:16:09.0635 1236 mpio - ok
17:16:09.0689 1236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:16:09.0922 1236 mpsdrv - ok
17:16:10.0282 1236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:16:10.0320 1236 MpsSvc - ok
17:16:10.0445 1236 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:16:10.0466 1236 MRxDAV - ok
17:16:10.0572 1236 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:16:10.0753 1236 mrxsmb - ok
17:16:10.0979 1236 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:16:11.0036 1236 mrxsmb10 - ok
17:16:11.0165 1236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:16:11.0216 1236 mrxsmb20 - ok
17:16:11.0330 1236 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:16:11.0398 1236 msahci - ok
17:16:11.0512 1236 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:16:11.0530 1236 msdsm - ok
17:16:11.0602 1236 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:16:11.0644 1236 MSDTC - ok
17:16:11.0766 1236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:16:11.0812 1236 Msfs - ok
17:16:11.0863 1236 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:16:11.0892 1236 mshidkmdf - ok
17:16:11.0933 1236 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:16:11.0971 1236 msisadrv - ok
17:16:12.0067 1236 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:16:12.0125 1236 MSiSCSI - ok
17:16:12.0129 1236 msiserver - ok
17:16:12.0184 1236 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:16:12.0234 1236 MSKSSRV - ok
17:16:12.0417 1236 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:16:12.0460 1236 MSPCLOCK - ok
17:16:12.0484 1236 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:16:12.0535 1236 MSPQM - ok
17:16:12.0559 1236 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:16:12.0582 1236 MsRPC - ok
17:16:12.0625 1236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:16:12.0646 1236 mssmbios - ok
17:16:12.0680 1236 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:16:12.0714 1236 MSTEE - ok
17:16:12.0719 1236 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:16:12.0734 1236 MTConfig - ok
17:16:12.0747 1236 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:16:12.0760 1236 Mup - ok
17:16:12.0916 1236 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:16:12.0972 1236 napagent - ok
17:16:13.0137 1236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:16:13.0179 1236 NativeWifiP - ok
17:16:13.0498 1236 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:16:13.0549 1236 NDIS - ok
17:16:13.0624 1236 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:16:13.0673 1236 NdisCap - ok
17:16:13.0713 1236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:16:13.0758 1236 NdisTapi - ok
17:16:13.0792 1236 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:16:13.0829 1236 Ndisuio - ok
17:16:13.0862 1236 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:16:13.0890 1236 NdisWan - ok
17:16:13.0901 1236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:16:13.0935 1236 NDProxy - ok
17:16:13.0983 1236 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:16:14.0018 1236 NetBIOS - ok
17:16:14.0075 1236 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:16:14.0113 1236 NetBT - ok
17:16:14.0136 1236 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:16:14.0148 1236 Netlogon - ok
17:16:14.0293 1236 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:16:14.0345 1236 Netman - ok
17:16:14.0435 1236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:14.0456 1236 NetMsmqActivator - ok
17:16:14.0460 1236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:14.0469 1236 NetPipeActivator - ok
17:16:14.0584 1236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:16:14.0643 1236 netprofm - ok
17:16:14.0675 1236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:14.0722 1236 NetTcpActivator - ok
17:16:14.0745 1236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:16:14.0758 1236 NetTcpPortSharing - ok
17:16:14.0868 1236 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:16:14.0908 1236 nfrd960 - ok
17:16:15.0031 1236 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:16:15.0093 1236 NlaSvc - ok
17:16:15.0135 1236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:16:15.0203 1236 Npfs - ok
17:16:15.0345 1236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:16:15.0430 1236 nsi - ok
17:16:15.0478 1236 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:16:15.0524 1236 nsiproxy - ok
17:16:16.0018 1236 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:16:16.0064 1236 Ntfs - ok
17:16:16.0136 1236 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:16:16.0178 1236 Null - ok
17:16:16.0296 1236 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:16:16.0349 1236 NVHDA - ok
17:16:18.0009 1236 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:16:18.0349 1236 nvlddmkm - ok
17:16:18.0402 1236 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:16:18.0417 1236 nvraid - ok
17:16:18.0422 1236 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:16:18.0434 1236 nvstor - ok
17:16:18.0474 1236 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:16:18.0500 1236 nvsvc - ok
17:16:18.0645 1236 [ 7BAB808957880CF38EFC6816FEF7276E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:16:18.0703 1236 nvUpdatusService - ok
17:16:18.0730 1236 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:16:18.0744 1236 nv_agp - ok
17:16:18.0769 1236 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:16:18.0786 1236 ohci1394 - ok
17:16:18.0810 1236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:16:18.0834 1236 p2pimsvc - ok
17:16:18.0869 1236 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:16:18.0892 1236 p2psvc - ok
17:16:18.0929 1236 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:16:18.0941 1236 Parport - ok
17:16:18.0963 1236 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:16:19.0001 1236 partmgr - ok
17:16:19.0008 1236 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:16:19.0027 1236 PcaSvc - ok
17:16:19.0058 1236 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:16:19.0072 1236 pci - ok
17:16:19.0078 1236 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:16:19.0090 1236 pciide - ok
17:16:19.0108 1236 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:16:19.0131 1236 pcmcia - ok
17:16:19.0152 1236 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:16:19.0219 1236 pcw - ok
17:16:19.0311 1236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:16:19.0362 1236 PEAUTH - ok
17:16:19.0496 1236 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:16:19.0584 1236 PeerDistSvc - ok
17:16:19.0856 1236 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:16:19.0870 1236 PerfHost - ok
17:16:19.0926 1236 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:16:19.0975 1236 pla - ok
17:16:20.0033 1236 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:16:20.0053 1236 PlugPlay - ok
17:16:20.0115 1236 PnkBstrA - ok
17:16:20.0156 1236 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:16:20.0170 1236 PNRPAutoReg - ok
17:16:20.0186 1236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:16:20.0208 1236 PNRPsvc - ok
17:16:20.0237 1236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:16:20.0274 1236 PolicyAgent - ok
17:16:20.0300 1236 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:16:20.0353 1236 Power - ok
17:16:20.0392 1236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:16:20.0422 1236 PptpMiniport - ok
17:16:20.0437 1236 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:16:20.0451 1236 Processor - ok
17:16:20.0486 1236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:16:20.0514 1236 ProfSvc - ok
17:16:20.0525 1236 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:16:20.0541 1236 ProtectedStorage - ok
17:16:20.0596 1236 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:16:20.0631 1236 Psched - ok
17:16:20.0854 1236 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:16:20.0998 1236 ql2300 - ok
17:16:21.0029 1236 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:16:21.0040 1236 ql40xx - ok
17:16:21.0068 1236 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:16:21.0089 1236 QWAVE - ok
17:16:21.0094 1236 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:16:21.0111 1236 QWAVEdrv - ok
17:16:21.0115 1236 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:16:21.0145 1236 RasAcd - ok
17:16:21.0192 1236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:16:21.0221 1236 RasAgileVpn - ok
17:16:21.0241 1236 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:16:21.0276 1236 RasAuto - ok
17:16:21.0283 1236 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:16:21.0313 1236 Rasl2tp - ok
17:16:21.0330 1236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:16:21.0366 1236 RasMan - ok
17:16:21.0377 1236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:16:21.0406 1236 RasPppoe - ok
17:16:21.0430 1236 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:16:21.0459 1236 RasSstp - ok
17:16:21.0478 1236 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:16:21.0509 1236 rdbss - ok
17:16:21.0514 1236 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:16:21.0527 1236 rdpbus - ok
17:16:21.0543 1236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:16:21.0570 1236 RDPCDD - ok
17:16:21.0581 1236 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:16:21.0647 1236 RDPDR - ok
17:16:21.0670 1236 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:16:21.0700 1236 RDPENCDD - ok
17:16:21.0707 1236 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:16:21.0736 1236 RDPREFMP - ok
17:16:21.0756 1236 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:16:21.0787 1236 RdpVideoMiniport - ok
17:16:21.0827 1236 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:16:21.0860 1236 RDPWD - ok
17:16:21.0896 1236 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:16:21.0908 1236 rdyboost - ok
17:16:21.0929 1236 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:16:21.0958 1236 RemoteAccess - ok
17:16:21.0988 1236 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:16:22.0018 1236 RemoteRegistry - ok
17:16:22.0127 1236 [ 359E4937D3A52198A1FC0BE5C2188457 ] Rent Update C:/Windows/Rent/Update.exe
17:16:22.0143 1236 Rent Update ( UnsignedFile.Multi.Generic ) - warning
17:16:22.0143 1236 Rent Update - detected UnsignedFile.Multi.Generic (1)
17:16:22.0171 1236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:16:22.0202 1236 RpcEptMapper - ok
17:16:22.0230 1236 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:16:22.0242 1236 RpcLocator - ok
17:16:22.0269 1236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:16:22.0302 1236 RpcSs - ok
17:16:22.0344 1236 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:16:22.0403 1236 rspndr - ok
17:16:22.0441 1236 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:16:22.0452 1236 s3cap - ok
17:16:22.0467 1236 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:16:22.0478 1236 SamSs - ok
17:16:22.0577 1236 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:16:22.0619 1236 sbp2port - ok
17:16:22.0672 1236 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:16:22.0733 1236 SCardSvr - ok
17:16:22.0738 1236 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:16:22.0765 1236 scfilter - ok
17:16:22.0797 1236 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:16:22.0838 1236 Schedule - ok
17:16:22.0861 1236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:16:22.0889 1236 SCPolicySvc - ok
17:16:22.0907 1236 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:16:22.0922 1236 SDRSVC - ok
17:16:22.0949 1236 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:16:22.0976 1236 secdrv - ok
17:16:22.0987 1236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:16:23.0014 1236 seclogon - ok
17:16:23.0031 1236 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:16:23.0060 1236 SENS - ok
17:16:23.0070 1236 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:16:23.0082 1236 SensrSvc - ok
17:16:23.0105 1236 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:16:23.0118 1236 Serenum - ok
17:16:23.0122 1236 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:16:23.0135 1236 Serial - ok
17:16:23.0140 1236 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:16:23.0151 1236 sermouse - ok
17:16:23.0184 1236 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:16:23.0212 1236 SessionEnv - ok
17:16:23.0229 1236 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:16:23.0242 1236 sffdisk - ok
17:16:23.0246 1236 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:16:23.0260 1236 sffp_mmc - ok
17:16:23.0264 1236 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:16:23.0278 1236 sffp_sd - ok
17:16:23.0298 1236 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:16:23.0310 1236 sfloppy - ok
17:16:23.0339 1236 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:16:23.0370 1236 SharedAccess - ok
17:16:23.0388 1236 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:16:23.0420 1236 ShellHWDetection - ok
17:16:23.0455 1236 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:16:23.0465 1236 SiSRaid2 - ok
17:16:23.0470 1236 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:16:23.0481 1236 SiSRaid4 - ok
17:16:23.0519 1236 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:16:23.0553 1236 SkypeUpdate - ok
17:16:23.0570 1236 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:16:23.0608 1236 Smb - ok
17:16:23.0638 1236 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:16:23.0651 1236 SNMPTRAP - ok
17:16:23.0656 1236 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:16:23.0666 1236 spldr - ok
17:16:23.0698 1236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:16:23.0714 1236 Spooler - ok
17:16:23.0791 1236 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:16:23.0849 1236 sppsvc - ok
17:16:23.0863 1236 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:16:23.0892 1236 sppuinotify - ok
17:16:23.0926 1236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:16:23.0961 1236 srv - ok
17:16:23.0989 1236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:16:24.0004 1236 srv2 - ok
17:16:24.0010 1236 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:16:24.0022 1236 srvnet - ok
17:16:24.0066 1236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:16:24.0096 1236 SSDPSRV - ok
17:16:24.0109 1236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:16:24.0139 1236 SstpSvc - ok
17:16:24.0226 1236 [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:16:24.0269 1236 Steam Client Service - ok
17:16:24.0385 1236 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:16:24.0400 1236 Stereo Service - ok
17:16:24.0435 1236 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:16:24.0445 1236 stexstor - ok
17:16:24.0474 1236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:16:24.0632 1236 stisvc - ok
17:16:24.0651 1236 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:16:24.0677 1236 storflt - ok
17:16:24.0716 1236 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:16:24.0760 1236 StorSvc - ok
17:16:24.0860 1236 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:16:24.0881 1236 storvsc - ok
17:16:24.0895 1236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:16:24.0915 1236 swenum - ok
17:16:24.0980 1236 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:16:25.0014 1236 swprv - ok
17:16:25.0020 1236 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
17:16:25.0030 1236 Synth3dVsc - ok
17:16:25.0070 1236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:16:25.0107 1236 SysMain - ok
17:16:25.0124 1236 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:16:25.0141 1236 TabletInputService - ok
17:16:25.0173 1236 [ 3A7CABF7DE8F1325BE8F46685469AEC3 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
17:16:25.0183 1236 taphss6 - ok
17:16:25.0209 1236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:16:25.0240 1236 TapiSrv - ok
17:16:25.0250 1236 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:16:25.0280 1236 TBS - ok
17:16:25.0404 1236 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:16:25.0448 1236 Tcpip - ok
17:16:25.0496 1236 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:16:25.0527 1236 TCPIP6 - ok
17:16:25.0597 1236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:16:25.0608 1236 tcpipreg - ok
17:16:25.0640 1236 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:16:25.0667 1236 TDPIPE - ok
17:16:25.0696 1236 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:16:25.0707 1236 TDTCP - ok
17:16:25.0712 1236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:16:25.0740 1236 tdx - ok
17:16:25.0745 1236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:16:25.0773 1236 TermDD - ok
17:16:25.0790 1236 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
17:16:25.0829 1236 terminpt - ok
17:16:25.0935 1236 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:16:26.0032 1236 TermService - ok
17:16:26.0044 1236 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:16:26.0061 1236 Themes - ok
17:16:26.0076 1236 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:16:26.0105 1236 THREADORDER - ok
17:16:26.0126 1236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:16:26.0156 1236 TrkWks - ok
17:16:26.0195 1236 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:16:26.0223 1236 TrustedInstaller - ok
17:16:26.0230 1236 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:16:26.0258 1236 tssecsrv - ok
17:16:26.0290 1236 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:16:26.0303 1236 TsUsbFlt - ok
17:16:26.0319 1236 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:16:26.0331 1236 TsUsbGD - ok
17:16:26.0353 1236 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
17:16:26.0365 1236 tsusbhub - ok
17:16:26.0395 1236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:16:26.0424 1236 tunnel - ok
17:16:26.0428 1236 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:16:26.0440 1236 uagp35 - ok
17:16:26.0464 1236 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:16:26.0495 1236 udfs - ok
17:16:26.0541 1236 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:16:26.0555 1236 UI0Detect - ok
17:16:26.0559 1236 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:16:26.0570 1236 uliagpkx - ok
17:16:26.0589 1236 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:16:26.0603 1236 umbus - ok
17:16:26.0607 1236 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:16:26.0619 1236 UmPass - ok
17:16:26.0638 1236 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:16:26.0654 1236 UmRdpService - ok
17:16:26.0685 1236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:16:26.0719 1236 upnphost - ok
17:16:26.0724 1236 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:16:26.0736 1236 usbccgp - ok
17:16:26.0747 1236 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:16:26.0761 1236 usbcir - ok
17:16:26.0766 1236 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:16:26.0778 1236 usbehci - ok
17:16:26.0816 1236 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:16:26.0832 1236 usbhub - ok
17:16:26.0837 1236 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:16:26.0848 1236 usbohci - ok
17:16:26.0857 1236 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:16:26.0870 1236 usbprint - ok
17:16:26.0902 1236 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:16:26.0915 1236 USBSTOR - ok
17:16:26.0920 1236 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:16:26.0948 1236 usbuhci - ok
17:16:26.0977 1236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:16:27.0006 1236 UxSms - ok
17:16:27.0026 1236 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:16:27.0038 1236 VaultSvc - ok
17:16:27.0055 1236 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:16:27.0065 1236 vdrvroot - ok
17:16:27.0099 1236 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:16:27.0133 1236 vds - ok
17:16:27.0150 1236 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:16:27.0163 1236 vga - ok
17:16:27.0168 1236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:16:27.0194 1236 VgaSave - ok
17:16:27.0198 1236 VGPU - ok
17:16:27.0207 1236 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:16:27.0220 1236 vhdmp - ok
17:16:27.0234 1236 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:16:27.0244 1236 viaide - ok
17:16:27.0254 1236 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:16:27.0266 1236 vmbus - ok
17:16:27.0271 1236 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:16:27.0282 1236 VMBusHID - ok
17:16:27.0288 1236 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:16:27.0299 1236 volmgr - ok
17:16:27.0381 1236 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:16:27.0411 1236 volmgrx - ok
17:16:27.0427 1236 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:16:27.0440 1236 volsnap - ok
17:16:27.0476 1236 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:16:27.0488 1236 vsmraid - ok
17:16:27.0542 1236 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:16:27.0589 1236 VSS - ok
17:16:27.0629 1236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:16:27.0662 1236 vwifibus - ok
17:16:27.0671 1236 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:16:27.0707 1236 W32Time - ok
17:16:27.0713 1236 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:16:27.0725 1236 WacomPen - ok
17:16:27.0768 1236 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:16:27.0794 1236 WANARP - ok
17:16:27.0797 1236 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:16:27.0824 1236 Wanarpv6 - ok
17:16:27.0871 1236 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:16:27.0903 1236 wbengine - ok
17:16:27.0926 1236 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:16:27.0944 1236 WbioSrvc - ok
17:16:27.0953 1236 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:16:27.0973 1236 wcncsvc - ok
17:16:27.0979 1236 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:16:27.0993 1236 WcsPlugInService - ok
17:16:28.0048 1236 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:16:28.0059 1236 Wd - ok
17:16:28.0096 1236 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:16:28.0119 1236 Wdf01000 - ok
17:16:28.0138 1236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:16:28.0157 1236 WdiServiceHost - ok
17:16:28.0161 1236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:16:28.0178 1236 WdiSystemHost - ok
17:16:28.0188 1236 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:16:28.0208 1236 WebClient - ok
17:16:28.0233 1236 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:16:28.0266 1236 Wecsvc - ok
17:16:28.0282 1236 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:16:28.0312 1236 wercplsupport - ok
17:16:28.0323 1236 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:16:28.0374 1236 WerSvc - ok
17:16:28.0443 1236 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:16:28.0499 1236 WfpLwf - ok
17:16:28.0503 1236 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:16:28.0514 1236 WIMMount - ok
17:16:28.0573 1236 WinDefend - ok
17:16:28.0582 1236 WinHttpAutoProxySvc - ok
17:16:28.0901 1236 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:16:28.0933 1236 Winmgmt - ok
17:16:29.0031 1236 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
17:16:29.0043 1236 WinRing0_1_2_0 - ok
17:16:29.0150 1236 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:16:29.0206 1236 WinRM - ok
17:16:29.0267 1236 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:16:29.0282 1236 WinUsb - ok
17:16:29.0322 1236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:16:29.0350 1236 Wlansvc - ok
17:16:29.0505 1236 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:29.0549 1236 wlidsvc - ok
17:16:29.0576 1236 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:16:29.0588 1236 WmiAcpi - ok
17:16:29.0624 1236 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:16:29.0638 1236 wmiApSrv - ok
17:16:29.0676 1236 WMPNetworkSvc - ok
17:16:29.0763 1236 wolf - ok
17:16:29.0790 1236 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:16:29.0809 1236 WPCSvc - ok
17:16:29.0815 1236 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:16:29.0830 1236 WPDBusEnum - ok
17:16:29.0834 1236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:16:29.0861 1236 ws2ifsl - ok
17:16:29.0872 1236 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:16:29.0890 1236 wscsvc - ok
17:16:29.0894 1236 WSearch - ok
17:16:29.0992 1236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:16:30.0042 1236 wuauserv - ok
17:16:30.0078 1236 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:16:30.0098 1236 WudfPf - ok
17:16:30.0139 1236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:16:30.0153 1236 WUDFRd - ok
17:16:30.0165 1236 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:16:30.0179 1236 wudfsvc - ok
17:16:30.0209 1236 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:16:30.0245 1236 WwanSvc - ok
17:16:30.0526 1236 X6va012 - ok
17:16:30.0555 1236 X6va015 - ok
17:16:30.0570 1236 xhunter1 - ok
17:16:30.0591 1236 ================ Scan global ===============================
17:16:30.0632 1236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:16:30.0676 1236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:30.0688 1236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:30.0715 1236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:16:30.0742 1236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:16:30.0746 1236 [Global] - ok
17:16:30.0747 1236 ================ Scan MBR ==================================
17:16:30.0779 1236 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:16:30.0949 1236 \Device\Harddisk0\DR0 - ok
17:16:30.0950 1236 ================ Scan VBR ==================================
17:16:30.0953 1236 [ A882CDFBE27E4AAC94F410E6067AAC64 ] \Device\Harddisk0\DR0\Partition1
17:16:30.0954 1236 \Device\Harddisk0\DR0\Partition1 - ok
17:16:30.0987 1236 [ 91E602FBBBC9427184DA285B9193E6F3 ] \Device\Harddisk0\DR0\Partition2
17:16:30.0988 1236 \Device\Harddisk0\DR0\Partition2 - ok
17:16:30.0988 1236 ============================================================
17:16:30.0988 1236 Scan finished
17:16:30.0988 1236 ============================================================
17:16:30.0999 4288 Detected object count: 2
17:16:30.0999 4288 Actual detected object count: 2
17:16:38.0603 4288 AODDriver4.2.0 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:38.0604 4288 AODDriver4.2.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:38.0606 4288 Rent Update ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:38.0606 4288 Rent Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter swMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-06 17:20:52
-----------------------------
17:20:52.361 OS Version: Windows x64 6.1.7601 Service Pack 1
17:20:52.361 Number of processors: 3 586 0x503
17:20:52.365 ComputerName: MESUT-PC UserName: Mesut
17:20:55.331 Initialize success
17:20:58.832 AVAST engine defs: 14010501
17:21:41.508 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
17:21:41.513 Disk 0 Vendor: ST160LM0 2AJ1 Size: 152627MB BusType: 11
17:21:42.932 Disk 0 MBR read successfully
17:21:42.934 Disk 0 MBR scan
17:21:43.421 Disk 0 Windows 7 default MBR code
17:21:43.441 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:21:44.093 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
17:21:44.817 Disk 0 scanning C:\Windows\system32\drivers
17:22:00.105 Service scanning
17:22:25.287 Modules scanning
17:22:25.295 Disk 0 trace - called modules:
17:22:25.306 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
17:22:25.310 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80028de5e0]
17:22:25.317 3 CLASSPNP.SYS[fffff8800195743f] -> nt!IofCallDriver -> [0xfffffa8002877b70]
17:22:25.322 5 amdxata.sys[fffff880010bd8b9] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa8002874060]
17:22:27.078 AVAST engine scan C:\Windows
17:22:29.568 AVAST engine scan C:\Windows\system32
17:25:03.455 AVAST engine scan C:\Windows\system32\drivers
17:25:13.095 AVAST engine scan C:\Users\Mesut
17:35:25.920 AVAST engine scan C:\ProgramData
17:37:31.707 Scan finished successfully
17:40:03.348 Disk 0 MBR has been saved successfully to "C:\Users\Mesut\Desktop\MBR.dat"
17:40:03.352 The log file has been saved successfully to "C:\Users\Mesut\Desktop\aswMBR.txt"
Geändert von Zerozo (06.01.2014 um 17:40 Uhr) |
|
07.01.2014, 10:09
| #34 |
| /// the machine /// TB-Ausbilder | Win 7 : Firefox öffnet unsichtbare tabs Bei TDSSKiller bei REnt bitte auf Cure oder Delete stellen und nochmal laufen lassen. Danach bitte Combofix nochmal laufen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.01.2014, 22:29
| #35 |
| | Win 7 : Firefox öffnet unsichtbare tabsCode:
ATTFilter ComboFix 14-01-04.03 - Mesut 07.01.2014 18:07:27.3.3 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.41.1033.18.2047.753 [GMT 1:00]
ausgeführt von:: c:\users\Mesut\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\HirezPipeError.txt
c:\windows\SysWow64\ff
c:\windows\SysWow64\ff\App\AppInfo\appicon.ico
c:\windows\SysWow64\ff\App\AppInfo\appicon_128.png
c:\windows\SysWow64\ff\App\AppInfo\appicon_16.png
c:\windows\SysWow64\ff\App\AppInfo\appicon_32.png
c:\windows\SysWow64\ff\App\AppInfo\appinfo.ini
c:\windows\SysWow64\ff\App\AppInfo\installer.ini
c:\windows\SysWow64\ff\App\Bin\sqlite3.exe
c:\windows\SysWow64\ff\App\DefaultData\plugins\plugins_readme.txt
c:\windows\SysWow64\ff\App\DefaultData\profile\bookmarks.html
c:\windows\SysWow64\ff\App\DefaultData\profile\prefs.js
c:\windows\SysWow64\ff\App\DefaultData\settings\FirefoxPortableSettings.ini
c:\windows\SysWow64\ff\App\Firefox\AccessibleMarshal.dll
c:\windows\SysWow64\ff\App\Firefox\active-update.xml
c:\windows\SysWow64\ff\App\Firefox\application.ini
c:\windows\SysWow64\ff\App\Firefox\breakpadinjector.dll
c:\windows\SysWow64\ff\App\Firefox\browser\blocklist.xml
c:\windows\SysWow64\ff\App\Firefox\browser\chrome.manifest
c:\windows\SysWow64\ff\App\Firefox\browser\components\browsercomps.dll
c:\windows\SysWow64\ff\App\Firefox\browser\components\components.manifest
c:\windows\SysWow64\ff\App\Firefox\browser\crashreporter-override.ini
c:\windows\SysWow64\ff\App\Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\windows\SysWow64\ff\App\Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\windows\SysWow64\ff\App\Firefox\browser\omni.ja
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\amazondotcom-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\bing.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\eBay-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\google.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\leo_ende_de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\wikipedia-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\yahoo-de.xml
c:\windows\SysWow64\ff\App\Firefox\crashreporter.exe
c:\windows\SysWow64\ff\App\Firefox\crashreporter.ini
c:\windows\SysWow64\ff\App\Firefox\D3DCompiler_43.dll
c:\windows\SysWow64\ff\App\Firefox\defaults\pref\channel-prefs.js
c:\windows\SysWow64\ff\App\Firefox\dependentlibs.list
c:\windows\SysWow64\ff\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\windows\SysWow64\ff\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\windows\SysWow64\ff\App\Firefox\firefox.exe
c:\windows\SysWow64\ff\App\Firefox\freebl3.chk
c:\windows\SysWow64\ff\App\Firefox\freebl3.dll
c:\windows\SysWow64\ff\App\Firefox\gkmedias.dll
c:\windows\SysWow64\ff\App\Firefox\libEGL.dll
c:\windows\SysWow64\ff\App\Firefox\libGLESv2.dll
c:\windows\SysWow64\ff\App\Firefox\maintenanceservice.exe
c:\windows\SysWow64\ff\App\Firefox\maintenanceservice_installer.exe
c:\windows\SysWow64\ff\App\Firefox\mozalloc.dll
c:\windows\SysWow64\ff\App\Firefox\mozglue.dll
c:\windows\SysWow64\ff\App\Firefox\mozjs.dll
c:\windows\SysWow64\ff\App\Firefox\msvcp100.dll
c:\windows\SysWow64\ff\App\Firefox\msvcr100.dll
c:\windows\SysWow64\ff\App\Firefox\nss3.dll
c:\windows\SysWow64\ff\App\Firefox\nssckbi.dll
c:\windows\SysWow64\ff\App\Firefox\nssdbm3.chk
c:\windows\SysWow64\ff\App\Firefox\nssdbm3.dll
c:\windows\SysWow64\ff\App\Firefox\omni.ja
c:\windows\SysWow64\ff\App\Firefox\platform.ini
c:\windows\SysWow64\ff\App\Firefox\plugin-container.exe
c:\windows\SysWow64\ff\App\Firefox\plugin-hang-ui.exe
c:\windows\SysWow64\ff\App\Firefox\precomplete
c:\windows\SysWow64\ff\App\Firefox\removed-files
c:\windows\SysWow64\ff\App\Firefox\softokn3.chk
c:\windows\SysWow64\ff\App\Firefox\softokn3.dll
c:\windows\SysWow64\ff\App\Firefox\uninstall\helper.exe
c:\windows\SysWow64\ff\App\Firefox\uninstall\uninstall.update
c:\windows\SysWow64\ff\App\Firefox\update-settings.ini
c:\windows\SysWow64\ff\App\Firefox\updater.exe
c:\windows\SysWow64\ff\App\Firefox\updater.ini
c:\windows\SysWow64\ff\App\Firefox\updates.xml
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.log
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.manifest
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.mar
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.status
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.version
c:\windows\SysWow64\ff\App\Firefox\updates\0\updater.exe
c:\windows\SysWow64\ff\App\Firefox\updates\0\updater.ini
c:\windows\SysWow64\ff\App\Firefox\webapp-uninstaller.exe
c:\windows\SysWow64\ff\App\Firefox\webapprt-stub.exe
c:\windows\SysWow64\ff\App\Firefox\webapprt\omni.ja
c:\windows\SysWow64\ff\App\Firefox\webapprt\webapprt.ini
c:\windows\SysWow64\ff\App\Firefox\xul.dll
c:\windows\SysWow64\ff\App\readme.txt
c:\windows\SysWow64\ff\Data\plugins\npdsplay.dll
c:\windows\SysWow64\ff\Data\plugins\npzylomgamesplayer.dll
c:\windows\SysWow64\ff\Data\plugins\plugins_readme.txt
c:\windows\SysWow64\ff\Data\plugins_choice\list.txt
c:\windows\SysWow64\ff\Data\plugins_choice\np32dsw.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npauthz.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npAviraCallingID.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npctrl.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdeploytk.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdivx32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdrmv2.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdsplay.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npgeplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npitunes.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npjp2.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npnul32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npNxGameeu.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npovshelper.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npPandoWebPlugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nppdf32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nppl3260.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npqtplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nprpplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npspwrap.dll
c:\windows\SysWow64\ff\Data\plugins_choice\NPSWF32_11_7_700_169.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npunity3d32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npvlc.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npwinext.dll
c:\windows\SysWow64\ff\Data\plugins_choice\NPWLPG.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npwpf.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npzylomgamesplayer.dll
c:\windows\SysWow64\ff\Data\profile\blocklist.xml
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-08.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-09.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-10.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-11.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-16.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-22.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-23.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-24.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-25.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-28.json
c:\windows\SysWow64\ff\Data\profile\bookmarks.html
c:\windows\SysWow64\ff\Data\profile\cert8.db
c:\windows\SysWow64\ff\Data\profile\chromeappsstore.sqlite
c:\windows\SysWow64\ff\Data\profile\compatibility.ini
c:\windows\SysWow64\ff\Data\profile\content-prefs.sqlite
c:\windows\SysWow64\ff\Data\profile\cookies.sqlite
c:\windows\SysWow64\ff\Data\profile\downloads.sqlite
c:\windows\SysWow64\ff\Data\profile\extensions.ini
c:\windows\SysWow64\ff\Data\profile\extensions.sqlite
c:\windows\SysWow64\ff\Data\profile\extensions\firebug@software.joehewitt.com.xpi
c:\windows\SysWow64\ff\Data\profile\extensions\remote-control@morch.com.xpi
c:\windows\SysWow64\ff\Data\profile\firebug\annotations.json
c:\windows\SysWow64\ff\Data\profile\firebug\breakpoints.json
c:\windows\SysWow64\ff\Data\profile\formhistory.sqlite
c:\windows\SysWow64\ff\Data\profile\healthreport.sqlite
c:\windows\SysWow64\ff\Data\profile\key3.db
c:\windows\SysWow64\ff\Data\profile\localstore-safe.rdf
c:\windows\SysWow64\ff\Data\profile\localstore.rdf
c:\windows\SysWow64\ff\Data\profile\marionette.log
c:\windows\SysWow64\ff\Data\profile\mimeTypes.rdf
c:\windows\SysWow64\ff\Data\profile\minidumps\a98c2742-fa9f-4fe8-a65d-009c3107488f.dmp
c:\windows\SysWow64\ff\Data\profile\OfflineCache\index.sqlite
c:\windows\SysWow64\ff\Data\profile\parent.lock
c:\windows\SysWow64\ff\Data\profile\permissions.sqlite
c:\windows\SysWow64\ff\Data\profile\places.sqlite
c:\windows\SysWow64\ff\Data\profile\pluginreg.dat
c:\windows\SysWow64\ff\Data\profile\prefs.js
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.sbstore
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.sbstore
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.sbstore
c:\windows\SysWow64\ff\Data\profile\search-metadata.json
c:\windows\SysWow64\ff\Data\profile\search.json
c:\windows\SysWow64\ff\Data\profile\search.sqlite
c:\windows\SysWow64\ff\Data\profile\secmod.db
c:\windows\SysWow64\ff\Data\profile\signons.sqlite
c:\windows\SysWow64\ff\Data\profile\start.txt
c:\windows\SysWow64\ff\Data\profile\startupCache\startupCache.4.little
c:\windows\SysWow64\ff\Data\profile\urlclassifier.pset
c:\windows\SysWow64\ff\Data\profile\urlclassifier3.sqlite
c:\windows\SysWow64\ff\Data\profile\webapps\webapps.json
c:\windows\SysWow64\ff\Data\profile\webappsstore.sqlite
c:\windows\SysWow64\ff\Data\settings\FirefoxPortableSettings.ini
c:\windows\SysWow64\ff\FirefoxPortable.exe
c:\windows\SysWow64\ff\Fonts\aaaiight.ttf
c:\windows\SysWow64\ff\Fonts\abusive pencil.ttf
c:\windows\SysWow64\ff\Fonts\Acens.ttf
c:\windows\SysWow64\ff\Fonts\Acidic.TTF
c:\windows\SysWow64\ff\Fonts\adam.ttf
c:\windows\SysWow64\ff\Fonts\adamb.ttf
c:\windows\SysWow64\ff\Fonts\adambital.ttf
c:\windows\SysWow64\ff\Fonts\Aerosol.ttf
c:\windows\SysWow64\ff\Fonts\aggstock.ttf
c:\windows\SysWow64\ff\Fonts\AIFRAGME.TTF
c:\windows\SysWow64\ff\Fonts\AIRSTREA.TTF
c:\windows\SysWow64\ff\Fonts\airstrip.ttf
c:\windows\SysWow64\ff\Fonts\aladdin.ttf
c:\windows\SysWow64\ff\Fonts\Alias.ttf
c:\windows\SysWow64\ff\Fonts\All Star Resort.ttf
c:\windows\SysWow64\ff\Fonts\AlteHaasGroteskBold.ttf
c:\windows\SysWow64\ff\Fonts\Amerdcon.ttf
c:\windows\SysWow64\ff\Fonts\Android Nation.ttf
c:\windows\SysWow64\ff\Fonts\Anime Ace.ttf
c:\windows\SysWow64\ff\Fonts\beaswfte.ttf
c:\windows\SysWow64\ff\Fonts\Blambot Custom.ttf
c:\windows\SysWow64\ff\Fonts\Blambot Pro.ttf
c:\windows\SysWow64\ff\Fonts\city_burn.ttf
c:\windows\SysWow64\ff\Fonts\CNN.ttf
c:\windows\SysWow64\ff\Fonts\Colcothar.ttf
c:\windows\SysWow64\ff\Fonts\Damn Noisy Kids.ttf
c:\windows\SysWow64\ff\Fonts\Daredevil.ttf
c:\windows\SysWow64\ff\Fonts\DENSMORE.TTF
c:\windows\SysWow64\ff\Fonts\desperado.ttf
c:\windows\SysWow64\ff\Fonts\Detectives Inc.ttf
c:\windows\SysWow64\ff\Fonts\detroitghetto.ttf
c:\windows\SysWow64\ff\Fonts\devotion.ttf
c:\windows\SysWow64\ff\Fonts\dirtyheadline.ttf
c:\windows\SysWow64\ff\Fonts\Diskoboll.ttf
c:\windows\SysWow64\ff\Fonts\EARWIGFA.TTF
c:\windows\SysWow64\ff\Fonts\EDITION_.TTF
c:\windows\SysWow64\ff\Fonts\Ellianarelle s Path.ttf
c:\windows\SysWow64\ff\Fonts\EMPIREST.TTF
c:\windows\SysWow64\ff\Fonts\EpoXY_histoRy.ttf
c:\windows\SysWow64\ff\Fonts\ERTHQAKE.TTF
c:\windows\SysWow64\ff\Fonts\esp.ttf
c:\windows\SysWow64\ff\Fonts\EUROSWH.TTF
c:\windows\SysWow64\ff\Fonts\EVITA.TTF
c:\windows\SysWow64\ff\Fonts\FAREAST.TTF
c:\windows\SysWow64\ff\Fonts\fbsbltc.ttf
c:\windows\SysWow64\ff\Fonts\FerroRosso.ttf
c:\windows\SysWow64\ff\Fonts\Fiesta.ttf
c:\windows\SysWow64\ff\Fonts\fight.TTF
c:\windows\SysWow64\ff\Fonts\Findet Nemo.ttf
c:\windows\SysWow64\ff\Fonts\Flat Earth Scribe.ttf
c:\windows\SysWow64\ff\Fonts\friends good.ttf
c:\windows\SysWow64\ff\Fonts\GameCube.ttf
c:\windows\SysWow64\ff\Fonts\Ginga.ttf
c:\windows\SysWow64\ff\Fonts\Godzilla.ttf
c:\windows\SysWow64\ff\Fonts\GothicFlames.ttf
c:\windows\SysWow64\ff\Fonts\gothikka.ttf
c:\windows\SysWow64\ff\Fonts\Graffogie.ttf
c:\windows\SysWow64\ff\Fonts\groening.ttf
c:\windows\SysWow64\ff\Fonts\gyparody.ttf
c:\windows\SysWow64\ff\Fonts\halflife.ttf
c:\windows\SysWow64\ff\Fonts\Halo.ttf
c:\windows\SysWow64\ff\Fonts\HandSean.ttf
c:\windows\SysWow64\ff\Fonts\HARD_ROCK.ttf
c:\windows\SysWow64\ff\Fonts\Hellraiser SC.ttf
c:\windows\SysWow64\ff\Fonts\Hursheys.ttf
c:\windows\SysWow64\ff\Fonts\idiot.ttf
c:\windows\SysWow64\ff\Fonts\Impossible.ttf
c:\windows\SysWow64\ff\Fonts\in_my_head.ttf
c:\windows\SysWow64\ff\Fonts\Indianhotel.ttf
c:\windows\SysWow64\ff\Fonts\jandles.ttf
c:\windows\SysWow64\ff\Fonts\JaneAust.ttf
c:\windows\SysWow64\ff\Fonts\JerseyLetters.ttf
c:\windows\SysWow64\ff\Fonts\JungleRuff.ttf
c:\windows\SysWow64\ff\Fonts\kaileenw.ttf
c:\windows\SysWow64\ff\Fonts\karabine.ttf
c:\windows\SysWow64\ff\Fonts\Karate.ttf
c:\windows\SysWow64\ff\Fonts\Kitten Meat.ttf
c:\windows\SysWow64\ff\Fonts\Kittkat.ttf
c:\windows\SysWow64\ff\Fonts\Laine.TTF
c:\windows\SysWow64\ff\Fonts\Lazy.ttf
c:\windows\SysWow64\ff\Fonts\LEDLIGHT.ttf
c:\windows\SysWow64\ff\Fonts\Legothick.ttf
c:\windows\SysWow64\ff\Fonts\linkin.ttf
c:\windows\SysWow64\ff\Fonts\LinkinPark.ttf
c:\windows\SysWow64\ff\Fonts\lottepaperfang.ttf
c:\windows\SysWow64\ff\Fonts\maksukehoitus.ttf
c:\windows\SysWow64\ff\Fonts\manga_speak.ttf
c:\windows\SysWow64\ff\Fonts\MARK.TTF
c:\windows\SysWow64\ff\Fonts\Marlboc.ttf
c:\windows\SysWow64\ff\Fonts\Marlbow.ttf
c:\windows\SysWow64\ff\Fonts\Megadeth.ttf
c:\windows\SysWow64\ff\Fonts\meresre.ttf
c:\windows\SysWow64\ff\Fonts\morgenstern.ttf
c:\windows\SysWow64\ff\Fonts\N-Gage.ttf
c:\windows\SysWow64\ff\Fonts\NASALIZA.TTF
c:\windows\SysWow64\ff\Fonts\neon2.ttf
c:\windows\SysWow64\ff\Fonts\NEUROTOX.TTF
c:\windows\SysWow64\ff\Fonts\nevis.ttf
c:\windows\SysWow64\ff\Fonts\Orange Fizz.ttf
c:\windows\SysWow64\ff\Fonts\oreos.ttf
c:\windows\SysWow64\ff\Fonts\Origami.ttf
c:\windows\SysWow64\ff\Fonts\PaisleyCaps .ttf
c:\windows\SysWow64\ff\Fonts\Patches.ttf
c:\windows\SysWow64\ff\Fonts\pdark.ttf
c:\windows\SysWow64\ff\Fonts\Phorssa.ttf
c:\windows\SysWow64\ff\Fonts\Planet of the Apes.ttf
c:\windows\SysWow64\ff\Fonts\Playtoy.ttf
c:\windows\SysWow64\ff\Fonts\Pleiades.TTF
c:\windows\SysWow64\ff\Fonts\postoffice.ttf
c:\windows\SysWow64\ff\Fonts\Pozo.ttf
c:\windows\SysWow64\ff\Fonts\Prototype.ttf
c:\windows\SysWow64\ff\Fonts\Prozak.ttf
c:\windows\SysWow64\ff\Fonts\Pyromane.ttf
c:\windows\SysWow64\ff\Fonts\quake.TTF
c:\windows\SysWow64\ff\Fonts\Requiem.ttf
c:\windows\SysWow64\ff\Fonts\Resident Evil Large.ttf
c:\windows\SysWow64\ff\Fonts\retroRockPoster.ttf
c:\windows\SysWow64\ff\Fonts\ribbon.ttf
c:\windows\SysWow64\ff\Fonts\riesling.ttf
c:\windows\SysWow64\ff\Fonts\Rockit.ttf
c:\windows\SysWow64\ff\Fonts\romeo.ttf
c:\windows\SysWow64\ff\Fonts\Rounded.ttf
c:\windows\SysWow64\ff\Fonts\rzrarti.ttf
c:\windows\SysWow64\ff\Fonts\Scream Real.ttf
c:\windows\SysWow64\ff\Fonts\se7en.ttf
c:\windows\SysWow64\ff\Fonts\Searfont.ttf
c:\windows\SysWow64\ff\Fonts\shellhead.ttf
c:\windows\SysWow64\ff\Fonts\Sickness.ttf
c:\windows\SysWow64\ff\Fonts\sidewalk.ttf
c:\windows\SysWow64\ff\Fonts\Sin City.ttf
c:\windows\SysWow64\ff\Fonts\Sliced_Juice.ttf
c:\windows\SysWow64\ff\Fonts\Smallville1.ttf
c:\windows\SysWow64\ff\Fonts\Spirit Medium.ttf
c:\windows\SysWow64\ff\Fonts\splinter2.ttf
c:\windows\SysWow64\ff\Fonts\spongefont.ttf
c:\windows\SysWow64\ff\Fonts\stentiga.ttf
c:\windows\SysWow64\ff\Fonts\TAGSTER.TTF
c:\windows\SysWow64\ff\Fonts\Taste of steel.ttf
c:\windows\SysWow64\ff\Fonts\TERMINAT.TTF
c:\windows\SysWow64\ff\Fonts\the ring.ttf
c:\windows\SysWow64\ff\Fonts\the sixth sense.ttf
c:\windows\SysWow64\ff\Fonts\the_King__26_Queen_font.ttf
c:\windows\SysWow64\ff\Fonts\the_Poison.ttf
c:\windows\SysWow64\ff\Fonts\TheGodFather.ttf
c:\windows\SysWow64\ff\Fonts\tiza.ttf
c:\windows\SysWow64\ff\Fonts\tondo.ttf
c:\windows\SysWow64\ff\Fonts\tron.ttf
c:\windows\SysWow64\ff\Fonts\Trumania.ttf
c:\windows\SysWow64\ff\Fonts\Turok.ttf
c:\windows\SysWow64\ff\Fonts\ultimate MIDNIGHT.ttf
c:\windows\SysWow64\ff\Fonts\Umberto.ttf
c:\windows\SysWow64\ff\Fonts\Unreal.ttf
c:\windows\SysWow64\ff\Fonts\Uptown__.ttf
c:\windows\SysWow64\ff\Fonts\uwch.ttf
c:\windows\SysWow64\ff\Fonts\Vampiress.ttf
c:\windows\SysWow64\ff\Fonts\Varsity.ttf
c:\windows\SysWow64\ff\Fonts\vintage.ttf
c:\windows\SysWow64\ff\Fonts\walk_plank.ttf
c:\windows\SysWow64\ff\Fonts\weezerfont.ttf
c:\windows\SysWow64\ff\Fonts\WillyWonka.ttf
c:\windows\SysWow64\ff\Fonts\Xfiles.ttf
c:\windows\SysWow64\ff\Fonts\Yoshitoshi.ttf
c:\windows\SysWow64\ff\Fonts\Yukon Gold.ttf
c:\windows\SysWow64\ff\Fonts\zerogene.ttf
c:\windows\SysWow64\ff\Other\Help\images\donation_button.png
c:\windows\SysWow64\ff\Other\Help\images\favicon.ico
c:\windows\SysWow64\ff\Other\Help\images\help_background_footer.png
c:\windows\SysWow64\ff\Other\Help\images\help_background_header.png
c:\windows\SysWow64\ff\Other\Help\images\help_logo_top.png
c:\windows\SysWow64\ff\Other\Source\AppSource.txt
c:\windows\SysWow64\ff\Other\Source\CheckForPlatformSplashDisable.nsh
c:\windows\SysWow64\ff\Other\Source\FirefoxPortable.ini
c:\windows\SysWow64\ff\Other\Source\FirefoxPortable.jpg
c:\windows\SysWow64\ff\Other\Source\FirefoxPortableU.nsi
c:\windows\SysWow64\ff\Other\Source\License.txt
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_DUTCH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ENGLISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ENGLISHGB.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_FRENCH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_GERMAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_HUNGARIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ITALIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_JAPANESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_KOREAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_POLISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_PORTUGUESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_PORTUGUESEBR.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_RUSSIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SIMPCHINESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SPANISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SPANISHINTERNATIONAL.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_TRADCHINESE.nsh
c:\windows\SysWow64\ff\Other\Source\ReadINIStrWithDefault.nsh
c:\windows\SysWow64\ff\Other\Source\Readme.txt
c:\windows\SysWow64\ff\Other\Source\ReplaceInFileWithTextReplace.nsh
c:\windows\SysWow64\ff\Other\Source\SetFileAttributesDirectoryNormal.nsh
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-07 bis 2014-01-07 ))))))))))))))))))))))))))))))
.
.
2014-01-07 17:18 . 2014-01-07 17:18 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-07 17:18 . 2014-01-07 17:18 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-01-07 17:18 . 2014-01-07 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-07 16:43 . 2014-01-07 16:43 -------- d--h--w- c:\windows\SysWow64\FF_BN_416211
2014-01-07 16:24 . 2014-01-07 16:24 -------- d-----w- C:\TDSSKiller_Quarantine
2014-01-05 17:51 . 2014-01-05 18:03 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-05 17:51 . 2014-01-05 17:51 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-05 17:29 . 2014-01-05 17:44 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-02 23:58 . 2014-01-02 23:59 -------- d-----w- C:\FRST
2014-01-01 17:45 . 2014-01-01 17:47 -------- d-----w- C:\AdwCleaner
2013-12-25 19:27 . 2013-12-25 19:27 -------- d-----w- c:\programdata\MTA San Andreas All
2013-12-25 16:45 . 2013-12-25 16:45 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-12-24 13:44 . 2013-12-24 13:44 -------- d-----w- C:\Riot Games
2013-12-24 11:16 . 2013-12-24 11:16 -------- d-----w- c:\windows\ERUNT
2013-12-21 19:59 . 2013-12-21 19:59 -------- d-----w- c:\users\Mesut\AppData\Roaming\Malwarebytes
2013-12-21 19:58 . 2013-12-21 19:58 -------- d-----w- c:\programdata\Malwarebytes
2013-12-18 15:46 . 2013-12-18 15:46 -------- d-----w- c:\users\Mesut\AppData\Roaming\OpenOffice
2013-12-18 15:44 . 2013-12-18 15:45 -------- d-----w- c:\program files (x86)\OpenOffice 4
2013-12-09 20:47 . 2013-12-09 20:57 -------- d--h--w- c:\windows\SysWow64\FF_BN_2019128
2013-12-08 17:31 . 2013-12-08 17:31 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 17:06 . 2013-08-11 13:43 139264 ----a-w- c:\windows\SysWow64\r_unzip.exe
2013-11-28 21:41 . 2013-08-29 12:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-28 21:41 . 2013-08-24 21:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-07 10:52 . 2013-11-07 10:52 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{09326DD3-D6DC-4DFE-9AF4-BF364A099A02}\offreg.dll
2013-10-12 14:08 . 2013-07-13 16:11 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-12 14:08 . 2013-07-13 16:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-12 14:07 . 2013-07-13 16:02 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-10-12 14:07 . 2013-07-13 16:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
"Akamai NetSession Interface"="c:\users\Mesut\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-21 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 wolf;wolf;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 36409309
*NewlyCreated* - 62736061
*Deregistered* - 36409309
*Deregistered* - 62736061
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 10:46 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-01 13:18]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-01 13:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"W7LXE"="c:\users\Mesut\Desktop\Windows 7 Loader eXtreme Edition v3.503\w7lxe.exe" [2010-05-22 28135936]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
ustart page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-36409309.sys
AddRemove-Adobe Flash Player ActiveX - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - c:\program files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-Crossfire Europe - c:\sg interactive\Crossfire Europe\uninst.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3476550111-2045390708-2280625213-1000\Software\SecuROM\License information*]
"datasecu"=hex:17,da,a6,e3,92,01,53,db,f8,5c,8b,3b,60,7c,08,98,ac,49,d1,b6,cc,
39,44,5b,a7,84,3b,5c,d4,6b,42,e5,15,d7,0f,29,9b,4e,1b,b3,91,40,c1,06,12,de,\
"rkeysecu"=hex:91,1c,db,6d,7a,7c,a7,7d,27,17,29,3e,4e,a0,d8,99
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-07 18:21:55
ComboFix-quarantined-files.txt 2014-01-07 17:21
ComboFix2.txt 2013-12-23 13:51
.
Vor Suchlauf: 92'529'999'872 bytes free
Nach Suchlauf: 21 Verzeichnis(se), 92'568'514'560 Bytes frei
.
- - End Of File - - 85E4A26368197ED22F48A75004E30CB5
Code:
ATTFilter 17:58:17.0764 4284 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:58:19.0399 4284 ============================================================
17:58:19.0399 4284 Current date / time: 2014/01/07 17:58:19.0399
17:58:19.0399 4284 SystemInfo:
17:58:19.0399 4284
17:58:19.0399 4284 OS Version: 6.1.7601 ServicePack: 1.0
17:58:19.0399 4284 Product type: Workstation
17:58:19.0400 4284 ComputerName: MESUT-PC
17:58:19.0400 4284 UserName: Mesut
17:58:19.0400 4284 Windows directory: C:\Windows
17:58:19.0400 4284 System windows directory: C:\Windows
17:58:19.0400 4284 Running under WOW64
17:58:19.0400 4284 Processor architecture: Intel x64
17:58:19.0400 4284 Number of processors: 3
17:58:19.0400 4284 Page size: 0x1000
17:58:19.0400 4284 Boot type: Normal boot
17:58:19.0400 4284 ============================================================
17:58:20.0718 4284 BG loaded
17:58:21.0101 4284 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:58:21.0111 4284 ============================================================
17:58:21.0112 4284 \Device\Harddisk0\DR0:
17:58:21.0119 4284 MBR partitions:
17:58:21.0119 4284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:58:21.0119 4284 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
17:58:21.0119 4284 ============================================================
17:58:21.0208 4284 C: <-> \Device\Harddisk0\DR0\Partition2
17:58:21.0208 4284 ============================================================
17:58:21.0208 4284 Initialize success
17:58:21.0208 4284 ============================================================
17:58:26.0311 4740 ============================================================
17:58:26.0311 4740 Scan started
17:58:26.0311 4740 Mode: Manual;
17:58:26.0311 4740 ============================================================
17:58:29.0449 4740 ================ Scan system memory ========================
17:58:29.0449 4740 System memory - ok
17:58:29.0450 4740 ================ Scan services =============================
17:58:29.0901 4740 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:58:29.0908 4740 1394ohci - ok
17:58:29.0989 4740 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:58:29.0996 4740 ACPI - ok
17:58:30.0014 4740 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:58:30.0016 4740 AcpiPmi - ok
17:58:30.0056 4740 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:58:30.0066 4740 adp94xx - ok
17:58:30.0083 4740 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:58:30.0088 4740 adpahci - ok
17:58:30.0095 4740 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:58:30.0098 4740 adpu320 - ok
17:58:30.0129 4740 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:58:30.0130 4740 AeLookupSvc - ok
17:58:30.0195 4740 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:58:30.0206 4740 AFD - ok
17:58:30.0230 4740 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:58:30.0234 4740 agp440 - ok
17:58:30.0249 4740 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:58:30.0252 4740 ALG - ok
17:58:30.0271 4740 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:58:30.0273 4740 aliide - ok
17:58:30.0403 4740 AMD FUEL Service - ok
17:58:30.0412 4740 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:58:30.0415 4740 amdide - ok
17:58:30.0439 4740 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:58:30.0442 4740 AmdK8 - ok
17:58:30.0453 4740 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:58:30.0455 4740 AmdPPM - ok
17:58:30.0487 4740 [ 12A5062C06E03FF70DB47800F91C7A13 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:58:30.0488 4740 amdsata - ok
17:58:30.0531 4740 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:58:30.0536 4740 amdsbs - ok
17:58:30.0565 4740 [ 8A7F289B45CEACAC761E14D5FAC59EB9 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:58:30.0567 4740 amdxata - ok
17:58:30.0639 4740 [ 563EFD021AEB95CAE619643AD82F9D9F ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:58:30.0640 4740 AODDriver4.2.0 - ok
17:58:30.0673 4740 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:58:30.0674 4740 AppID - ok
17:58:30.0705 4740 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:58:30.0706 4740 AppIDSvc - ok
17:58:30.0730 4740 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
17:58:30.0732 4740 Appinfo - ok
17:58:30.0766 4740 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:58:30.0769 4740 AppMgmt - ok
17:58:30.0832 4740 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:58:30.0836 4740 arc - ok
17:58:30.0846 4740 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:58:30.0850 4740 arcsas - ok
17:58:31.0044 4740 [ 4F68A6B5705221CCC1CC73F00D79A9E9 ] ArcService C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
17:58:31.0048 4740 ArcService - ok
17:58:31.0295 4740 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:58:31.0310 4740 aspnet_state - ok
17:58:31.0366 4740 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:58:31.0367 4740 aswFsBlk - ok
17:58:31.0428 4740 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:58:31.0470 4740 aswMonFlt - ok
17:58:31.0513 4740 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:58:31.0516 4740 aswRdr - ok
17:58:31.0556 4740 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:58:31.0559 4740 aswRvrt - ok
17:58:31.0622 4740 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:58:31.0641 4740 aswSnx - ok
17:58:31.0693 4740 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:58:31.0698 4740 aswSP - ok
17:58:31.0714 4740 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:58:31.0716 4740 aswTdi - ok
17:58:31.0746 4740 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:58:31.0749 4740 aswVmm - ok
17:58:31.0790 4740 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:58:31.0791 4740 AsyncMac - ok
17:58:31.0835 4740 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:58:31.0838 4740 atapi - ok
17:58:31.0899 4740 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
17:58:31.0901 4740 AtiPcie - ok
17:58:31.0967 4740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:58:31.0980 4740 AudioEndpointBuilder - ok
17:58:31.0999 4740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:58:32.0005 4740 AudioSrv - ok
17:58:32.0116 4740 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:58:32.0119 4740 avast! Antivirus - ok
17:58:32.0158 4740 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:58:32.0162 4740 AxInstSV - ok
17:58:32.0217 4740 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:58:32.0227 4740 b06bdrv - ok
17:58:32.0278 4740 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:58:32.0285 4740 b57nd60a - ok
17:58:32.0314 4740 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:58:32.0318 4740 BDESVC - ok
17:58:32.0349 4740 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:58:32.0351 4740 Beep - ok
17:58:32.0404 4740 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:58:32.0415 4740 BFE - ok
17:58:32.0453 4740 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:58:32.0476 4740 BITS - ok
17:58:32.0489 4740 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:58:32.0491 4740 blbdrive - ok
17:58:32.0496 4740 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:58:32.0498 4740 bowser - ok
17:58:32.0519 4740 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:58:32.0521 4740 BrFiltLo - ok
17:58:32.0526 4740 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:58:32.0527 4740 BrFiltUp - ok
17:58:32.0559 4740 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:58:32.0561 4740 BridgeMP - ok
17:58:32.0585 4740 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:58:32.0587 4740 Browser - ok
17:58:32.0615 4740 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:58:32.0619 4740 Brserid - ok
17:58:32.0624 4740 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:58:32.0626 4740 BrSerWdm - ok
17:58:32.0631 4740 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:58:32.0632 4740 BrUsbMdm - ok
17:58:32.0638 4740 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:58:32.0642 4740 BrUsbSer - ok
17:58:32.0673 4740 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:58:32.0675 4740 BTHMODEM - ok
17:58:32.0718 4740 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:58:32.0720 4740 bthserv - ok
17:58:32.0757 4740 catchme - ok
17:58:32.0793 4740 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:58:32.0797 4740 cdfs - ok
17:58:32.0817 4740 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:58:32.0821 4740 cdrom - ok
17:58:32.0851 4740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:58:32.0853 4740 CertPropSvc - ok
17:58:32.0872 4740 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:58:32.0873 4740 circlass - ok
17:58:32.0958 4740 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:58:32.0967 4740 CLFS - ok
17:58:33.0078 4740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:58:33.0086 4740 clr_optimization_v2.0.50727_32 - ok
17:58:33.0126 4740 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:58:33.0133 4740 clr_optimization_v2.0.50727_64 - ok
17:58:33.0349 4740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:58:33.0435 4740 clr_optimization_v4.0.30319_32 - ok
17:58:33.0471 4740 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:58:33.0497 4740 clr_optimization_v4.0.30319_64 - ok
17:58:33.0530 4740 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:58:33.0532 4740 CmBatt - ok
17:58:33.0542 4740 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:58:33.0544 4740 cmdide - ok
17:58:33.0587 4740 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:58:33.0592 4740 CNG - ok
17:58:33.0641 4740 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:58:33.0644 4740 Compbatt - ok
17:58:33.0660 4740 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:58:33.0663 4740 CompositeBus - ok
17:58:33.0676 4740 COMSysApp - ok
17:58:33.0685 4740 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:58:33.0686 4740 crcdisk - ok
17:58:33.0734 4740 [ 7FDC4626B01106A8EF328C88C7C0DEE3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:58:33.0737 4740 CryptSvc - ok
17:58:33.0768 4740 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:58:33.0775 4740 CSC - ok
17:58:33.0823 4740 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:58:33.0837 4740 CscService - ok
17:58:33.0882 4740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:58:33.0896 4740 DcomLaunch - ok
17:58:33.0939 4740 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:58:33.0944 4740 defragsvc - ok
17:58:33.0967 4740 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:58:33.0969 4740 DfsC - ok
17:58:34.0014 4740 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:58:34.0022 4740 Dhcp - ok
17:58:34.0032 4740 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:58:34.0035 4740 discache - ok
17:58:34.0090 4740 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:58:34.0093 4740 Disk - ok
17:58:34.0129 4740 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:58:34.0132 4740 dmvsc - ok
17:58:34.0174 4740 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:58:34.0180 4740 Dnscache - ok
17:58:34.0198 4740 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:58:34.0206 4740 dot3svc - ok
17:58:34.0222 4740 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:58:34.0228 4740 DPS - ok
17:58:34.0267 4740 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:58:34.0269 4740 drmkaud - ok
17:58:34.0328 4740 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:58:34.0348 4740 DXGKrnl - ok
17:58:34.0373 4740 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:58:34.0377 4740 E1G60 - ok
17:58:34.0415 4740 EagleX64 - ok
17:58:34.0457 4740 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:58:34.0463 4740 EapHost - ok
17:58:34.0537 4740 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:58:34.0571 4740 ebdrv - ok
17:58:34.0631 4740 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:58:34.0637 4740 EFS - ok
17:58:34.0781 4740 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:58:34.0794 4740 ehRecvr - ok
17:58:34.0810 4740 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:58:34.0812 4740 ehSched - ok
17:58:34.0840 4740 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:58:34.0846 4740 elxstor - ok
17:58:34.0851 4740 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:58:34.0853 4740 ErrDev - ok
17:58:34.0918 4740 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:58:34.0929 4740 EventSystem - ok
17:58:34.0958 4740 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:58:34.0964 4740 exfat - ok
17:58:35.0059 4740 FairplayKD - ok
17:58:35.0078 4740 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:58:35.0084 4740 fastfat - ok
17:58:35.0121 4740 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:58:35.0127 4740 Fax - ok
17:58:35.0150 4740 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:58:35.0152 4740 fdc - ok
17:58:35.0188 4740 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:58:35.0189 4740 fdPHost - ok
17:58:35.0203 4740 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:58:35.0205 4740 FDResPub - ok
17:58:35.0240 4740 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:58:35.0241 4740 FileInfo - ok
17:58:35.0250 4740 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:58:35.0253 4740 Filetrace - ok
17:58:35.0262 4740 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:58:35.0265 4740 flpydisk - ok
17:58:35.0282 4740 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:58:35.0286 4740 FltMgr - ok
17:58:35.0325 4740 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:58:35.0334 4740 FontCache - ok
17:58:35.0385 4740 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:58:35.0387 4740 FontCache3.0.0.0 - ok
17:58:35.0393 4740 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:58:35.0396 4740 FsDepends - ok
17:58:35.0437 4740 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:58:35.0438 4740 Fs_Rec - ok
17:58:35.0489 4740 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:58:35.0494 4740 fvevol - ok
17:58:35.0516 4740 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:58:35.0519 4740 gagp30kx - ok
17:58:35.0557 4740 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:58:35.0574 4740 gpsvc - ok
17:58:35.0648 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:58:35.0652 4740 gupdate - ok
17:58:35.0660 4740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:58:35.0662 4740 gupdatem - ok
17:58:35.0748 4740 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:58:35.0751 4740 hamachi - ok
17:58:35.0902 4740 [ E24E88736B13BC54CA93E7F86A0F4FCF ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:58:35.0924 4740 Hamachi2Svc - ok
17:58:35.0955 4740 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:58:35.0956 4740 hcw85cir - ok
17:58:36.0011 4740 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:58:36.0018 4740 HdAudAddService - ok
17:58:36.0060 4740 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:58:36.0064 4740 HDAudBus - ok
17:58:36.0073 4740 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:58:36.0076 4740 HidBatt - ok
17:58:36.0088 4740 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:58:36.0091 4740 HidBth - ok
17:58:36.0131 4740 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:58:36.0134 4740 HidIr - ok
17:58:36.0167 4740 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:58:36.0172 4740 hidserv - ok
17:58:36.0197 4740 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:58:36.0200 4740 HidUsb - ok
17:58:36.0238 4740 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:58:36.0246 4740 hkmsvc - ok
17:58:36.0267 4740 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:58:36.0275 4740 HomeGroupListener - ok
17:58:36.0303 4740 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:58:36.0313 4740 HomeGroupProvider - ok
17:58:36.0323 4740 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:58:36.0327 4740 HpSAMD - ok
17:58:36.0378 4740 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:58:36.0383 4740 HTTP - ok
17:58:36.0389 4740 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:58:36.0390 4740 hwpolicy - ok
17:58:36.0424 4740 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:58:36.0426 4740 i8042prt - ok
17:58:36.0455 4740 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:58:36.0460 4740 iaStorV - ok
17:58:36.0518 4740 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:58:36.0534 4740 idsvc - ok
17:58:36.0539 4740 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:58:36.0541 4740 iirsp - ok
17:58:36.0580 4740 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:58:36.0591 4740 IKEEXT - ok
17:58:36.0621 4740 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:58:36.0623 4740 intelide - ok
17:58:36.0638 4740 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:58:36.0639 4740 intelppm - ok
17:58:36.0701 4740 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:58:36.0708 4740 IPBusEnum - ok
17:58:36.0718 4740 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:58:36.0722 4740 IpFilterDriver - ok
17:58:36.0764 4740 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:58:36.0771 4740 iphlpsvc - ok
17:58:36.0791 4740 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:58:36.0793 4740 IPMIDRV - ok
17:58:36.0799 4740 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:58:36.0801 4740 IPNAT - ok
17:58:36.0818 4740 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:58:36.0820 4740 IRENUM - ok
17:58:36.0825 4740 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:58:36.0826 4740 isapnp - ok
17:58:36.0861 4740 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:58:36.0867 4740 iScsiPrt - ok
17:58:36.0877 4740 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:58:36.0880 4740 kbdclass - ok
17:58:36.0909 4740 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:58:36.0912 4740 kbdhid - ok
17:58:36.0927 4740 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:58:36.0929 4740 KeyIso - ok
17:58:36.0963 4740 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:58:36.0965 4740 KSecDD - ok
17:58:37.0014 4740 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:58:37.0024 4740 KSecPkg - ok
17:58:37.0042 4740 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:58:37.0043 4740 ksthunk - ok
17:58:37.0070 4740 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:58:37.0075 4740 KtmRm - ok
17:58:37.0107 4740 [ A43A9920D2409BB9DA747D2FD20A2E61 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:58:37.0109 4740 L1C - ok
17:58:37.0158 4740 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:58:37.0163 4740 LanmanServer - ok
17:58:37.0186 4740 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:58:37.0190 4740 LanmanWorkstation - ok
17:58:37.0229 4740 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:58:37.0232 4740 lltdio - ok
17:58:37.0267 4740 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:58:37.0273 4740 lltdsvc - ok
17:58:37.0291 4740 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:58:37.0294 4740 lmhosts - ok
17:58:37.0352 4740 [ 02468469C450CD16FB66A56FAB70138B ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
17:58:37.0357 4740 LMIGuardianSvc - ok
17:58:37.0445 4740 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:58:37.0479 4740 LSI_FC - ok
17:58:37.0484 4740 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:58:37.0487 4740 LSI_SAS - ok
17:58:37.0492 4740 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:58:37.0494 4740 LSI_SAS2 - ok
17:58:37.0517 4740 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:58:37.0519 4740 LSI_SCSI - ok
17:58:37.0525 4740 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:58:37.0527 4740 luafv - ok
17:58:37.0546 4740 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:58:37.0549 4740 Mcx2Svc - ok
17:58:37.0555 4740 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:58:37.0557 4740 megasas - ok
17:58:37.0572 4740 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:58:37.0576 4740 MegaSR - ok
17:58:37.0644 4740 [ B6CCDC7F88354F2D053A8ADF13DD3AAB ] Mkd2Nadr C:\Windows\system32\drivers\Mkd2Nadr.sys
17:58:37.0648 4740 Mkd2Nadr - ok
17:58:37.0717 4740 [ 28630C95D8F1CC313E80B8EF376648F2 ] Mkd3kfNt C:\Windows\system32\drivers\Mkd3kfNt.sys
17:58:37.0722 4740 Mkd3kfNt - ok
17:58:37.0807 4740 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:58:37.0814 4740 MMCSS - ok
17:58:37.0838 4740 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:58:37.0841 4740 Modem - ok
17:58:37.0863 4740 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:58:37.0865 4740 monitor - ok
17:58:37.0879 4740 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:58:37.0882 4740 mouclass - ok
17:58:37.0891 4740 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:58:37.0892 4740 mouhid - ok
17:58:37.0911 4740 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:58:37.0913 4740 mountmgr - ok
17:58:37.0919 4740 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:58:37.0922 4740 mpio - ok
17:58:37.0937 4740 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:58:37.0938 4740 mpsdrv - ok
17:58:37.0970 4740 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:58:37.0981 4740 MpsSvc - ok
17:58:37.0987 4740 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:58:37.0990 4740 MRxDAV - ok
17:58:38.0023 4740 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:58:38.0025 4740 mrxsmb - ok
17:58:38.0067 4740 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:58:38.0073 4740 mrxsmb10 - ok
17:58:38.0084 4740 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:58:38.0088 4740 mrxsmb20 - ok
17:58:38.0103 4740 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:58:38.0105 4740 msahci - ok
17:58:38.0111 4740 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:58:38.0113 4740 msdsm - ok
17:58:38.0131 4740 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:58:38.0134 4740 MSDTC - ok
17:58:38.0188 4740 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:58:38.0190 4740 Msfs - ok
17:58:38.0204 4740 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:58:38.0206 4740 mshidkmdf - ok
17:58:38.0213 4740 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:58:38.0215 4740 msisadrv - ok
17:58:38.0261 4740 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:58:38.0265 4740 MSiSCSI - ok
17:58:38.0270 4740 msiserver - ok
17:58:38.0313 4740 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:58:38.0315 4740 MSKSSRV - ok
17:58:38.0321 4740 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:58:38.0322 4740 MSPCLOCK - ok
17:58:38.0327 4740 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:58:38.0328 4740 MSPQM - ok
17:58:38.0344 4740 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:58:38.0349 4740 MsRPC - ok
17:58:38.0357 4740 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:58:38.0358 4740 mssmbios - ok
17:58:38.0363 4740 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:58:38.0364 4740 MSTEE - ok
17:58:38.0368 4740 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:58:38.0370 4740 MTConfig - ok
17:58:38.0374 4740 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:58:38.0376 4740 Mup - ok
17:58:38.0401 4740 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:58:38.0406 4740 napagent - ok
17:58:38.0455 4740 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:58:38.0463 4740 NativeWifiP - ok
17:58:38.0524 4740 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:58:38.0542 4740 NDIS - ok
17:58:38.0567 4740 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:58:38.0568 4740 NdisCap - ok
17:58:38.0586 4740 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:58:38.0587 4740 NdisTapi - ok
17:58:38.0601 4740 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:58:38.0603 4740 Ndisuio - ok
17:58:38.0660 4740 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:58:38.0664 4740 NdisWan - ok
17:58:38.0674 4740 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:58:38.0677 4740 NDProxy - ok
17:58:38.0714 4740 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:58:38.0716 4740 NetBIOS - ok
17:58:38.0736 4740 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:58:38.0740 4740 NetBT - ok
17:58:38.0757 4740 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:58:38.0760 4740 Netlogon - ok
17:58:38.0816 4740 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:58:38.0829 4740 Netman - ok
17:58:38.0901 4740 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:58:38.0927 4740 NetMsmqActivator - ok
17:58:38.0935 4740 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:58:38.0938 4740 NetPipeActivator - ok
17:58:38.0962 4740 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:58:38.0970 4740 netprofm - ok
17:58:38.0975 4740 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:58:38.0977 4740 NetTcpActivator - ok
17:58:38.0981 4740 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:58:38.0983 4740 NetTcpPortSharing - ok
17:58:39.0011 4740 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:58:39.0013 4740 nfrd960 - ok
17:58:39.0042 4740 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:58:39.0054 4740 NlaSvc - ok
17:58:39.0064 4740 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:58:39.0067 4740 Npfs - ok
17:58:39.0100 4740 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:58:39.0103 4740 nsi - ok
17:58:39.0108 4740 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:58:39.0109 4740 nsiproxy - ok
17:58:39.0163 4740 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:58:39.0181 4740 Ntfs - ok
17:58:39.0193 4740 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:58:39.0194 4740 Null - ok
17:58:39.0254 4740 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:58:39.0260 4740 NVHDA - ok
17:58:39.0565 4740 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:58:39.0790 4740 nvlddmkm - ok
17:58:39.0841 4740 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:58:39.0846 4740 nvraid - ok
17:58:39.0857 4740 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:58:39.0862 4740 nvstor - ok
17:58:39.0900 4740 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:58:39.0912 4740 nvsvc - ok
17:58:40.0063 4740 [ 7BAB808957880CF38EFC6816FEF7276E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:58:40.0084 4740 nvUpdatusService - ok
17:58:40.0100 4740 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:58:40.0103 4740 nv_agp - ok
17:58:40.0118 4740 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:58:40.0119 4740 ohci1394 - ok
17:58:40.0148 4740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:58:40.0153 4740 p2pimsvc - ok
17:58:40.0185 4740 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:58:40.0191 4740 p2psvc - ok
17:58:40.0233 4740 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:58:40.0235 4740 Parport - ok
17:58:40.0256 4740 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:58:40.0258 4740 partmgr - ok
17:58:40.0265 4740 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:58:40.0269 4740 PcaSvc - ok
17:58:40.0285 4740 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:58:40.0288 4740 pci - ok
17:58:40.0292 4740 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:58:40.0294 4740 pciide - ok
17:58:40.0312 4740 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:58:40.0316 4740 pcmcia - ok
17:58:40.0321 4740 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:58:40.0323 4740 pcw - ok
17:58:40.0345 4740 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:58:40.0353 4740 PEAUTH - ok
17:58:40.0392 4740 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:58:40.0408 4740 PeerDistSvc - ok
17:58:40.0639 4740 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:58:40.0646 4740 PerfHost - ok
17:58:40.0753 4740 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:58:40.0774 4740 pla - ok
17:58:40.0841 4740 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:58:40.0857 4740 PlugPlay - ok
17:58:40.0889 4740 PnkBstrA - ok
17:58:40.0928 4740 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:58:40.0936 4740 PNRPAutoReg - ok
17:58:40.0960 4740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:58:40.0971 4740 PNRPsvc - ok
17:58:40.0998 4740 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:58:41.0005 4740 PolicyAgent - ok
17:58:41.0027 4740 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:58:41.0033 4740 Power - ok
17:58:41.0075 4740 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:58:41.0078 4740 PptpMiniport - ok
17:58:41.0087 4740 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:58:41.0089 4740 Processor - ok
17:58:41.0126 4740 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:58:41.0137 4740 ProfSvc - ok
17:58:41.0153 4740 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:58:41.0159 4740 ProtectedStorage - ok
17:58:41.0197 4740 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:58:41.0201 4740 Psched - ok
17:58:41.0258 4740 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:58:41.0279 4740 ql2300 - ok
17:58:41.0285 4740 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:58:41.0287 4740 ql40xx - ok
17:58:41.0319 4740 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:58:41.0324 4740 QWAVE - ok
17:58:41.0330 4740 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:58:41.0331 4740 QWAVEdrv - ok
17:58:41.0336 4740 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:58:41.0338 4740 RasAcd - ok
17:58:41.0387 4740 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:58:41.0389 4740 RasAgileVpn - ok
17:58:41.0414 4740 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:58:41.0423 4740 RasAuto - ok
17:58:41.0449 4740 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:58:41.0451 4740 Rasl2tp - ok
17:58:41.0470 4740 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:58:41.0477 4740 RasMan - ok
17:58:41.0482 4740 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:58:41.0485 4740 RasPppoe - ok
17:58:41.0490 4740 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:58:41.0492 4740 RasSstp - ok
17:58:41.0506 4740 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:58:41.0510 4740 rdbss - ok
17:58:41.0516 4740 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:58:41.0517 4740 rdpbus - ok
17:58:41.0540 4740 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:58:41.0541 4740 RDPCDD - ok
17:58:41.0550 4740 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:58:41.0553 4740 RDPDR - ok
17:58:41.0576 4740 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:58:41.0578 4740 RDPENCDD - ok
17:58:41.0585 4740 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:58:41.0587 4740 RDPREFMP - ok
17:58:41.0607 4740 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:58:41.0609 4740 RdpVideoMiniport - ok
17:58:41.0690 4740 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:58:41.0696 4740 RDPWD - ok
17:58:41.0738 4740 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:58:41.0744 4740 rdyboost - ok
17:58:41.0770 4740 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:58:41.0778 4740 RemoteAccess - ok
17:58:41.0806 4740 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:58:41.0811 4740 RemoteRegistry - ok
17:58:41.0822 4740 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:58:41.0826 4740 RpcEptMapper - ok
17:58:41.0837 4740 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:58:41.0840 4740 RpcLocator - ok
17:58:41.0866 4740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:58:41.0872 4740 RpcSs - ok
17:58:41.0893 4740 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:58:41.0895 4740 rspndr - ok
17:58:41.0915 4740 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:58:41.0917 4740 s3cap - ok
17:58:41.0930 4740 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:58:41.0932 4740 SamSs - ok
17:58:41.0953 4740 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:58:41.0955 4740 sbp2port - ok
17:58:41.0987 4740 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:58:41.0992 4740 SCardSvr - ok
17:58:42.0002 4740 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:58:42.0005 4740 scfilter - ok
17:58:42.0040 4740 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:58:42.0054 4740 Schedule - ok
17:58:42.0080 4740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:58:42.0081 4740 SCPolicySvc - ok
17:58:42.0103 4740 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:58:42.0108 4740 SDRSVC - ok
17:58:42.0156 4740 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:58:42.0159 4740 secdrv - ok
17:58:42.0183 4740 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:58:42.0192 4740 seclogon - ok
17:58:42.0227 4740 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:58:42.0236 4740 SENS - ok
17:58:42.0255 4740 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:58:42.0264 4740 SensrSvc - ok
17:58:42.0292 4740 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:58:42.0295 4740 Serenum - ok
17:58:42.0304 4740 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:58:42.0308 4740 Serial - ok
17:58:42.0317 4740 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:58:42.0321 4740 sermouse - ok
17:58:42.0346 4740 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:58:42.0351 4740 SessionEnv - ok
17:58:42.0356 4740 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:58:42.0357 4740 sffdisk - ok
17:58:42.0362 4740 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:58:42.0364 4740 sffp_mmc - ok
17:58:42.0369 4740 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:58:42.0370 4740 sffp_sd - ok
17:58:42.0393 4740 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:58:42.0395 4740 sfloppy - ok
17:58:42.0424 4740 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:58:42.0428 4740 SharedAccess - ok
17:58:42.0451 4740 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:58:42.0456 4740 ShellHWDetection - ok
17:58:42.0474 4740 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:58:42.0475 4740 SiSRaid2 - ok
17:58:42.0479 4740 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:58:42.0481 4740 SiSRaid4 - ok
17:58:42.0513 4740 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:58:42.0515 4740 SkypeUpdate - ok
17:58:42.0533 4740 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:58:42.0537 4740 Smb - ok
17:58:42.0590 4740 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:58:42.0598 4740 SNMPTRAP - ok
17:58:42.0603 4740 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:58:42.0604 4740 spldr - ok
17:58:42.0687 4740 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:58:42.0704 4740 Spooler - ok
17:58:42.0807 4740 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:58:42.0831 4740 sppsvc - ok
17:58:42.0848 4740 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:58:42.0851 4740 sppuinotify - ok
17:58:42.0877 4740 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:58:42.0882 4740 srv - ok
17:58:42.0896 4740 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:58:42.0900 4740 srv2 - ok
17:58:42.0906 4740 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:58:42.0908 4740 srvnet - ok
17:58:42.0951 4740 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:58:42.0961 4740 SSDPSRV - ok
17:58:42.0972 4740 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:58:42.0982 4740 SstpSvc - ok
17:58:43.0078 4740 [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:58:43.0087 4740 Steam Client Service - ok
17:58:43.0252 4740 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:58:43.0260 4740 Stereo Service - ok
17:58:43.0287 4740 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:58:43.0290 4740 stexstor - ok
17:58:43.0330 4740 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:58:43.0349 4740 stisvc - ok
17:58:43.0370 4740 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:58:43.0373 4740 storflt - ok
17:58:43.0402 4740 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:58:43.0465 4740 StorSvc - ok
17:58:43.0521 4740 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:58:43.0526 4740 storvsc - ok
17:58:43.0540 4740 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:58:43.0550 4740 swenum - ok
17:58:43.0676 4740 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:58:43.0694 4740 swprv - ok
17:58:43.0715 4740 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
17:58:43.0717 4740 Synth3dVsc - ok
17:58:43.0758 4740 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:58:43.0779 4740 SysMain - ok
17:58:43.0798 4740 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:58:43.0801 4740 TabletInputService - ok
17:58:43.0847 4740 [ 3A7CABF7DE8F1325BE8F46685469AEC3 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
17:58:43.0849 4740 taphss6 - ok
17:58:43.0873 4740 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:58:43.0878 4740 TapiSrv - ok
17:58:43.0891 4740 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:58:43.0894 4740 TBS - ok
17:58:43.0972 4740 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:58:43.0992 4740 Tcpip - ok
17:58:44.0037 4740 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:58:44.0049 4740 TCPIP6 - ok
17:58:44.0083 4740 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:58:44.0084 4740 tcpipreg - ok
17:58:44.0115 4740 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:58:44.0116 4740 TDPIPE - ok
17:58:44.0138 4740 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:58:44.0139 4740 TDTCP - ok
17:58:44.0144 4740 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:58:44.0146 4740 tdx - ok
17:58:44.0169 4740 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:58:44.0170 4740 TermDD - ok
17:58:44.0187 4740 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
17:58:44.0188 4740 terminpt - ok
17:58:44.0232 4740 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:58:44.0253 4740 TermService - ok
17:58:44.0264 4740 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:58:44.0273 4740 Themes - ok
17:58:44.0295 4740 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:58:44.0298 4740 THREADORDER - ok
17:58:44.0312 4740 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:58:44.0317 4740 TrkWks - ok
17:58:44.0359 4740 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:58:44.0364 4740 TrustedInstaller - ok
17:58:44.0378 4740 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:58:44.0382 4740 tssecsrv - ok
17:58:44.0405 4740 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:58:44.0407 4740 TsUsbFlt - ok
17:58:44.0435 4740 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:58:44.0436 4740 TsUsbGD - ok
17:58:44.0442 4740 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
17:58:44.0444 4740 tsusbhub - ok
17:58:44.0486 4740 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:58:44.0490 4740 tunnel - ok
17:58:44.0500 4740 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:58:44.0504 4740 uagp35 - ok
17:58:44.0529 4740 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:58:44.0533 4740 udfs - ok
17:58:44.0572 4740 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:58:44.0582 4740 UI0Detect - ok
17:58:44.0592 4740 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:58:44.0596 4740 uliagpkx - ok
17:58:44.0632 4740 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:58:44.0634 4740 umbus - ok
17:58:44.0638 4740 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:58:44.0640 4740 UmPass - ok
17:58:44.0670 4740 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:58:44.0676 4740 UmRdpService - ok
17:58:44.0695 4740 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:58:44.0701 4740 upnphost - ok
17:58:44.0707 4740 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:58:44.0709 4740 usbccgp - ok
17:58:44.0745 4740 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:58:44.0747 4740 usbcir - ok
17:58:44.0752 4740 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:58:44.0754 4740 usbehci - ok
17:58:44.0770 4740 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:58:44.0775 4740 usbhub - ok
17:58:44.0780 4740 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:58:44.0782 4740 usbohci - ok
17:58:44.0800 4740 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:58:44.0802 4740 usbprint - ok
17:58:44.0833 4740 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:58:44.0835 4740 USBSTOR - ok
17:58:44.0840 4740 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:58:44.0842 4740 usbuhci - ok
17:58:44.0875 4740 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:58:44.0879 4740 UxSms - ok
17:58:44.0891 4740 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:58:44.0894 4740 VaultSvc - ok
17:58:44.0909 4740 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:58:44.0911 4740 vdrvroot - ok
17:58:44.0942 4740 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:58:44.0951 4740 vds - ok
17:58:44.0960 4740 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:58:44.0961 4740 vga - ok
17:58:44.0966 4740 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:58:44.0968 4740 VgaSave - ok
17:58:44.0972 4740 VGPU - ok
17:58:44.0980 4740 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:58:44.0983 4740 vhdmp - ok
17:58:44.0999 4740 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:58:45.0000 4740 viaide - ok
17:58:45.0019 4740 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:58:45.0022 4740 vmbus - ok
17:58:45.0026 4740 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:58:45.0027 4740 VMBusHID - ok
17:58:45.0032 4740 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:58:45.0034 4740 volmgr - ok
17:58:45.0054 4740 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:58:45.0058 4740 volmgrx - ok
17:58:45.0081 4740 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:58:45.0084 4740 volsnap - ok
17:58:45.0119 4740 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:58:45.0122 4740 vsmraid - ok
17:58:45.0181 4740 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:58:45.0209 4740 VSS - ok
17:58:45.0215 4740 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:58:45.0216 4740 vwifibus - ok
17:58:45.0225 4740 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:58:45.0233 4740 W32Time - ok
17:58:45.0239 4740 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:58:45.0241 4740 WacomPen - ok
17:58:45.0288 4740 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:58:45.0290 4740 WANARP - ok
17:58:45.0296 4740 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:58:45.0299 4740 Wanarpv6 - ok
17:58:45.0350 4740 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:58:45.0369 4740 wbengine - ok
17:58:45.0392 4740 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:58:45.0398 4740 WbioSrvc - ok
17:58:45.0407 4740 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:58:45.0414 4740 wcncsvc - ok
17:58:45.0420 4740 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:58:45.0424 4740 WcsPlugInService - ok
17:58:45.0447 4740 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:58:45.0448 4740 Wd - ok
17:58:45.0485 4740 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:58:45.0494 4740 Wdf01000 - ok
17:58:45.0515 4740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:58:45.0520 4740 WdiServiceHost - ok
17:58:45.0524 4740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:58:45.0528 4740 WdiSystemHost - ok
17:58:45.0543 4740 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:58:45.0550 4740 WebClient - ok
17:58:45.0577 4740 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:58:45.0583 4740 Wecsvc - ok
17:58:45.0592 4740 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:58:45.0596 4740 wercplsupport - ok
17:58:45.0633 4740 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:58:45.0638 4740 WerSvc - ok
17:58:45.0731 4740 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:58:45.0734 4740 WfpLwf - ok
17:58:45.0743 4740 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:58:45.0746 4740 WIMMount - ok
17:58:45.0772 4740 WinDefend - ok
17:58:45.0788 4740 WinHttpAutoProxySvc - ok
17:58:45.0913 4740 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:58:45.0919 4740 Winmgmt - ok
17:58:46.0019 4740 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
17:58:46.0022 4740 WinRing0_1_2_0 - ok
17:58:46.0099 4740 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:58:46.0126 4740 WinRM - ok
17:58:46.0190 4740 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:58:46.0194 4740 WinUsb - ok
17:58:46.0240 4740 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:58:46.0259 4740 Wlansvc - ok
17:58:46.0422 4740 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:58:46.0449 4740 wlidsvc - ok
17:58:46.0477 4740 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:58:46.0478 4740 WmiAcpi - ok
17:58:46.0514 4740 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:58:46.0517 4740 wmiApSrv - ok
17:58:46.0555 4740 WMPNetworkSvc - ok
17:58:46.0653 4740 wolf - ok
17:58:46.0724 4740 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:58:46.0735 4740 WPCSvc - ok
17:58:46.0745 4740 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:58:46.0757 4740 WPDBusEnum - ok
17:58:46.0777 4740 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:58:46.0779 4740 ws2ifsl - ok
17:58:46.0795 4740 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:58:46.0799 4740 wscsvc - ok
17:58:46.0804 4740 WSearch - ok
17:58:46.0910 4740 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:58:46.0930 4740 wuauserv - ok
17:58:46.0967 4740 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:58:46.0969 4740 WudfPf - ok
17:58:47.0019 4740 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:58:47.0026 4740 WUDFRd - ok
17:58:47.0066 4740 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:58:47.0078 4740 wudfsvc - ok
17:58:47.0110 4740 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:58:47.0116 4740 WwanSvc - ok
17:58:47.0383 4740 X6va012 - ok
17:58:47.0423 4740 X6va015 - ok
17:58:47.0472 4740 xhunter1 - ok
17:58:47.0498 4740 ================ Scan global ===============================
17:58:47.0522 4740 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:58:47.0566 4740 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:58:47.0576 4740 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:58:47.0615 4740 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:58:47.0643 4740 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:58:47.0650 4740 [Global] - ok
17:58:47.0650 4740 ================ Scan MBR ==================================
17:58:47.0702 4740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:58:47.0875 4740 \Device\Harddisk0\DR0 - ok
17:58:47.0875 4740 ================ Scan VBR ==================================
17:58:47.0878 4740 [ A882CDFBE27E4AAC94F410E6067AAC64 ] \Device\Harddisk0\DR0\Partition1
17:58:47.0880 4740 \Device\Harddisk0\DR0\Partition1 - ok
17:58:47.0887 4740 [ 91E602FBBBC9427184DA285B9193E6F3 ] \Device\Harddisk0\DR0\Partition2
17:58:47.0889 4740 \Device\Harddisk0\DR0\Partition2 - ok
17:58:47.0889 4740 ============================================================
17:58:47.0889 4740 Scan finished
17:58:47.0889 4740 ============================================================
17:58:47.0902 3740 Detected object count: 0
17:58:47.0902 3740 Actual detected object count: 0
18:00:47.0368 4764 Deinitialize success
 aba das kan ich erst genau sagen noch ein paar tage den es gab mal zeiten wo es sich 2-3tage nicht geöffnet hat |
|
08.01.2014, 12:06
| #36 |
| /// the machine /// TB-Ausbilder | Win 7 : Firefox öffnet unsichtbare tabs Gefällt mir immer noch nicht richtig. Bitte Combofix noch einmal löschen, neu laden, laufen lassen und das Logfile posten.
__________________ --> Win 7 : Firefox öffnet unsichtbare tabs |
|
08.01.2014, 16:42
| #37 |
| | Win 7 : Firefox öffnet unsichtbare tabsCode:
ATTFilter ComboFix 14-01-08.02 - Mesut 08.01.2014 16:25:43.4.3 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.41.1033.18.2047.717 [GMT 1:00]
ausgeführt von:: c:\users\Mesut\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Internet Explorer\dmlconf.dat
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-08 bis 2014-01-08 ))))))))))))))))))))))))))))))
.
.
2014-01-08 15:37 . 2014-01-08 15:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-08 15:37 . 2014-01-08 15:37 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-01-08 15:37 . 2014-01-08 15:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-07 20:17 . 2010-02-04 09:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2014-01-07 20:17 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2014-01-07 20:17 . 2010-02-04 09:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2014-01-07 20:17 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-01-07 20:17 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2014-01-07 20:17 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-01-07 20:17 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2014-01-07 20:17 . 2014-01-07 20:17 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-01-07 19:51 . 2014-01-07 19:52 -------- d-----w- c:\users\Mesut\AppData\Local\SearchProtect
2014-01-07 16:43 . 2014-01-07 16:43 -------- d--h--w- c:\windows\SysWow64\FF_BN_416211
2014-01-07 16:24 . 2014-01-07 16:24 -------- d-----w- C:\TDSSKiller_Quarantine
2014-01-05 17:51 . 2014-01-05 18:03 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-05 17:51 . 2014-01-05 17:51 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-05 17:29 . 2014-01-05 17:44 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-02 23:58 . 2014-01-02 23:59 -------- d-----w- C:\FRST
2014-01-01 17:45 . 2014-01-01 17:47 -------- d-----w- C:\AdwCleaner
2013-12-25 19:27 . 2013-12-25 19:27 -------- d-----w- c:\programdata\MTA San Andreas All
2013-12-25 16:45 . 2013-12-25 16:45 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-12-24 13:44 . 2013-12-24 13:44 -------- d-----w- C:\Riot Games
2013-12-24 11:16 . 2013-12-24 11:16 -------- d-----w- c:\windows\ERUNT
2013-12-21 19:59 . 2013-12-21 19:59 -------- d-----w- c:\users\Mesut\AppData\Roaming\Malwarebytes
2013-12-21 19:58 . 2013-12-21 19:58 -------- d-----w- c:\programdata\Malwarebytes
2013-12-18 15:46 . 2013-12-18 15:46 -------- d-----w- c:\users\Mesut\AppData\Roaming\OpenOffice
2013-12-18 15:44 . 2013-12-18 15:45 -------- d-----w- c:\program files (x86)\OpenOffice 4
2013-12-09 20:47 . 2013-12-09 20:57 -------- d--h--w- c:\windows\SysWow64\FF_BN_2019128
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 17:06 . 2013-08-11 13:43 139264 ----a-w- c:\windows\SysWow64\r_unzip.exe
2013-11-28 21:41 . 2013-08-29 12:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-28 21:41 . 2013-08-24 21:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-07 10:52 . 2013-11-07 10:52 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{09326DD3-D6DC-4DFE-9AF4-BF364A099A02}\offreg.dll
2013-10-12 14:08 . 2013-07-13 16:11 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-12 14:08 . 2013-07-13 16:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-12 14:07 . 2013-07-13 16:02 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-10-12 14:07 . 2013-07-13 16:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
"Akamai NetSession Interface"="c:\users\Mesut\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-21 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 wolf;wolf;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 10:46 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-01 13:18]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-01 13:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"W7LXE"="c:\users\Mesut\Desktop\Windows 7 Loader eXtreme Edition v3.503\w7lxe.exe" [2010-05-22 28135936]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
ustart page = hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE178E7E2-62D8-4E1F-8D9D-9EE9989AE4A1&SSPV=
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe Flash Player ActiveX - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - c:\program files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-Crossfire Europe - c:\sg interactive\Crossfire Europe\uninst.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3476550111-2045390708-2280625213-1000\Software\SecuROM\License information*]
"datasecu"=hex:17,da,a6,e3,92,01,53,db,f8,5c,8b,3b,60,7c,08,98,ac,49,d1,b6,cc,
39,44,5b,a7,84,3b,5c,d4,6b,42,e5,15,d7,0f,29,9b,4e,1b,b3,91,40,c1,06,12,de,\
"rkeysecu"=hex:91,1c,db,6d,7a,7c,a7,7d,27,17,29,3e,4e,a0,d8,99
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-08 16:40:19
ComboFix-quarantined-files.txt 2014-01-08 15:40
ComboFix2.txt 2014-01-07 17:21
ComboFix3.txt 2013-12-23 13:51
.
Vor Suchlauf: 92'121'653'248 bytes free
Nach Suchlauf: 21 Verzeichnis(se), 91'938'725'888 Bytes frei
.
- - End Of File - - 5D92CF1AA536E6A893FF0D59E406239A
|
|
09.01.2014, 11:25
| #38 |
| /// the machine /// TB-Ausbilder | Win 7 : Firefox öffnet unsichtbare tabs AdwCleaner löschen wenn vorhanden: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.01.2014, 20:58
| #39 |
| | Win 7 : Firefox öffnet unsichtbare tabsCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.10.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mesut :: MESUT-PC [Administrator] Schutz: Deaktiviert 10.01.2014 15:32:21 MBAM-log-2014-01-10 (15-37-00).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 248200 Laufzeit: 4 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.ConduitSearchProtect) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|start page (PUP.Optional.Conduit.A) -> Bösartig: (hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE178E7E2-62D8-4E1F-8D9D-9EE9989AE4A1&SSPV=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.016 - Report created 10/01/2014 at 15:45:04
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : Mesut - MESUT-PC
# Running from : C:\Users\Mesut\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : CltMngSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Mesut\AppData\Local\Searchprotect
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16483
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start page]
-\\ Mozilla Firefox v
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Mesut\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1001 octets] - [01/01/2014 18:45:45]
AdwCleaner[R1].txt - [1551 octets] - [10/01/2014 15:38:16]
AdwCleaner[S0].txt - [1064 octets] - [01/01/2014 18:47:14]
AdwCleaner[S1].txt - [1233 octets] - [10/01/2014 15:45:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1293 octets] ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by Mesut (administrator) on MESUT-PC on 10-01-2014 20:56:04
Running from C:\Users\Mesut\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Mesut\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Mesut\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [W7LXE] - C:\Users\Mesut\Desktop\Windows 7 Loader eXtreme Edition v3.503\w7lxe.exe [28135936 2010-05-22] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Mesut\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x974FB908CA5ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mesut\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "https://www.google.de/"
CHR DefaultSearchKeyword: youtube.com
CHR DefaultSearchProvider: YouTube-Videosuche
CHR DefaultSearchURL: hxxp://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch
CHR DefaultNewTabURL:
CHR Extension: (AdBlock) - C:\Users\Mesut\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Twitch.tv Europe Lag Fix) - C:\Users\Mesut\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoehmlkhjgaboegkondkciclminpjof\2.0_0
CHR Extension: (Steam Theme) - C:\Users\Mesut\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcphcjcjgkjmbphkfjleamgkinaeebnm\1.1_0
CHR Extension: (Google Wallet) - C:\Users\Mesut\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Mesut\AppData\Local\newhb2.crx
CHR HKCU\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Mesut\AppData\Local\newhb2.crx
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Mesut\AppData\Local\newhb2.crx
==================== Services (Whitelisted) =================
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-10-10] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-12] ()
==================== Drivers (Whitelisted) ====================
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [106040 2009-03-12] (AhnLab, Inc.)
S3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [180280 2009-08-18] (AhnLab, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 20:56 - 2014-01-10 20:56 - 00012823 _____ C:\Users\Mesut\Desktop\FRST.txt
2014-01-10 17:47 - 2014-01-10 18:51 - 00000000 ____D C:\Users\Mesut\Documents\InfiniteCrisis
2014-01-10 17:46 - 2014-01-10 17:49 - 00000000 ____D C:\Users\Mesut\AppData\Local\InfiniteCrisis
2014-01-10 16:47 - 2014-01-10 16:47 - 00000000 ____D C:\Users\Mesut\AppData\Local\Turbine
2014-01-10 16:42 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-01-10 16:42 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-01-10 16:42 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-01-10 16:42 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-01-10 16:42 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-01-10 16:42 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-01-10 16:41 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-01-10 16:41 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-01-10 16:41 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-01-10 16:41 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-01-10 16:41 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-01-10 16:41 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-01-10 16:41 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-01-10 16:41 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-01-10 16:41 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-01-10 16:41 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-01-10 16:41 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-01-10 16:41 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-01-10 16:41 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-01-10 16:41 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-01-10 16:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-01-10 16:41 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-01-10 16:41 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-01-10 16:41 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-01-10 16:41 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-01-10 16:41 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-01-10 16:41 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-01-10 16:41 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-01-10 16:41 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-01-10 16:41 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-01-10 16:41 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-01-10 16:41 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-01-10 16:41 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-01-10 16:41 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-01-10 16:41 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-01-10 16:41 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-01-10 16:41 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-01-10 16:41 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-01-10 16:41 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-01-10 16:41 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-01-10 16:41 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-01-10 16:41 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-01-10 16:41 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-01-10 16:41 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-01-10 16:41 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-01-10 16:41 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-01-10 16:41 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-01-10 16:41 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-01-10 16:41 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-01-10 16:41 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-01-10 16:41 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-01-10 16:41 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-01-10 16:41 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-01-10 16:41 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-01-10 16:41 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-01-10 16:41 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-01-10 16:41 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-01-10 16:41 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-01-10 16:41 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-01-10 16:41 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-01-10 16:41 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-01-10 16:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-01-10 16:41 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-01-10 16:41 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-01-10 16:41 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-01-10 16:41 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-01-10 16:40 - 2014-01-10 16:41 - 00016883 _____ C:\Windows\DirectX.log
2014-01-10 16:40 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-01-10 16:40 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-01-10 16:40 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-01-10 16:40 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-01-10 16:40 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-01-10 16:40 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-01-10 16:40 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-01-10 16:40 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-01-10 16:40 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-01-10 16:40 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-01-10 16:40 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-01-10 16:40 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-01-10 16:40 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-01-10 16:40 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-01-10 16:40 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-01-10 16:40 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-01-10 16:40 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-01-10 16:40 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-01-10 16:40 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-01-10 16:40 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-01-10 16:40 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-01-10 16:40 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-01-10 16:40 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-01-10 16:40 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-01-10 16:40 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-01-10 16:40 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-01-10 16:40 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-01-10 16:40 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-01-10 16:40 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-01-10 16:40 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-01-10 16:40 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-01-10 16:40 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-01-10 16:40 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-01-10 16:40 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-01-10 16:40 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-01-10 16:40 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-01-10 16:40 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-01-10 16:40 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-01-10 16:40 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-01-10 16:40 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-01-10 16:40 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-01-10 16:40 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-01-10 16:40 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-01-10 16:40 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-01-10 16:40 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-01-10 16:40 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-01-10 16:40 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-01-10 16:40 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-01-10 16:38 - 2014-01-10 16:38 - 00001088 _____ C:\Users\Public\Desktop\InfiniteCrisis.lnk
2014-01-10 16:38 - 2014-01-10 16:38 - 00000000 ____D C:\ProgramData\Turbine
2014-01-10 16:37 - 2014-01-10 17:44 - 00000000 ____D C:\Program Files (x86)\InfiniteCrisis
2014-01-10 16:32 - 2014-01-10 16:37 - 138644080 _____ C:\Users\Mesut\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
2014-01-10 16:07 - 2014-01-10 16:07 - 00000699 _____ C:\Users\Mesut\Desktop\JRT.txt
2014-01-10 15:59 - 2014-01-10 15:59 - 01037068 _____ (Thisisu) C:\Users\Mesut\Desktop\JRT.exe
2014-01-10 15:38 - 2014-01-10 15:38 - 01233962 _____ C:\Users\Mesut\Desktop\adwcleaner.exe
2014-01-10 15:29 - 2014-01-10 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 15:29 - 2014-01-10 15:29 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 15:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 15:25 - 2014-01-10 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mesut\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-08 16:40 - 2014-01-08 16:40 - 00023040 _____ C:\ComboFix.txt
2014-01-08 16:23 - 2014-01-08 16:23 - 05162308 ____R (Swearware) C:\Users\Mesut\Desktop\ComboFix.exe
2014-01-07 21:18 - 2014-01-07 21:18 - 00000000 ____D C:\Users\Mesut\Documents\My Games
2014-01-07 21:17 - 2014-01-07 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2014-01-07 21:17 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-01-07 21:17 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-01-07 21:17 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-01-07 21:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-01-07 21:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-01-07 21:17 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-01-07 21:17 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-01-07 21:10 - 2014-01-07 21:10 - 00000000 ____D C:\Users\Mesut\Downloads\Terraria1.2.2
2014-01-07 21:08 - 2014-01-07 21:10 - 42086756 ____R C:\Users\Mesut\Downloads\Terraria1.2.2.rar
2014-01-07 20:49 - 2014-01-07 20:49 - 01142864 _____ (BitTorrent Inc.) C:\Users\Mesut\Desktop\utorrent_3.3.2b30416.exe
2014-01-07 17:43 - 2014-01-07 17:43 - 00000000 ___HD C:\Windows\SysWOW64\FF_BN_416211
2014-01-07 17:24 - 2014-01-07 17:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-06 17:06 - 2014-01-06 17:07 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Mesut\Desktop\tdsskiller.exe
2014-01-05 18:51 - 2014-01-05 19:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-05 18:32 - 2014-01-05 19:03 - 00000000 ____D C:\Users\Mesut\Desktop\mbar
2014-01-05 18:29 - 2014-01-05 18:44 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-04 15:47 - 2014-01-04 15:47 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-03 00:58 - 2014-01-10 20:55 - 00000000 ____D C:\FRST
2014-01-01 19:07 - 2014-01-10 20:55 - 00000000 ____D C:\Users\Mesut\Desktop\FRST-OlderVersion
2014-01-01 18:45 - 2014-01-10 15:45 - 00000000 ____D C:\AdwCleaner
2013-12-25 23:04 - 2013-12-25 23:04 - 03684312 _____ C:\Users\Mesut\Desktop\rgnlauncher0.9.6.exe
2013-12-25 23:03 - 2014-01-05 22:03 - 00000000 ____D C:\Users\Mesut\Desktop\SAMP
2013-12-25 20:29 - 2013-12-25 23:09 - 00000000 ____D C:\Users\Mesut\Documents\GTA San Andreas User Files
2013-12-25 20:29 - 2013-12-25 20:29 - 00002124 _____ C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
2013-12-25 20:27 - 2013-12-25 20:27 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2013-12-25 20:19 - 2013-03-04 01:46 - 00000000 ____D C:\Users\Mesut\Desktop\mta
2013-12-25 17:45 - 2013-12-25 17:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-24 14:44 - 2013-12-24 14:44 - 00000000 ____D C:\Riot Games
2013-12-24 12:29 - 2013-12-31 16:19 - 00000000 ____D C:\Users\Mesut\Downloads\FRST-OlderVersion
2013-12-24 12:16 - 2013-12-24 12:16 - 00000000 ____D C:\Windows\ERUNT
2013-12-23 14:25 - 2014-01-08 16:40 - 00000000 ____D C:\Qoobox
2013-12-23 14:25 - 2013-12-23 14:50 - 00000000 ____D C:\Windows\erdnt
2013-12-23 14:25 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-23 14:25 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-23 14:25 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-23 14:25 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-23 14:25 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-23 14:25 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-23 14:25 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-23 14:25 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-22 10:38 - 2014-01-10 20:55 - 01932166 _____ (Farbar) C:\Users\Mesut\Desktop\FRST64.exe
2013-12-22 10:27 - 2014-01-10 15:47 - 00055168 _____ C:\Windows\PFRO.log
2013-12-22 10:27 - 2014-01-10 15:47 - 00001960 _____ C:\Windows\setupact.log
2013-12-22 10:27 - 2013-12-22 10:27 - 00000000 _____ C:\Windows\setuperr.log
2013-12-21 20:59 - 2013-12-21 20:59 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Malwarebytes
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-18 16:46 - 2013-12-18 16:46 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\OpenOffice
2013-12-18 16:45 - 2013-12-18 16:45 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-12-18 16:44 - 2013-12-18 16:45 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-18 16:39 - 2013-12-21 20:24 - 00000000 ____D C:\Users\Mesut\Desktop\OpenOffice 4.0.1 (de) Installation Files
==================== One Month Modified Files and Folders =======
2014-01-10 20:56 - 2014-01-10 20:56 - 00012823 _____ C:\Users\Mesut\Desktop\FRST.txt
2014-01-10 20:55 - 2014-01-03 00:58 - 00000000 ____D C:\FRST
2014-01-10 20:55 - 2014-01-01 19:07 - 00000000 ____D C:\Users\Mesut\Desktop\FRST-OlderVersion
2014-01-10 20:55 - 2013-12-22 10:38 - 01932166 _____ (Farbar) C:\Users\Mesut\Desktop\FRST64.exe
2014-01-10 20:55 - 2013-06-01 14:24 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Skype
2014-01-10 20:51 - 2013-06-01 14:18 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 19:50 - 2009-07-14 05:45 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 19:50 - 2009-07-14 05:45 - 00019680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 18:51 - 2014-01-10 17:47 - 00000000 ____D C:\Users\Mesut\Documents\InfiniteCrisis
2014-01-10 17:49 - 2014-01-10 17:46 - 00000000 ____D C:\Users\Mesut\AppData\Local\InfiniteCrisis
2014-01-10 17:44 - 2014-01-10 16:37 - 00000000 ____D C:\Program Files (x86)\InfiniteCrisis
2014-01-10 17:05 - 2013-06-11 19:00 - 00000800 _____ C:\Users\Mesut\Desktop\Neues Textdokument (2).txt
2014-01-10 16:47 - 2014-01-10 16:47 - 00000000 ____D C:\Users\Mesut\AppData\Local\Turbine
2014-01-10 16:46 - 2013-08-29 13:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 16:46 - 2013-08-24 22:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 16:45 - 2013-11-28 22:39 - 00000000 ____D C:\Users\Mesut\AppData\Local\Adobe
2014-01-10 16:41 - 2014-01-10 16:40 - 00016883 _____ C:\Windows\DirectX.log
2014-01-10 16:38 - 2014-01-10 16:38 - 00001088 _____ C:\Users\Public\Desktop\InfiniteCrisis.lnk
2014-01-10 16:38 - 2014-01-10 16:38 - 00000000 ____D C:\ProgramData\Turbine
2014-01-10 16:37 - 2014-01-10 16:32 - 138644080 _____ C:\Users\Mesut\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
2014-01-10 16:07 - 2014-01-10 16:07 - 00000699 _____ C:\Users\Mesut\Desktop\JRT.txt
2014-01-10 15:59 - 2014-01-10 15:59 - 01037068 _____ (Thisisu) C:\Users\Mesut\Desktop\JRT.exe
2014-01-10 15:49 - 2013-10-04 17:53 - 00000000 ____D C:\Users\Mesut\AppData\Local\LogMeIn Hamachi
2014-01-10 15:49 - 2013-09-24 21:56 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-10 15:49 - 2013-06-11 15:28 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-10 15:47 - 2013-12-22 10:27 - 00055168 _____ C:\Windows\PFRO.log
2014-01-10 15:47 - 2013-12-22 10:27 - 00001960 _____ C:\Windows\setupact.log
2014-01-10 15:47 - 2013-06-01 14:18 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 15:47 - 2013-06-01 13:37 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-10 15:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 15:45 - 2014-01-01 18:45 - 00000000 ____D C:\AdwCleaner
2014-01-10 15:45 - 2013-06-01 16:46 - 01805571 _____ C:\Windows\WindowsUpdate.log
2014-01-10 15:38 - 2014-01-10 15:38 - 01233962 _____ C:\Users\Mesut\Desktop\adwcleaner.exe
2014-01-10 15:30 - 2014-01-10 15:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 15:29 - 2014-01-10 15:29 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 15:25 - 2014-01-10 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mesut\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-09 20:40 - 2013-09-26 17:31 - 00000000 ____D C:\Users\Mesut\AppData\Local\PMB Files
2014-01-09 20:40 - 2013-09-26 17:27 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-09 17:53 - 2013-06-01 21:31 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\TS3Client
2014-01-08 22:15 - 2013-11-12 16:20 - 00000000 ____D C:\Users\Mesut\Desktop\Planungen
2014-01-08 22:15 - 2013-06-01 15:49 - 00694672 _____ C:\Windows\system32\perfh007.dat
2014-01-08 22:15 - 2013-06-01 15:49 - 00147796 _____ C:\Windows\system32\perfc007.dat
2014-01-08 22:15 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 16:40 - 2014-01-08 16:40 - 00023040 _____ C:\ComboFix.txt
2014-01-08 16:40 - 2013-12-23 14:25 - 00000000 ____D C:\Qoobox
2014-01-08 16:37 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-08 16:23 - 2014-01-08 16:23 - 05162308 ____R (Swearware) C:\Users\Mesut\Desktop\ComboFix.exe
2014-01-07 21:18 - 2014-01-07 21:18 - 00000000 ____D C:\Users\Mesut\Documents\My Games
2014-01-07 21:17 - 2014-01-07 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2014-01-07 21:17 - 2013-09-22 14:22 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\uTorrent
2014-01-07 21:13 - 2013-08-23 18:26 - 00000000 ____D C:\Users\Mesut\AppData\Local\CrashDumps
2014-01-07 21:10 - 2014-01-07 21:10 - 00000000 ____D C:\Users\Mesut\Downloads\Terraria1.2.2
2014-01-07 21:10 - 2014-01-07 21:08 - 42086756 ____R C:\Users\Mesut\Downloads\Terraria1.2.2.rar
2014-01-07 20:49 - 2014-01-07 20:49 - 01142864 _____ (BitTorrent Inc.) C:\Users\Mesut\Desktop\utorrent_3.3.2b30416.exe
2014-01-07 17:43 - 2014-01-07 17:43 - 00000000 ___HD C:\Windows\SysWOW64\FF_BN_416211
2014-01-07 17:24 - 2014-01-07 17:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-06 17:07 - 2014-01-06 17:06 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Mesut\Desktop\tdsskiller.exe
2014-01-05 22:03 - 2013-12-25 23:03 - 00000000 ____D C:\Users\Mesut\Desktop\SAMP
2014-01-05 19:03 - 2014-01-05 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-05 19:03 - 2014-01-05 18:32 - 00000000 ____D C:\Users\Mesut\Desktop\mbar
2014-01-05 18:44 - 2014-01-05 18:29 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-04 15:48 - 2013-11-04 17:16 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Mozilla
2014-01-04 15:47 - 2014-01-04 15:47 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-01 14:44 - 2013-06-13 15:12 - 00000000 ____D C:\Users\Mesut\Desktop\Mesut abi
2013-12-31 18:06 - 2013-08-11 14:43 - 00139264 _____ C:\Windows\SysWOW64\r_unzip.exe
2013-12-31 16:19 - 2013-12-24 12:29 - 00000000 ____D C:\Users\Mesut\Downloads\FRST-OlderVersion
2013-12-26 13:08 - 2013-06-01 13:07 - 00000000 ____D C:\Program Files\WinRAR
2013-12-26 01:06 - 2013-07-13 14:35 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-25 23:09 - 2013-12-25 20:29 - 00000000 ____D C:\Users\Mesut\Documents\GTA San Andreas User Files
2013-12-25 23:04 - 2013-12-25 23:04 - 03684312 _____ C:\Users\Mesut\Desktop\rgnlauncher0.9.6.exe
2013-12-25 20:29 - 2013-12-25 20:29 - 00002124 _____ C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
2013-12-25 20:28 - 2013-06-06 09:46 - 00000000 ____D C:\Program Files (x86)\MTA San Andreas 1.3
2013-12-25 20:27 - 2013-12-25 20:27 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2013-12-25 19:47 - 2013-06-01 13:08 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-25 18:54 - 2013-06-01 14:24 - 00000000 ____D C:\ProgramData\Skype
2013-12-25 18:53 - 2013-06-01 14:24 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-25 17:45 - 2013-12-25 17:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-24 14:44 - 2013-12-24 14:44 - 00000000 ____D C:\Riot Games
2013-12-24 14:44 - 2013-06-01 14:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-24 12:16 - 2013-12-24 12:16 - 00000000 ____D C:\Windows\ERUNT
2013-12-24 12:08 - 2013-06-01 16:49 - 00000989 _____ C:\Users\Mesut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-12-24 12:08 - 2013-06-01 14:19 - 00001282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-24 11:55 - 2013-07-07 14:19 - 00000000 ____D C:\Users\Mesut\Desktop\Neuer Ordner
2013-12-24 10:49 - 2013-08-01 18:46 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Notepad++
2013-12-24 10:49 - 2013-08-01 18:46 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-12-23 14:51 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-23 14:50 - 2013-12-23 14:25 - 00000000 ____D C:\Windows\erdnt
2013-12-23 14:43 - 2009-07-14 03:34 - 57409536 _____ C:\Windows\system32\config\software.bak
2013-12-23 14:43 - 2009-07-14 03:34 - 15466496 _____ C:\Windows\system32\config\system.bak
2013-12-23 14:43 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-23 14:43 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-12-23 14:43 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2013-12-22 10:40 - 2013-07-23 11:46 - 00000000 ____D C:\Users\Mesut\Desktop\samet
2013-12-22 10:27 - 2013-12-22 10:27 - 00000000 _____ C:\Windows\setuperr.log
2013-12-21 20:59 - 2013-12-21 20:59 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\Malwarebytes
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-21 20:37 - 2013-08-31 15:26 - 00000000 ____D C:\Windows\pss
2013-12-21 20:24 - 2013-12-18 16:39 - 00000000 ____D C:\Users\Mesut\Desktop\OpenOffice 4.0.1 (de) Installation Files
2013-12-21 20:24 - 2013-07-03 21:24 - 00000000 ____D C:\Users\Public\Documents\WinDS PRO
2013-12-20 22:58 - 2013-10-28 13:58 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\.minecraft
2013-12-20 22:26 - 2013-08-31 18:06 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\.technic
2013-12-20 22:22 - 2013-08-31 18:05 - 02303908 _____ () C:\Users\Mesut\Desktop\TechnicLauncher.exe
2013-12-20 16:13 - 2013-06-01 14:17 - 00064024 _____ C:\Users\Mesut\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-19 15:02 - 2009-07-14 05:45 - 00294712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 16:46 - 2013-12-18 16:46 - 00000000 ____D C:\Users\Mesut\AppData\Roaming\OpenOffice
2013-12-18 16:45 - 2013-12-18 16:45 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-12-18 16:45 - 2013-12-18 16:44 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-13 20:58 - 2013-06-01 14:18 - 00000000 ____D C:\Program Files (x86)\Google
Some content of TEMP:
====================
C:\Users\Mesut\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 17:06
==================== End Of Log ============================
--- --- --- Geändert von Zerozo (10.01.2014 um 15:59 Uhr) |
|
11.01.2014, 13:33
| #40 |
| /// the machine /// TB-Ausbilder | Win 7 : Firefox öffnet unsichtbare tabsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.01.2014, 23:30
| #41 |
| | Win 7 : Firefox öffnet unsichtbare tabs sry das ich so spät zurück schreibe habe schul stres wie mache ich die firewall aus  ? kenne mich net so aus^^ |
|
16.01.2014, 17:16
| #42 |
| /// the machine /// TB-Ausbilder | Win 7 : Firefox öffnet unsichtbare tabs Firewall kann an bleiben
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
