Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   GVU Windows Trojaner (100 Euro Ukash) (https://www.trojaner-board.de/120022-gvu-windows-trojaner-100-euro-ukash.html)

Malte_1234 21.07.2012 12:41
GVU Windows Trojaner (100 Euro Ukash)
 
Hey, ich habe mir gerade wie auch immer diesen Virus eingefangen, der einen dazu auffordert 100 € Ukash an den "Staat" zu zahlen. Aktuell führe ich einen Scan mit Malwarebytes Anti Malware aus. Ist nach dem Löschen der gefundenen Objekte alles wieder in Ordnung oder muss ich ähnlich wie beim Verschlüsselungs-Trojaner vorgehen?

MfG Malte

Scan:
Malwarebytes Anti Malware:
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.21.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: MALTE1-PC [Administrator]

21.07.2012 13:27:09
mbam-log-2012-07-21 (13-27-09).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 662110
Laufzeit: 42 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Users\Malte\AppData\Local\Temp\rool0_pk.exe (Spyware.Zbot.DG) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 6
C:\Users\Malte\AppData\Local\Temp\rool0_pk.exe (Spyware.Zbot.DG) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Malte\Downloads\arma_2_free_id622857id.exe (PUP.Adware.MediaGet) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Malte\Downloads\No23Player.exe (Malware.Packer.as) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Malte\Downloads\SoftonicDownloader_fuer_powermenu.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\mac\NLi3.P.v3.0.0.11\NetLimiter.3.Pro.v3.0.0.11\MPT\netlimiter.pro.MPT-patch.exe (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL folgt

Code:
OTL logfile created on: 21.07.2012 14:56:12 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,93 Gb Available Physical Memory | 74,31% Memory free
15,95 Gb Paging File | 13,49 Gb Available in Paging File | 84,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,43 Gb Total Space | 15,05 Gb Free Space | 20,49% Space Free | Partition Type: NTFS
Drive D: | 415,00 Gb Total Space | 109,75 Gb Free Space | 26,45% Space Free | Partition Type: NTFS
Drive E: | 283,64 Gb Total Space | 114,00 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
 
Computer Name: MALTE1-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Administrator\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Users\Administrator\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - D:\lolplayer\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - D:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - D:\xampp\mysql\bin\mysqld.exe ()
PRC - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - D:\MFC\bratimer.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi)
PRC - C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe ()
PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\LOLReplay\LOLUtils.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV:64bit: - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (bwmservice) -- C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HiPatchService) -- D:\Smite\HiPatchService.exe (Hi-Rez Studios)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\lolplayer\vmware-authd.exe (VMware, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (Apache2.2) -- D:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (mysql) -- D:\xampp\mysql\bin\mysqld.exe ()
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (FileZilla Server) -- D:\xampp\FileZillaFTP\FileZillaServer.exe (FileZilla Project)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (watchmi) -- C:\Program Files (x86)\watchmi\TvdService.exe ()
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (BRA_Scheduler) -- D:\MFC\bratimer.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer USA Ltd)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) Intel(R) Centrino(R) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) Intel(R) Centrino(R) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                          )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (spfdrv) -- C:\Windows\SysNative\drivers\spfdrv.sys (SoftPerfect Research)
DRV:64bit: - (copperhd) -- C:\Windows\SysNative\drivers\copperhd.sys (Razer (Asia-Pacific) Pte Ltd)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
IE - HKCU\..\SearchScopes,DefaultScope = {DD334F60-0E50-47BD-A0F2-C14032340056}
IE - HKCU\..\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 22:13:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.29 07:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.07.21 13:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2012.04.25 07:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.26 22:48:00 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\quickstores@quickstores.de
[2012.07.18 22:13:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.25 07:04:41 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.25 07:04:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.25 07:04:41 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.25 07:04:41 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.25 07:04:41 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.25 07:04:41 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe (Micro-Star Int'l Co., Ltd.)
O4 - HKLM..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574} Reg Error: Key error. (VMware Remote Console Plug-in 2.5.0.00000)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B54B1121-A89D-4EB0-82EE-04DD861E9F51}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C33D06A3-0973-4B56-AD50-8308F8AB0DCC}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4F27DDE-10CE-46C4-8FF9-0024FE0B754B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.21 14:07:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Skype
[2012.07.21 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2012.07.21 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.21 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.21 13:25:27 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.21 13:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.21 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Macromedia
[2012.07.21 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2012.07.21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2012.07.21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla
[2012.07.21 13:11:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Razer
[2012.07.19 19:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.19 19:19:59 | 001,918,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreset
[2012.07.18 19:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.07.15 11:12:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\LOLReplay
[2012.07.12 00:32:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.12 00:32:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.12 00:32:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.12 00:32:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.12 00:32:11 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.12 00:32:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.12 00:32:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.12 00:32:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.12 00:32:10 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.12 00:32:10 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.12 00:32:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.12 00:32:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.12 00:32:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.11 21:53:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 21:53:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 21:48:23 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 21:44:20 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 21:44:20 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 13:34:58 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.08 19:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2012.07.08 19:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012.07.08 18:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[2012.07.08 18:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2012.07.04 20:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.04 20:20:29 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.04 20:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.07.04 20:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.07.04 17:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.07.04 17:36:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.07.03 19:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012.07.03 19:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012.07.02 19:58:26 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2012.07.02 19:58:26 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2012.07.02 19:58:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2012.07.02 19:58:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2012.07.02 19:58:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2012.07.02 19:58:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2012.07.02 19:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012.07.02 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tera Term Pro
[2012.06.29 19:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSebJ
[2012.06.29 19:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSebJ
[2012.06.29 17:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
[2012.06.29 17:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinHTTrack
[2012.06.29 17:13:03 | 000,000,000 | ---D | C] -- C:\No23Recorder
[2012.06.28 20:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWFPlayer
[2012.06.28 20:00:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SWFPlayer
[2012.06.28 18:52:28 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.28 10:26:06 | 000,143,360 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysWow64\rztouchdll.dll
[2012.06.28 08:36:06 | 000,437,248 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysWow64\rzdevicedll.dll
[2012.06.23 16:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak
[2012.06.23 16:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyTweak
[2012.06.21 19:45:59 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.21 19:45:59 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.21 19:45:59 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.21 19:45:57 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.21 19:45:57 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.21 19:45:57 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.21 19:45:56 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.21 19:45:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.21 14:53:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.21 14:53:13 | 2129,788,927 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.21 14:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.21 14:07:05 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.21 13:27:15 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad
[2012.07.21 13:25:28 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.21 13:14:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.21 13:14:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.21 13:11:30 | 001,623,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.21 13:11:30 | 000,700,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.21 13:11:30 | 000,655,534 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.21 13:11:30 | 000,149,788 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.21 13:11:30 | 000,122,734 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.19 19:33:27 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.15 11:13:45 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.07.15 11:13:45 | 000,001,938 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.07.12 14:12:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.12 14:12:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.12 07:23:49 | 000,335,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.08 18:36:08 | 000,000,681 | ---- | M] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk
[2012.07.04 20:20:49 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.07.04 20:20:29 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.04 17:37:02 | 000,000,645 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.29 19:47:00 | 000,001,044 | ---- | M] () -- C:\Users\Administrator\Desktop\OpenSebJ.lnk
[2012.06.28 10:26:06 | 000,143,360 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysWow64\rztouchdll.dll
[2012.06.28 08:36:06 | 000,437,248 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysWow64\rzdevicedll.dll
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.21 13:25:28 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.21 03:01:58 | 004,503,728 | ---- | C] () -- C:\ProgramData\kp_0loor.pad
[2012.07.18 19:36:12 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.07.08 18:36:08 | 000,000,681 | ---- | C] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk
[2012.07.04 20:20:49 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.07.04 17:37:02 | 000,000,645 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.07.02 19:46:55 | 000,042,496 | ---- | C] () -- C:\Windows\ttuninst.exe
[2012.06.29 19:47:00 | 000,001,044 | ---- | C] () -- C:\Users\Administrator\Desktop\OpenSebJ.lnk
[2012.06.28 18:52:28 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.15 22:03:35 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe
[2012.04.05 08:53:12 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.03.18 02:05:01 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.02.27 01:08:25 | 000,105,620 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.01.15 22:16:30 | 001,644,062 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

< End of report >

t'john 21.07.2012 22:16
:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
PRC - D:\MFC\bratimer.exe ()
PRC - C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe ()
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {DD334F60-0E50-47BD-A0F2-C14032340056}
IE - HKCU\..\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O16 - DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574} Reg Error: Key error. (VMware Remote Console Plug-in 2.5.0.00000)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[2012.07.21 14:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.21 13:27:15 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad
[2012.07.21 03:01:58 | 004,503,728 | ---- | C] () -- C:\ProgramData\kp_0loor.pad
[2012.06.28 18:52:28 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Malte_1234 21.07.2012 22:30
Erstmal Vielen Dank!
Hier ist die log:
Code:
All processes killed
========== OTL ==========
Process bratimer.exe killed successfully!
Process bwmsvc.exe killed successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD334F60-0E50-47BD-A0F2-C14032340056}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Starting removal of ActiveX control {B94C2238-346E-4C5E-9B36-8CC627F35574}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Windows\SysWow64\sho53CC.tmp deleted successfully.
C:\Windows\SysWow64\sho6E4A.tmp deleted successfully.
C:\Windows\SysWow64\shoF8B0.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\ProgramData\kp_0loor.pad moved successfully.
File C:\ProgramData\kp_0loor.pad not found.
File C:\Windows\tasks\Adobe Flash Player Updater.job not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Administrator\Downloads\cmd.bat deleted successfully.
C:\Users\Administrator\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 107351390 bytes
->Temporary Internet Files folder emptied: 3329492 bytes
->FireFox cache emptied: 71569159 bytes
->Flash cache emptied: 57193 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Malte
->Temp folder emptied: 493676968 bytes
->Temporary Internet Files folder emptied: 166134225 bytes
->Java cache emptied: 22251515 bytes
->FireFox cache emptied: 239909634 bytes
->Google Chrome cache emptied: 12626830 bytes
->Flash cache emptied: 85607 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 304497152 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 1783737704 bytes
 
Total Files Cleaned = 3.057,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Malte
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07212012_232611

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Malte\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2964.log moved successfully.

PendingFileRenameOperations files...
[2010.10.05 21:27:52 | 000,233,656 | ---- | M] (Kaspersky Lab ZAO) C:\Windows\SysNative\klogon.dll : Unable to obtain MD5
File C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Malte\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
[2012.07.21 23:28:23 | 000,000,000 | ---- | M] () C:\Windows\temp\vmware-SYSTEM\vmauthd.log : Unable to obtain MD5
File C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2964.log not found!

Registry entries deleted on Reboot...
Ist damit alles sauber wiederhergestellt?

MfG Malte

t'john 21.07.2012 22:33
Sehr gut! :daumenhoc

Wie laeuft der Rechner?


1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Malte_1234 22.07.2012 12:26
sooo der mbam scan sieht schon mal gut aus:
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.21.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Malte :: MALTE1-PC [administrator]

22.07.2012 12:39:43
mbam-log-2012-07-22 (12-39-43).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 629741
Time elapsed: 36 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
AdwCleaner:
Code:
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 13:26:05
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Malte - MALTE1-PC
# Running from : C:\Users\Malte\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Malte\AppData\Local\Linkury
Folder Found : C:\Users\Malte\AppData\Local\Smartbar
Folder Found : C:\Users\Malte\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Malte\AppData\Roaming\QuickStoresToolbar
Folder Found : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\ConduitCommon
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
File Found : C:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Found : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
[x64] Key Found : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\prefs.js

Found : user_pref("CT2682599..clientLogIsEnabled", false);
Found : user_pref("CT2682599..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2682599..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2682599.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2682599.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2682599.BrowserCompStateIsOpen_1000515", true);
Found : user_pref("CT2682599.CT2682599", "CT2682599");
Found : user_pref("CT2682599.CurrentServerDate", "22-7-2012");
Found : user_pref("CT2682599.DSInstall", false);
Found : user_pref("CT2682599.DialogsAlignMode", "LTR");
Found : user_pref("CT2682599.DialogsGetterLastCheckTime", "Thu Jul 19 2012 14:53:15 GMT+0200");
Found : user_pref("CT2682599.DownloadReferralCookieData", "");
Found : user_pref("CT2682599.EnableClickToSearchBox", false);
Found : user_pref("CT2682599.EnableSearchHistory", false);
Found : user_pref("CT2682599.EnableSearchSuggest", false);
Found : user_pref("CT2682599.FirstServerDate", "24-4-2012");
Found : user_pref("CT2682599.FirstTime", true);
Found : user_pref("CT2682599.FirstTimeFF3", true);
Found : user_pref("CT2682599.FixPageNotFoundErrors", false);
Found : user_pref("CT2682599.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2682599.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2682599.HPInstall", false);
Found : user_pref("CT2682599.HasUserGlobalKeys", true);
Found : user_pref("CT2682599.HomePageProtectorEnabled", false);
Found : user_pref("CT2682599.HomepageBeforeUnload", "hxxp://www.google.de/");
Found : user_pref("CT2682599.Initialize", true);
Found : user_pref("CT2682599.InitializeCommonPrefs", true);
Found : user_pref("CT2682599.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2682599.InstallationType", "Unknown");
Found : user_pref("CT2682599.InstalledDate", "Tue Apr 24 2012 11:18:12 GMT+0200");
Found : user_pref("CT2682599.IsAlertDBUpdated", true);
Found : user_pref("CT2682599.IsGrouping", false);
Found : user_pref("CT2682599.IsInitSetupIni", true);
Found : user_pref("CT2682599.IsMulticommunity", false);
Found : user_pref("CT2682599.IsOpenThankYouPage", true);
Found : user_pref("CT2682599.IsOpenUninstallPage", true);
Found : user_pref("CT2682599.IsProtectorsInit", true);
Found : user_pref("CT2682599.LanguagePackLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Found : user_pref("CT2682599.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2682599.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2682599.LastLogin_3.12.0.8", "Wed Apr 25 2012 21:50:48 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.12.2.3", "Wed May 30 2012 15:43:18 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.13.0.6", "Sun Jul 15 2012 23:12:58 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.14.1.0", "Sun Jul 22 2012 12:07:06 GMT+0200");
Found : user_pref("CT2682599.LatestVersion", "3.13.0.6");
Found : user_pref("CT2682599.Locale", "de");
Found : user_pref("CT2682599.MCDetectTooltipHeight", "83");
Found : user_pref("CT2682599.MCDetectTooltipShow", false);
Found : user_pref("CT2682599.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2682599.MCDetectTooltipWidth", "295");
Found : user_pref("CT2682599.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2682599.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT2682599.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2682599.SearchBackToDefaultEngine", false);
Found : user_pref("CT2682599.SearchCaption", "InnoGames Customized Web Search");
Found : user_pref("CT2682599.SearchEngineBeforeUnload", "Linkury Smartbar Search");
Found : user_pref("CT2682599.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2682599.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Found : user_pref("CT2682599.SearchInNewTabEnabled", true);
Found : user_pref("CT2682599.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2682599.SearchInNewTabLastCheckTime", "Sat Jul 21 2012 21:57:37 GMT+0200");
Found : user_pref("CT2682599.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2682599.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2682599.SearchProtectorEnabled", false);
Found : user_pref("CT2682599.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2682599.SendProtectorDataViaLogin", true);
Found : user_pref("CT2682599.ServiceMapLastCheckTime", "Sat Jul 21 2012 21:57:38 GMT+0200");
Found : user_pref("CT2682599.SettingsLastCheckTime", "Sun Jul 22 2012 12:07:06 GMT+0200");
Found : user_pref("CT2682599.SettingsLastUpdate", "1340789948");
Found : user_pref("CT2682599.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2682599&SearchSource=13");
Found : user_pref("CT2682599.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2682599.ThirdPartyComponentsLastCheck", "Tue Apr 24 2012 11:18:11 GMT+0200");
Found : user_pref("CT2682599.ThirdPartyComponentsLastUpdate", "1255344657");
Found : user_pref("CT2682599.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2682599.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2682599");
Found : user_pref("CT2682599.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2682599.UserID", "UN53488344374307291");
Found : user_pref("CT2682599.ValidationData_Toolbar", 2);
Found : user_pref("CT2682599.alertChannelId", "1075026");
Found : user_pref("CT2682599.approveUntrustedApps", false);
Found : user_pref("CT2682599.backendstorage.activetoolbar", "737461656D6D65");
Found : user_pref("CT2682599.backendstorage.facebook_mode", "32");
Found : user_pref("CT2682599.backendstorage.facebook_user_locale", "6465");
Found : user_pref("CT2682599.backendstorage.staemme_token_de", "62373430653565316234396531383435396433376236[...]
Found : user_pref("CT2682599.backendstorage.staemme_username_de", "62574A6864584E69");
Found : user_pref("CT2682599.backendstorage.staemme_village_de81", "3438313735");
Found : user_pref("CT2682599.backendstorage.toolbar_market", "6465");
Found : user_pref("CT2682599.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E[...]
Found : user_pref("CT2682599.components.1000515", false);
Found : user_pref("CT2682599.components.129258349557489521", false);
Found : user_pref("CT2682599.components.129259153115384710", false);
Found : user_pref("CT2682599.components.129318728006556308", false);
Found : user_pref("CT2682599.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2682599.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 13:21:36 GMT+0200");
Found : user_pref("CT2682599.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2682599.initDone", true);
Found : user_pref("CT2682599.isAppTrackingManagerOn", true);
Found : user_pref("CT2682599.myStuffEnabled", true);
Found : user_pref("CT2682599.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2682599.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2682599.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2682599.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2682599.navigateToUrlOnSearch", false);
Found : user_pref("CT2682599.oldAppsList", "129219291115718928,129219291115718929,111,129318728006556308,129[...]
Found : user_pref("CT2682599.revertSettingsEnabled", true);
Found : user_pref("CT2682599.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2682599.searchProtectorEnableByLogin", true);
Found : user_pref("CT2682599.testingCtid", "");
Found : user_pref("CT2682599.toolbarAppMetaDataLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Found : user_pref("CT2682599.toolbarContextMenuLastCheckTime", "Tue Apr 24 2012 11:18:12 GMT+0200");
Found : user_pref("CT2682599.usageEnabled", false);
Found : user_pref("CT2682599.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2682599/CT2682599[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1075026/1070730/DE", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2682599", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2682599",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"e3d[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Malte\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://cloud-search.linkury.com/results.[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2682599");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2682599");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2682599");
Found : user_pref("CommunityToolbar.globalUserId", "38ba07f8-4643-4f11-8a18-ba9df0592b6e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 01 2012 12:38:3[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Apr 24 2012 11:18:21 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon May 07 2012 18:50:53 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "31c9e842-d47a-4f71-9f18-63c5ffaa37c7");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Linkury Smartbar Search");
Found : user_pref("browser.search.selectedEngine", "Linkury Smartbar Search");
Found : user_pref("quickstores.toolbar.affid", "2017");
Found : user_pref("quickstores.toolbar.guid", "{F555F659-C302-A4C1-AAFD-B73DB97DABEE}");

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3o05b0wu.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Malte\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [18657 octets] - [22/07/2012 13:26:05]

########## EOF - C:\AdwCleaner[R1].txt - [18786 octets] ##########

Allerdings werde ich jetzt bei fast jedem Programm, welches ich öffne von der Benutzerkontensteuerung bombadiert wurde die mit dem OTL Skript ganz hoch gesetzt?

t'john 22.07.2012 18:17
Sehr gut! :daumenhoc

Zitat:
Benutzerkontensteuerung bombadiert wurde die mit dem OTL Skript ganz hoch gesetzt?
ja.

Kann man runtersetzen, sollte man aber nicht ausschalten!




  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

Malte_1234 22.07.2012 20:36
so der adwcleaner:
Code:
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 20:21:07
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Malte - MALTE1-PC
# Running from : C:\Users\Malte\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Malte\AppData\Local\Linkury
Folder Deleted : C:\Users\Malte\AppData\Local\Smartbar
Folder Deleted : C:\Users\Malte\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Malte\AppData\Roaming\QuickStoresToolbar
Folder Deleted : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\ConduitCommon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
File Deleted : C:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\prefs.js

C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\user.js ... Deleted !

Deleted : user_pref("CT2682599..clientLogIsEnabled", false);
Deleted : user_pref("CT2682599..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2682599..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2682599.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2682599.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2682599.BrowserCompStateIsOpen_1000515", true);
Deleted : user_pref("CT2682599.CT2682599", "CT2682599");
Deleted : user_pref("CT2682599.CurrentServerDate", "22-7-2012");
Deleted : user_pref("CT2682599.DSInstall", false);
Deleted : user_pref("CT2682599.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2682599.DialogsGetterLastCheckTime", "Sun Jul 22 2012 14:53:15 GMT+0200");
Deleted : user_pref("CT2682599.DownloadReferralCookieData", "");
Deleted : user_pref("CT2682599.EnableClickToSearchBox", false);
Deleted : user_pref("CT2682599.EnableSearchHistory", false);
Deleted : user_pref("CT2682599.EnableSearchSuggest", false);
Deleted : user_pref("CT2682599.FirstServerDate", "24-4-2012");
Deleted : user_pref("CT2682599.FirstTime", true);
Deleted : user_pref("CT2682599.FirstTimeFF3", true);
Deleted : user_pref("CT2682599.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2682599.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2682599.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2682599.HPInstall", false);
Deleted : user_pref("CT2682599.HasUserGlobalKeys", true);
Deleted : user_pref("CT2682599.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2682599.HomepageBeforeUnload", "hxxp://www.google.de/");
Deleted : user_pref("CT2682599.Initialize", true);
Deleted : user_pref("CT2682599.InitializeCommonPrefs", true);
Deleted : user_pref("CT2682599.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2682599.InstallationType", "Unknown");
Deleted : user_pref("CT2682599.InstalledDate", "Tue Apr 24 2012 11:18:12 GMT+0200");
Deleted : user_pref("CT2682599.IsAlertDBUpdated", true);
Deleted : user_pref("CT2682599.IsGrouping", false);
Deleted : user_pref("CT2682599.IsInitSetupIni", true);
Deleted : user_pref("CT2682599.IsMulticommunity", false);
Deleted : user_pref("CT2682599.IsOpenThankYouPage", true);
Deleted : user_pref("CT2682599.IsOpenUninstallPage", true);
Deleted : user_pref("CT2682599.IsProtectorsInit", true);
Deleted : user_pref("CT2682599.LanguagePackLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Deleted : user_pref("CT2682599.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2682599.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2682599.LastLogin_3.12.0.8", "Wed Apr 25 2012 21:50:48 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.12.2.3", "Wed May 30 2012 15:43:18 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.13.0.6", "Sun Jul 15 2012 23:12:58 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.14.1.0", "Sun Jul 22 2012 20:07:07 GMT+0200");
Deleted : user_pref("CT2682599.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2682599.Locale", "de");
Deleted : user_pref("CT2682599.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2682599.MCDetectTooltipShow", false);
Deleted : user_pref("CT2682599.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2682599.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2682599.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2682599.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT2682599.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2682599.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2682599.SearchCaption", "InnoGames Customized Web Search");
Deleted : user_pref("CT2682599.SearchEngineBeforeUnload", "Linkury Smartbar Search");
Deleted : user_pref("CT2682599.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2682599.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Deleted : user_pref("CT2682599.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2682599.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2682599.SearchInNewTabLastCheckTime", "Sat Jul 21 2012 21:57:37 GMT+0200");
Deleted : user_pref("CT2682599.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2682599.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2682599.SearchProtectorEnabled", false);
Deleted : user_pref("CT2682599.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2682599.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2682599.ServiceMapLastCheckTime", "Sat Jul 21 2012 21:57:38 GMT+0200");
Deleted : user_pref("CT2682599.SettingsLastCheckTime", "Sun Jul 22 2012 20:00:55 GMT+0200");
Deleted : user_pref("CT2682599.SettingsLastUpdate", "1340789948");
Deleted : user_pref("CT2682599.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2682599&SearchSource=13");
Deleted : user_pref("CT2682599.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2682599.ThirdPartyComponentsLastCheck", "Tue Apr 24 2012 11:18:11 GMT+0200");
Deleted : user_pref("CT2682599.ThirdPartyComponentsLastUpdate", "1255344657");
Deleted : user_pref("CT2682599.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2682599.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2682599");
Deleted : user_pref("CT2682599.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2682599.UserID", "UN53488344374307291");
Deleted : user_pref("CT2682599.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2682599.alertChannelId", "1075026");
Deleted : user_pref("CT2682599.approveUntrustedApps", false);
Deleted : user_pref("CT2682599.backendstorage.activetoolbar", "737461656D6D65");
Deleted : user_pref("CT2682599.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2682599.backendstorage.facebook_user_locale", "6465");
Deleted : user_pref("CT2682599.backendstorage.staemme_token_de", "62373430653565316234396531383435396433376236[...]
Deleted : user_pref("CT2682599.backendstorage.staemme_username_de", "62574A6864584E69");
Deleted : user_pref("CT2682599.backendstorage.staemme_village_de81", "3438313735");
Deleted : user_pref("CT2682599.backendstorage.toolbar_market", "6465");
Deleted : user_pref("CT2682599.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E[...]
Deleted : user_pref("CT2682599.components.1000515", false);
Deleted : user_pref("CT2682599.components.129258349557489521", false);
Deleted : user_pref("CT2682599.components.129259153115384710", false);
Deleted : user_pref("CT2682599.components.129318728006556308", false);
Deleted : user_pref("CT2682599.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2682599.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 13:21:36 GMT+0200");
Deleted : user_pref("CT2682599.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2682599.initDone", true);
Deleted : user_pref("CT2682599.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2682599.myStuffEnabled", true);
Deleted : user_pref("CT2682599.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2682599.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2682599.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2682599.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2682599.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2682599.oldAppsList", "129219291115718928,129219291115718929,111,129318728006556308,129[...]
Deleted : user_pref("CT2682599.revertSettingsEnabled", true);
Deleted : user_pref("CT2682599.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2682599.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2682599.testingCtid", "");
Deleted : user_pref("CT2682599.toolbarAppMetaDataLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Deleted : user_pref("CT2682599.toolbarContextMenuLastCheckTime", "Tue Apr 24 2012 11:18:12 GMT+0200");
Deleted : user_pref("CT2682599.usageEnabled", false);
Deleted : user_pref("CT2682599.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2682599/CT2682599[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1075026/1070730/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2682599", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2682599",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"e3d[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Malte\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://cloud-search.linkury.com/results.[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2682599");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2682599");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2682599");
Deleted : user_pref("CommunityToolbar.globalUserId", "38ba07f8-4643-4f11-8a18-ba9df0592b6e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 01 2012 12:38:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Apr 24 2012 11:18:21 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon May 07 2012 18:50:53 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "31c9e842-d47a-4f71-9f18-63c5ffaa37c7");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Linkury Smartbar Search");
Deleted : user_pref("browser.search.selectedEngine", "Linkury Smartbar Search");
Deleted : user_pref("quickstores.toolbar.affid", "2017");
Deleted : user_pref("quickstores.toolbar.guid", "{F555F659-C302-A4C1-AAFD-B73DB97DABEE}");

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3o05b0wu.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Malte\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [18752 octets] - [22/07/2012 13:26:05]
AdwCleaner[S1].txt - [18344 octets] - [22/07/2012 20:21:07]

########## EOF - C:\AdwCleaner[S1].txt - [18473 octets] ##########
Emisoft Anti-Malware:
Code:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 22.07.2012 20:56:30

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, Q:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:        22.07.2012 20:56:43

C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe        gefunden: Trojan.Dloader!E1
Key: hkey_classes_root\.vnc        gefunden: Trace.Registry.vnc.commoncomponents!E1
Key: hkey_classes_root\vnc.connectioninfo        gefunden: Trace.Registry.vnc.commoncomponents!E1
C:\Users\Malte\Downloads\Bildbearbeitung.zip -> Bildbearbeitung.exe        gefunden: Backdoor.Win32.Layrui!E2
C:\Users\Malte\Downloads\ShowCDKey(1).zip -> showcdkey.exe        gefunden: Application.PWCrack!E2
C:\Users\Malte\Downloads\ShowCDKey.zip -> showcdkey.exe        gefunden: Application.PWCrack!E2
C:\Users\Malte\Downloads\ShowCDKey\showcdkey.exe        gefunden: Trojan-Spy.Win32.Delf.gr!E1
C:\Users\Malte\AppData\Roaming\.minecraft - Kopie (2)\Minecraft Custom Nickname Loader.exe        gefunden: Trojan.SuspectCRC!E2
C:\Users\Malte\AppData\Roaming\.minecraft\MCLauncher.exe        gefunden: Trojan-Dropper.Win32.Mudrop!E2
C:\Users\Malte\AppData\Roaming\.minecraft\Minecraft Custom Nickname Loader.exe        gefunden: Trojan.SuspectCRC!E2
C:\Program Files (x86)\RealVNC\VNC4\vncconfig.exe        gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe        gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\RealVNC\VNC4\vncviewer.exe        gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\Hitfaker 0.2b\HitFaker.exe        gefunden: Riskware.Hacktool.HitFaker!E2
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe        gefunden: Riskware.Win32.HackTool.CheatEngine.AB!E1
D:\bildbearbeitung autoit\bildbearbeitungsprog\Bildbearbeitung.exe        gefunden: Backdoor.Win32.Layrui!E2

Gescannt        889577
Gefunden        16

Scan Ende:        22.07.2012 21:30:51
Scan Zeit:        0:34:08
Alle Programme waren bereits länger installiert, die dürften alle in Ordnung sein.

Ich nehme mal an, dass damit alles in Ordnung ist. Vielen Dank für die Hilfe bei dem Virus!! Schon toll dieses Forum :)

MfG Malte

t'john 22.07.2012 20:44
ja, da ist nichts gefaehrliches bei.

Deinstalliere:
Emsisoft Anti-Malware


ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Malte_1234 23.07.2012 11:44
Hier die log vom Online Scanner:

Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1990418d03b74b4ba2843fa4c1d9a148
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-23 09:24:10
# local_time=2012-07-23 11:24:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 16484735 16484735 0 0
# compatibility_mode=5893 16776574 100 94 16187632 94659340 0 0
# compatibility_mode=8192 67108863 100 0 34765 34765 0 0
# scanned=431733
# found=0
# cleaned=0
# scan_time=5960

Auch hier scheint alles in Ordnung zu sein :)

t'john 23.07.2012 17:45
Malware mit Combofix beseitigen

Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:

  • Windows XP (nur 32-bit)
  • Windows Vista (32-bit/64-bit)
  • Windows 7 (32-bit/64-bit)



Vorbereitung und wichtige Hinweise

  • Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
  • Liste der zu deaktivierenden Programme.
    Bei Unklarheiten bitte fragen.




  • ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
  • Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
  • Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
  • Teile uns das mit und warte auf unsere Anweisungen.




  • Starte die Combofix.exe mit Rechtsklick => Als Administrator ausführen und folge den Anweisungen.
  • Während des Laufs von Combofix nichts anderes am Computer machen!
  • Akzeptiere die Bedingungen (Disclaimer) mit "Ja".



  • Sollte Combofix eine aktuellere Version anbieten, Downlaod erlauben.
  • Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.
  • Es erscheint eine blaue Eingabeaufforderung, Combofix wird für den Suchlauf vorbereitet.
  • Bitte nicht in dieses Combofix-Fenster klicken.
  • Das könnte Dein System einfrieren oder hängen bleiben lassen.
  • Es wird ein Backup Deiner Registry erstellt.
  • Nun werden die einzelnen Stufen des Programms abgearbeitet, das kann eine Weile dauern.



  • Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
  • Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
  • Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.



  • Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
  • Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.



Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!

Malte_1234 24.07.2012 10:13
Combofix.txt:
Code:
ComboFix 12-07-25.02 - Malte 24.07.2012  10:33:22.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8170.6100 [GMT 2:00]
ausgeführt von:: c:\users\Malte\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Malte\AppData\Roaming\mIRC\logs\status.log
c:\users\Public\mbam-setup-1.62.0.1300.exe
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-24 bis 2012-07-24  ))))))))))))))))))))))))))))))
.
.
2012-07-24 08:40 . 2012-07-24 08:40        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2012-07-24 08:40 . 2012-07-24 08:40        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-24 08:40 . 2012-07-24 08:40        --------        d-----w-        c:\users\Administrator\AppData\Local\temp
2012-07-22 18:35 . 2012-07-22 22:04        --------        d-----w-        c:\program files (x86)\Emsisoft Anti-Malware
2012-07-22 14:43 . 2012-07-22 14:43        --------        d-----w-        c:\users\Malte\AppData\Local\ArmA 2 Free
2012-07-22 10:18 . 2012-07-22 10:18        --------        d-----w-        c:\users\Malte\AppData\Roaming\Malwarebytes
2012-07-21 21:26 . 2012-07-21 21:26        --------        d-----w-        C:\_OTL
2012-07-21 12:07 . 2012-07-21 12:52        --------        d-----w-        c:\users\Administrator\AppData\Roaming\Skype
2012-07-21 11:25 . 2012-07-21 11:25        --------        d-----w-        c:\users\Administrator\AppData\Roaming\Malwarebytes
2012-07-21 11:25 . 2012-07-21 11:25        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-21 11:25 . 2012-07-21 11:25        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-21 11:25 . 2012-07-03 11:46        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-07-21 11:12 . 2012-07-21 11:12        --------        d-----w-        c:\users\Administrator\AppData\Local\Macromedia
2012-07-21 11:11 . 2012-07-21 11:11        --------        d-----w-        c:\users\Administrator\AppData\Local\Mozilla
2012-07-21 11:11 . 2012-07-21 11:11        --------        d-----w-        c:\users\Administrator\AppData\Local\Razer
2012-07-19 17:19 . 2012-03-30 11:35        1918320        ----a-w-        c:\windows\system32\drivers\tcpipreset
2012-07-19 17:15 . 2012-07-19 17:34        --------        d-----w-        c:\users\Malte\AppData\Local\MediaGet2
2012-07-18 17:56 . 2012-07-18 17:56        --------        d-----w-        c:\users\Malte\.thumbnails
2012-07-18 17:36 . 2012-07-18 17:36        --------        d-----w-        c:\users\Malte\AppData\Local\fontconfig
2012-07-18 17:36 . 2012-07-22 12:59        --------        d-----w-        c:\users\Malte\.gimp-2.8
2012-07-18 17:36 . 2012-07-18 17:36        --------        d-----w-        c:\users\Malte\AppData\Local\gegl-0.2
2012-07-18 17:35 . 2012-07-18 17:36        --------        d-----w-        c:\program files\GIMP 2
2012-07-11 22:34 . 2012-06-12 03:08        3148800        ----a-w-        c:\windows\system32\win32k.sys
2012-07-11 19:54 . 2012-06-09 05:43        14172672        ----a-w-        c:\windows\system32\shell32.dll
2012-07-11 19:53 . 2012-06-06 06:06        2004480        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-11 19:53 . 2012-06-06 06:06        1881600        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-11 19:53 . 2012-06-06 05:05        1390080        ----a-w-        c:\windows\SysWow64\msxml6.dll
2012-07-11 19:53 . 2012-06-06 05:05        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll
2012-07-11 19:53 . 2010-06-26 03:55        2048        ----a-w-        c:\windows\system32\msxml3r.dll
2012-07-11 19:53 . 2010-06-26 03:24        2048        ----a-w-        c:\windows\SysWow64\msxml3r.dll
2012-07-11 19:48 . 2012-06-02 05:50        458704        ----a-w-        c:\windows\system32\drivers\cng.sys
2012-07-11 19:48 . 2012-06-02 05:48        95600        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-07-11 19:48 . 2012-06-02 05:48        151920        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 19:48 . 2012-06-02 05:45        340992        ----a-w-        c:\windows\system32\schannel.dll
2012-07-11 19:48 . 2012-06-02 05:44        307200        ----a-w-        c:\windows\system32\ncrypt.dll
2012-07-11 19:48 . 2012-06-02 04:40        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2012-07-11 19:48 . 2012-06-02 04:40        225280        ----a-w-        c:\windows\SysWow64\schannel.dll
2012-07-11 19:48 . 2012-06-02 04:39        219136        ----a-w-        c:\windows\SysWow64\ncrypt.dll
2012-07-11 19:48 . 2012-06-02 04:34        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2012-07-11 11:34 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe
2012-07-09 13:03 . 2012-07-09 13:03        --------        d-----w-        c:\users\Malte\AppData\Local\Chromium
2012-07-08 17:24 . 2012-07-08 17:24        --------        d-----w-        c:\users\Malte\AppData\Local\Locktime
2012-07-08 17:23 . 2012-07-08 17:28        --------        d-----w-        c:\program files\NetLimiter 3
2012-07-08 17:23 . 2012-07-08 17:23        --------        d-----w-        c:\programdata\Locktime
2012-07-08 16:36 . 2012-07-09 13:02        --------        d-----w-        c:\programdata\Hi-Rez Studios
2012-07-04 18:20 . 2012-07-04 18:20        283200        ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-04 18:20 . 2012-07-04 18:21        --------        d-----w-        c:\users\Malte\AppData\Roaming\DAEMON Tools Lite
2012-07-04 18:20 . 2012-07-04 18:20        --------        d-----w-        c:\program files (x86)\DAEMON Tools Lite
2012-07-04 18:18 . 2012-07-04 18:21        --------        d-----w-        c:\programdata\DAEMON Tools Lite
2012-07-04 15:37 . 2012-07-04 15:37        --------        d-----w-        c:\users\Malte\VirtualBox VMs
2012-07-04 15:37 . 2012-07-08 15:29        --------        d-----w-        c:\users\Malte\.VirtualBox
2012-07-04 15:37 . 2012-07-04 15:37        --------        d-----w-        c:\users\Malte\AppData\Roaming\NVIDIA
2012-07-04 15:37 . 2012-06-05 14:03        224088        ----a-w-        c:\windows\system32\drivers\VBoxDrv.sys
2012-07-04 15:36 . 2012-07-04 15:37        --------        dc----w-        c:\windows\system32\DRVSTORE
2012-07-04 15:36 . 2012-06-05 14:03        130904        ----a-w-        c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-03 17:38 . 2012-07-03 17:38        --------        d-----w-        c:\program files (x86)\SplitMediaLabs
2012-07-03 14:45 . 2012-07-03 14:45        --------        d-----w-        c:\program files (x86)\PowerMenu_151
2012-07-02 17:58 . 2012-07-02 17:58        --------        d-----w-        c:\users\Malte\AppData\Local\Help
2012-07-02 17:58 . 2009-08-04 17:56        296960        ----a-w-        c:\windows\winhlp32.exe
2012-07-02 17:58 . 2009-08-04 17:55        195072        ----a-w-        c:\windows\SysWow64\ftsrch.dll
2012-07-02 17:58 . 2009-08-04 17:55        195072        ----a-w-        c:\windows\system32\ftsrch.dll
2012-07-02 17:58 . 2009-08-04 17:55        9216        ----a-w-        c:\windows\SysWow64\ftlx0411.dll
2012-07-02 17:58 . 2009-08-04 17:55        9216        ----a-w-        c:\windows\system32\ftlx0411.dll
2012-07-02 17:58 . 2009-08-04 17:55        10240        ----a-w-        c:\windows\SysWow64\ftlx041e.dll
2012-07-02 17:58 . 2009-08-04 17:55        10240        ----a-w-        c:\windows\system32\ftlx041e.dll
2012-07-02 17:46 . 1998-03-09 22:00        42496        ----a-w-        c:\windows\ttuninst.exe
2012-07-02 16:27 . 2012-07-02 17:46        --------        d-----w-        c:\program files (x86)\reconnect
2012-06-29 17:47 . 2012-06-29 17:47        --------        d-----w-        c:\program files (x86)\OpenSebJ
2012-06-29 15:36 . 2012-06-29 15:36        --------        d-----w-        c:\program files\WinHTTrack
2012-06-29 15:13 . 2012-06-29 15:13        --------        d-----w-        C:\No23Recorder
2012-06-28 18:00 . 2012-06-28 18:01        --------        d-----w-        c:\program files (x86)\SWFPlayer
2012-06-28 16:53 . 2012-06-28 16:53        --------        d-----w-        c:\users\Malte\AppData\Local\Macromedia
2012-06-28 16:52 . 2012-07-12 12:12        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-28 08:26 . 2012-06-28 08:26        143360        ----a-w-        c:\windows\SysWow64\rztouchdll.dll
2012-06-28 06:36 . 2012-06-28 06:36        437248        ----a-w-        c:\windows\SysWow64\rzdevicedll.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 12:12 . 2011-08-10 19:09        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:32 . 2011-07-18 20:31        59701280        ----a-w-        c:\windows\system32\MRT.exe
2012-06-18 02:09 . 2012-06-18 02:09        97792        ----a-w-        c:\windows\system32\drivers\rzudd.sys
2012-06-18 01:38 . 2012-06-18 01:38        165888        ----a-w-        c:\windows\SysWow64\rzaudiodll.dll
2012-06-05 14:03 . 2012-06-05 14:03        147288        ----a-w-        c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-02 22:19 . 2012-06-21 17:45        38424        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 17:45        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 17:45        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 17:45        44056        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 17:45        701976        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 17:45        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 17:45        99840        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 17:45        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 17:45        36864        ----a-w-        c:\windows\system32\wuapp.exe
2012-05-15 10:48 . 2012-05-28 07:50        8139072        ----a-w-        c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-05-28 07:50        5982528        ----a-w-        c:\windows\SysWow64\nvcuda.dll
2012-05-15 10:48 . 2012-05-28 07:50        2881856        ----a-w-        c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-28 07:50        2681664        ----a-w-        c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-05-28 07:50        25743168        ----a-w-        c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-05-28 07:50        2524992        ----a-w-        c:\windows\SysWow64\nvcuvid.dll
2012-05-15 10:48 . 2012-05-28 07:50        25248064        ----a-w-        c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-05-28 07:50        2445120        ----a-w-        c:\windows\SysWow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-28 07:50        19607872        ----a-w-        c:\windows\SysWow64\nvoglv32.dll
2012-05-15 10:48 . 2012-05-28 07:50        18044224        ----a-w-        c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-05-28 07:50        17551680        ----a-w-        c:\windows\SysWow64\nvcompiler.dll
2012-05-15 10:48 . 2012-05-28 07:50        1738048        ----a-w-        c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2012-05-28 07:50        1468224        ----a-w-        c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2012-05-28 07:50        14298944        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2009-01-01 07:54        2741568        ----a-w-        c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2009-01-01 07:54        2368832        ----a-w-        c:\windows\SysWow64\nvapi.dll
2012-05-15 10:48 . 2009-01-01 07:53        8105280        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2012-05-15 10:48 . 2009-01-01 07:53        68928        ----a-w-        c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2009-01-01 07:53        61248        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2009-01-01 07:53        10194752        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2012-05-15 10:48 . 2009-01-01 07:53        15322432        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2012-05-15 09:29 . 2011-06-13 01:01        889664        ----a-w-        c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-06-13 02:01        63296        ----a-w-        c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-06-13 01:02        118080        ----a-w-        c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-06-13 01:01        2561856        ----a-w-        c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-06-13 01:00        3149632        ----a-w-        c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-06-13 01:01        6151488        ----a-w-        c:\windows\system32\nvcpl.dll
2012-05-04 11:06 . 2012-06-14 07:34        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 07:34        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 07:34        3913072        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 07:34        209920        ----a-w-        c:\windows\system32\profsvc.dll
2012-04-30 19:05 . 2012-05-15 18:36        63088        ----a-w-        c:\windows\system32\drivers\vmx86.sys
2012-04-30 19:05 . 2012-05-15 18:35        942192        ----a-w-        c:\windows\system32\vnetlib64.dll
2012-04-30 19:04 . 2012-05-15 18:35        354416        ----a-w-        c:\windows\SysWow64\vmnetdhcp.exe
2012-04-30 19:04 . 2012-05-15 18:35        433264        ----a-w-        c:\windows\SysWow64\vmnat.exe
2012-04-30 19:04 . 2012-05-15 18:35        32880        ----a-w-        c:\windows\system32\drivers\VMkbd.sys
2012-04-30 19:03 . 2012-05-15 18:35        30320        ----a-w-        c:\windows\system32\drivers\vmnetuserif.sys
2012-04-30 16:26 . 2012-04-30 16:26        252016        ----a-w-        c:\windows\SysWow64\vmnc.dll
2012-04-30 15:22 . 2012-04-30 15:22        62064        ----a-w-        c:\windows\system32\vmnetbridge.dll
2012-04-30 15:22 . 2012-04-30 15:22        48752        ----a-w-        c:\windows\system32\vnetinst.dll
2012-04-30 15:22 . 2012-04-30 15:22        45680        ----a-w-        c:\windows\system32\drivers\vmnetbridge.sys
2012-04-30 15:22 . 2012-04-30 15:22        24176        ----a-w-        c:\windows\system32\drivers\vmnet.sys
2012-04-30 15:22 . 2012-04-30 15:22        20080        ----a-w-        c:\windows\system32\drivers\vmnetadapter.sys
2012-04-28 03:55 . 2012-06-14 07:34        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-14 07:34        77312        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-14 07:34        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-14 07:34        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.7\ICQ.exe" [2012-01-14 127040]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2012-07-08 2910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2011-06-29 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-03-03 171104]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-11-15 312376]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-07-01 314280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Gerade.au3 [2012-7-14 114]
mousometer.exe - Verknüpfung.lnk - c:\users\Malte\Downloads\mousometer.exe [2012-3-18 140288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe [2012-7-14 517632]
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2012-1-14 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 BRA_Scheduler;Brother BRAdminPro Scheduler;d:\mfc\bratimer.exe [2010-09-15 65536]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-14 327168]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2009-11-10 14336]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-04 283200]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2011-03-21 88200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 Apache2.2;Apache2.2;d:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-04-13 87552]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-04-13 207872]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-06-18 97792]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-21 12632168]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - (no file)
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\Steam.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ANNO 1602 Königs-Edition - c:\windows\IsUn0407.exe
AddRemove-BattlEye A2 Free - d:\arma2 free\Bohemia InteractiveBattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-24  10:55:13
ComboFix-quarantined-files.txt  2012-07-24 08:55
.
Vor Suchlauf: 10 Verzeichnis(se), 20.374.511.616 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 20.160.978.944 Bytes frei
.
- - End Of File - - 8602DA51A4E0A0F899C61C69F012465A

Add-Remove programs.txt

Code:
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) MUI
Allods Online 3.0.00.50
Amnesia - The Dark Descent
ANNO 1602 Königs-Edition
ArmA 2 Free Uninstall
AutoIt v3.3.8.1
Bandisoft MPEG-1 Decoder
BattlEye (A2Free) Uninstall
BRAdmin Professional 3
Cheat Engine 6.1
Cinema ProII Setup
Combat Arms EU
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Counter-Strike: Source
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD Copy
CyberLink PowerRecover
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Diablo III
Diablo III Beta
Dolby Advanced Audio v2
EVEREST Home Edition v2.20
Fiesta Online(EU_German) 1.04.000
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
GamersFirst LIVE!
Handball-Simulator: European Tournament 2010
Hex-Editor MX
Hi-Rez Studios Authenticate and Update Service
ICQ 7.7 Build #6547 Banner Remover 1.0
ICQ Sparberater
ICQ7.7
Intel PROSet Wireless
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Solid-State Drive Toolbox
Internet-TV für Windows Media Center
Java Auto Updater
Java(TM) 6 Update 31
JDownloader 0.9
Junk Mail filter update
Kaspersky Internet Security 2011
KeyTweak - Keyboard Remapper (remove only)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
LOLReplay
Malwarebytes Anti-Malware Version 1.62.0.1300
Medion Home Cinema
Mesh Runtime
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010
Microsoft Office Klick-und-Los 2010
Microsoft Office Starter 2010 - Deutsch
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MinecraftAlpha
Mozilla Firefox 14.0.1 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 14.0 (x86 de)
MSVCRT
MSVCRT_amd64
Naga Firmware Updater 1.13
Nexon Game Manager
Notepad++
NVIDIA PhysX
OpenAL
OpenOffice.org 3.4
OpenSebJ Beta v0.43
Pando Media Booster
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Pokemon Online 1.0.53
PokerStars
Pošta Windows Live
PowerISO
Raccolta foto di Windows Live
Rapture3D 2.3.26 Game
Razer Synapse 2.0
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Renesas Electronics USB 3.0 Host Controller Driver
Revo Uninstaller 1.93
S?????? f?t???af??? t?? Windows Live
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
ShiftWindow 1.02
Skype™ 5.10
Smartp1ck
Smite Closed Beta
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader X
Star Wars: The Old Republic
StarCraft II
Steam
SWFPlayer 2.6.2.0
System Control Manager
T4E Player
TeamViewer 7
Tera Term Pro
Universal Extractor 1.6.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Versandhelfer
Vindictus EU
VirtualDJ Home FREE
VLC media player 2.0.0
VMware Player
VMware Remote Console Plug-in
VNC Free Edition 4.1.3
watchmi
WinBMA
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotograf Galerisi
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Silverlight
World of Warcraft
XAMPP 1.7.7
XSplit

t'john 25.07.2012 00:27
TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.

Malte_1234 26.07.2012 10:41
TDSSKiller:
Code:
11:36:44.0421 7376        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:36:44.0731 7376        ============================================================
11:36:44.0731 7376        Current date / time: 2012/07/26 11:36:44.0731
11:36:44.0731 7376        SystemInfo:
11:36:44.0731 7376       
11:36:44.0731 7376        OS Version: 6.1.7601 ServicePack: 1.0
11:36:44.0732 7376        Product type: Workstation
11:36:44.0732 7376        ComputerName: MALTE1-PC
11:36:44.0732 7376        UserName: Malte
11:36:44.0732 7376        Windows directory: C:\Windows
11:36:44.0732 7376        System windows directory: C:\Windows
11:36:44.0732 7376        Running under WOW64
11:36:44.0732 7376        Processor architecture: Intel x64
11:36:44.0732 7376        Number of processors: 8
11:36:44.0732 7376        Page size: 0x1000
11:36:44.0732 7376        Boot type: Normal boot
11:36:44.0732 7376        ============================================================
11:36:45.0207 7376        Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:45.0489 7376        Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:45.0505 7376        ============================================================
11:36:45.0505 7376        \Device\Harddisk0\DR0:
11:36:45.0506 7376        MBR partitions:
11:36:45.0506 7376        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:36:45.0506 7376        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x92DC800
11:36:45.0506 7376        \Device\Harddisk1\DR1:
11:36:45.0506 7376        MBR partitions:
11:36:45.0506 7376        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x33E00000
11:36:45.0507 7376        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x33E00800, BlocksNum 0x237456F0
11:36:45.0507 7376        ============================================================
11:36:45.0508 7376        C: <-> \Device\Harddisk0\DR0\Partition1
11:36:45.0535 7376        D: <-> \Device\Harddisk1\DR1\Partition0
11:36:45.0573 7376        E: <-> \Device\Harddisk1\DR1\Partition1
11:36:45.0573 7376        ============================================================
11:36:45.0573 7376        Initialize success
11:36:45.0573 7376        ============================================================
11:36:59.0537 1564        ============================================================
11:36:59.0537 1564        Scan started
11:36:59.0537 1564        Mode: Manual;
11:36:59.0537 1564        ============================================================
11:36:59.0677 1564        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:36:59.0679 1564        1394ohci - ok
11:36:59.0692 1564        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:36:59.0695 1564        ACPI - ok
11:36:59.0699 1564        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:36:59.0700 1564        AcpiPmi - ok
11:36:59.0715 1564        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:36:59.0716 1564        AdobeARMservice - ok
11:36:59.0747 1564        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:36:59.0751 1564        AdobeFlashPlayerUpdateSvc - ok
11:36:59.0773 1564        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:36:59.0779 1564        adp94xx - ok
11:36:59.0792 1564        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:36:59.0796 1564        adpahci - ok
11:36:59.0810 1564        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:36:59.0813 1564        adpu320 - ok
11:36:59.0820 1564        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:36:59.0821 1564        AeLookupSvc - ok
11:36:59.0839 1564        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:36:59.0846 1564        AFD - ok
11:36:59.0852 1564        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:36:59.0854 1564        agp440 - ok
11:36:59.0859 1564        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:36:59.0861 1564        ALG - ok
11:36:59.0865 1564        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:36:59.0866 1564        aliide - ok
11:36:59.0869 1564        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:36:59.0871 1564        amdide - ok
11:36:59.0877 1564        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:36:59.0879 1564        AmdK8 - ok
11:36:59.0884 1564        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:36:59.0886 1564        AmdPPM - ok
11:36:59.0892 1564        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:36:59.0894 1564        amdsata - ok
11:36:59.0909 1564        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:36:59.0912 1564        amdsbs - ok
11:36:59.0916 1564        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:36:59.0916 1564        amdxata - ok
11:36:59.0930 1564        AMPPAL          (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
11:36:59.0935 1564        AMPPAL - ok
11:36:59.0943 1564        AMPPALP        (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
11:36:59.0947 1564        AMPPALP - ok
11:36:59.0992 1564        AMPPALR3        (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:37:00.0006 1564        AMPPALR3 - ok
11:37:00.0343 1564        Apache2.2      (f41e453a90ef19217cee1675f5256ee7) D:\xampp\apache\bin\httpd.exe
11:37:00.0344 1564        Apache2.2 - ok
11:37:00.0379 1564        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:37:00.0382 1564        AppID - ok
11:37:00.0390 1564        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:37:00.0393 1564        AppIDSvc - ok
11:37:00.0402 1564        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:37:00.0405 1564        Appinfo - ok
11:37:00.0419 1564        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:37:00.0422 1564        arc - ok
11:37:00.0433 1564        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:37:00.0435 1564        arcsas - ok
11:37:00.0452 1564        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:37:00.0458 1564        aspnet_state - ok
11:37:00.0463 1564        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:37:00.0464 1564        AsyncMac - ok
11:37:00.0470 1564        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:37:00.0472 1564        atapi - ok
11:37:00.0499 1564        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:00.0509 1564        AudioEndpointBuilder - ok
11:37:00.0517 1564        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:00.0523 1564        AudioSrv - ok
11:37:00.0550 1564        AVP            (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
11:37:00.0555 1564        AVP - ok
11:37:00.0565 1564        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:37:00.0567 1564        AxInstSV - ok
11:37:00.0588 1564        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:37:00.0594 1564        b06bdrv - ok
11:37:00.0607 1564        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:37:00.0611 1564        b57nd60a - ok
11:37:00.0619 1564        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:37:00.0622 1564        BDESVC - ok
11:37:00.0625 1564        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:37:00.0626 1564        Beep - ok
11:37:00.0652 1564        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:37:00.0661 1564        BFE - ok
11:37:00.0693 1564        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:37:00.0705 1564        BITS - ok
11:37:00.0716 1564        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:37:00.0718 1564        blbdrive - ok
11:37:00.0754 1564        Bluetooth Device Monitor (55b0c8441de7d91a819a39d0351154a2) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:37:00.0762 1564        Bluetooth Device Monitor - ok
11:37:00.0810 1564        Bluetooth Media Service (7e262330df0c4be4ece853b59b9cbe4c) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:37:00.0822 1564        Bluetooth Media Service - ok
11:37:00.0852 1564        Bluetooth OBEX Service (8bf4b9956e13871a88a3810074e2e110) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:37:00.0859 1564        Bluetooth OBEX Service - ok
11:37:00.0890 1564        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:37:00.0892 1564        bowser - ok
11:37:00.0947 1564        BRA_Scheduler  (05c9416889b03877781712ebb41cafee) D:\MFC\bratimer.exe
11:37:00.0949 1564        BRA_Scheduler - ok
11:37:00.0957 1564        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:37:00.0960 1564        BrFiltLo - ok
11:37:00.0966 1564        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:37:00.0968 1564        BrFiltUp - ok
11:37:00.0978 1564        Bridge          (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:37:00.0981 1564        Bridge - ok
11:37:00.0984 1564        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:37:00.0986 1564        BridgeMP - ok
11:37:00.0996 1564        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:37:00.0999 1564        Browser - ok
11:37:01.0011 1564        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:37:01.0016 1564        Brserid - ok
11:37:01.0026 1564        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:37:01.0028 1564        BrSerWdm - ok
11:37:01.0032 1564        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:37:01.0034 1564        BrUsbMdm - ok
11:37:01.0038 1564        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:37:01.0040 1564        BrUsbSer - ok
11:37:01.0045 1564        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:37:01.0047 1564        BthEnum - ok
11:37:01.0054 1564        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:37:01.0056 1564        BTHMODEM - ok
11:37:01.0069 1564        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:37:01.0072 1564        BthPan - ok
11:37:01.0093 1564        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:37:01.0101 1564        BTHPORT - ok
11:37:01.0108 1564        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:37:01.0110 1564        bthserv - ok
11:37:01.0119 1564        BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:37:01.0120 1564        BTHSSecurityMgr - ok
11:37:01.0127 1564        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:37:01.0130 1564        BTHUSB - ok
11:37:01.0135 1564        btmaux          (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys
11:37:01.0137 1564        btmaux - ok
11:37:01.0152 1564        btmhsf          (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
11:37:01.0157 1564        btmhsf - ok
11:37:01.0192 1564        bwmservice      (ea48ac703a9f412a42bfca2fc048b63c) C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe
11:37:01.0198 1564        bwmservice - ok
11:37:01.0201 1564        catchme - ok
11:37:01.0210 1564        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:37:01.0212 1564        cdfs - ok
11:37:01.0221 1564        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:37:01.0224 1564        cdrom - ok
11:37:01.0231 1564        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:01.0233 1564        CertPropSvc - ok
11:37:01.0240 1564        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:37:01.0242 1564        circlass - ok
11:37:01.0258 1564        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:37:01.0262 1564        CLFS - ok
11:37:01.0276 1564        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:37:01.0280 1564        clr_optimization_v2.0.50727_32 - ok
11:37:01.0288 1564        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:37:01.0291 1564        clr_optimization_v2.0.50727_64 - ok
11:37:01.0304 1564        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:37:01.0315 1564        clr_optimization_v4.0.30319_32 - ok
11:37:01.0332 1564        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:37:01.0337 1564        clr_optimization_v4.0.30319_64 - ok
11:37:01.0340 1564        clwvd - ok
11:37:01.0347 1564        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:37:01.0348 1564        CmBatt - ok
11:37:01.0353 1564        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:37:01.0354 1564        cmdide - ok
11:37:01.0373 1564        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:37:01.0379 1564        CNG - ok
11:37:01.0385 1564        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:37:01.0385 1564        Compbatt - ok
11:37:01.0390 1564        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:37:01.0392 1564        CompositeBus - ok
11:37:01.0395 1564        COMSysApp - ok
11:37:01.0400 1564        copperhd        (44622785d2d2dd8b13e6dc969b6e34a4) C:\Windows\system32\drivers\copperhd.sys
11:37:01.0401 1564        copperhd - ok
11:37:01.0405 1564        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:37:01.0407 1564        crcdisk - ok
11:37:01.0418 1564        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:37:01.0421 1564        CryptSvc - ok
11:37:01.0456 1564        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:37:01.0464 1564        cvhsvc - ok
11:37:01.0486 1564        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:01.0494 1564        DcomLaunch - ok
11:37:01.0505 1564        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:37:01.0510 1564        defragsvc - ok
11:37:01.0524 1564        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:37:01.0526 1564        DfsC - ok
11:37:01.0537 1564        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:37:01.0542 1564        Dhcp - ok
11:37:01.0547 1564        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:37:01.0548 1564        discache - ok
11:37:01.0555 1564        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:37:01.0556 1564        Disk - ok
11:37:01.0565 1564        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:37:01.0568 1564        Dnscache - ok
11:37:01.0579 1564        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:37:01.0583 1564        dot3svc - ok
11:37:01.0593 1564        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:37:01.0596 1564        DPS - ok
11:37:01.0599 1564        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:37:01.0601 1564        drmkaud - ok
11:37:01.0616 1564        dtsoftbus01    (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:37:01.0618 1564        dtsoftbus01 - ok
11:37:01.0651 1564        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:37:01.0658 1564        DXGKrnl - ok
11:37:01.0663 1564        EagleX64 - ok
11:37:01.0670 1564        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:37:01.0673 1564        EapHost - ok
11:37:01.0793 1564        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:37:01.0830 1564        ebdrv - ok
11:37:01.0855 1564        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:37:01.0856 1564        EFS - ok
11:37:01.0882 1564        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:37:01.0890 1564        ehRecvr - ok
11:37:01.0894 1564        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:37:01.0896 1564        ehSched - ok
11:37:01.0921 1564        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:37:01.0926 1564        elxstor - ok
11:37:01.0929 1564        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:37:01.0931 1564        ErrDev - ok
11:37:01.0946 1564        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:37:01.0951 1564        EventSystem - ok
11:37:02.0014 1564        EvtEng          (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:37:02.0028 1564        EvtEng - ok
11:37:02.0060 1564        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:37:02.0063 1564        exfat - ok
11:37:02.0072 1564        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:37:02.0076 1564        fastfat - ok
11:37:02.0104 1564        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:37:02.0114 1564        Fax - ok
11:37:02.0120 1564        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:37:02.0122 1564        fdc - ok
11:37:02.0127 1564        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:37:02.0129 1564        fdPHost - ok
11:37:02.0135 1564        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:37:02.0137 1564        FDResPub - ok
11:37:02.0143 1564        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:37:02.0145 1564        FileInfo - ok
11:37:02.0149 1564        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:37:02.0150 1564        Filetrace - ok
11:37:02.0251 1564        FileZilla Server (bf72c20b44b85fd030aeaa721e35d512) D:\xampp\FileZillaFTP\FileZillaServer.exe
11:37:02.0264 1564        FileZilla Server - ok
11:37:02.0270 1564        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:37:02.0272 1564        flpydisk - ok
11:37:02.0285 1564        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:37:02.0290 1564        FltMgr - ok
11:37:02.0333 1564        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:37:02.0353 1564        FontCache - ok
11:37:02.0360 1564        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:37:02.0362 1564        FontCache3.0.0.0 - ok
11:37:02.0374 1564        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:37:02.0376 1564        FsDepends - ok
11:37:02.0380 1564        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:37:02.0380 1564        Fs_Rec - ok
11:37:02.0390 1564        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:37:02.0392 1564        fvevol - ok
11:37:02.0398 1564        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:37:02.0400 1564        gagp30kx - ok
11:37:02.0425 1564        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:37:02.0434 1564        gpsvc - ok
11:37:02.0440 1564        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
11:37:02.0442 1564        hamachi - ok
11:37:02.0451 1564        hcmon          (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:37:02.0452 1564        hcmon - ok
11:37:02.0458 1564        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:37:02.0459 1564        hcw85cir - ok
11:37:02.0473 1564        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:37:02.0477 1564        HdAudAddService - ok
11:37:02.0485 1564        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:37:02.0487 1564        HDAudBus - ok
11:37:02.0491 1564        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:37:02.0492 1564        HidBatt - ok
11:37:02.0499 1564        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:37:02.0501 1564        HidBth - ok
11:37:02.0505 1564        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:37:02.0507 1564        HidIr - ok
11:37:02.0512 1564        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:37:02.0514 1564        hidserv - ok
11:37:02.0518 1564        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:37:02.0520 1564        HidUsb - ok
11:37:02.0590 1564        HiPatchService  (7388756bc5f9fe857c400e340b878af2) D:\Smite\HiPatchService.exe
11:37:02.0591 1564        HiPatchService - ok
11:37:02.0599 1564        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:37:02.0602 1564        hkmsvc - ok
11:37:02.0613 1564        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:37:02.0617 1564        HomeGroupListener - ok
11:37:02.0627 1564        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:37:02.0631 1564        HomeGroupProvider - ok
11:37:02.0638 1564        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:37:02.0640 1564        HpSAMD - ok
11:37:02.0665 1564        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:37:02.0675 1564        HTTP - ok
11:37:02.0679 1564        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:37:02.0680 1564        hwpolicy - ok
11:37:02.0687 1564        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:37:02.0689 1564        i8042prt - ok
11:37:02.0711 1564        iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
11:37:02.0716 1564        iaStor - ok
11:37:02.0725 1564        IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:37:02.0726 1564        IAStorDataMgrSvc - ok
11:37:02.0747 1564        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:37:02.0753 1564        iaStorV - ok
11:37:02.0766 1564        iBtFltCoex      (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:37:02.0768 1564        iBtFltCoex - ok
11:37:02.0800 1564        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:37:02.0813 1564        idsvc - ok
11:37:03.0015 1564        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:37:03.0090 1564        igfx - ok
11:37:03.0123 1564        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:37:03.0124 1564        iirsp - ok
11:37:03.0155 1564        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:37:03.0168 1564        IKEEXT - ok
11:37:03.0287 1564        IntcAzAudAddService (98f4e841ea43ed5a442f0dc60cab4326) C:\Windows\system32\drivers\RTKVHD64.sys
11:37:03.0308 1564        IntcAzAudAddService - ok
11:37:03.0337 1564        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:37:03.0338 1564        intelide - ok
11:37:03.0344 1564        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:37:03.0345 1564        intelppm - ok
11:37:03.0353 1564        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:37:03.0356 1564        IPBusEnum - ok
11:37:03.0362 1564        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:37:03.0364 1564        IpFilterDriver - ok
11:37:03.0385 1564        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:37:03.0393 1564        iphlpsvc - ok
11:37:03.0400 1564        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:37:03.0402 1564        IPMIDRV - ok
11:37:03.0409 1564        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:37:03.0412 1564        IPNAT - ok
11:37:03.0416 1564        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:37:03.0418 1564        IRENUM - ok
11:37:03.0424 1564        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:37:03.0425 1564        isapnp - ok
11:37:03.0439 1564        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:37:03.0442 1564        iScsiPrt - ok
11:37:03.0447 1564        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:37:03.0448 1564        kbdclass - ok
11:37:03.0452 1564        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:37:03.0453 1564        kbdhid - ok
11:37:03.0459 1564        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:03.0460 1564        KeyIso - ok
11:37:03.0483 1564        KL1            (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
11:37:03.0488 1564        KL1 - ok
11:37:03.0490 1564        kl2            (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
11:37:03.0491 1564        kl2 - ok
11:37:03.0514 1564        KLIF            (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
11:37:03.0517 1564        KLIF - ok
11:37:03.0522 1564        KLIM6          (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
11:37:03.0523 1564        KLIM6 - ok
11:37:03.0527 1564        klmouflt        (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
11:37:03.0527 1564        klmouflt - ok
11:37:03.0537 1564        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:37:03.0539 1564        KSecDD - ok
11:37:03.0550 1564        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:37:03.0552 1564        KSecPkg - ok
11:37:03.0556 1564        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:37:03.0557 1564        ksthunk - ok
11:37:03.0569 1564        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:37:03.0574 1564        KtmRm - ok
11:37:03.0584 1564        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:37:03.0588 1564        LanmanServer - ok
11:37:03.0595 1564        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:37:03.0598 1564        LanmanWorkstation - ok
11:37:03.0603 1564        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:37:03.0605 1564        lltdio - ok
11:37:03.0620 1564        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:37:03.0624 1564        lltdsvc - ok
11:37:03.0627 1564        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:37:03.0629 1564        lmhosts - ok
11:37:03.0637 1564        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:37:03.0639 1564        LSI_FC - ok
11:37:03.0645 1564        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:37:03.0647 1564        LSI_SAS - ok
11:37:03.0652 1564        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:37:03.0654 1564        LSI_SAS2 - ok
11:37:03.0659 1564        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:37:03.0661 1564        LSI_SCSI - ok
11:37:03.0667 1564        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:37:03.0669 1564        luafv - ok
11:37:03.0676 1564        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:37:03.0678 1564        Mcx2Svc - ok
11:37:03.0682 1564        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:37:03.0683 1564        megasas - ok
11:37:03.0695 1564        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:37:03.0698 1564        MegaSR - ok
11:37:03.0705 1564        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
11:37:03.0705 1564        MEIx64 - ok
11:37:03.0714 1564        Micro Star SCM  (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
11:37:03.0715 1564        Micro Star SCM - ok
11:37:03.0720 1564        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:03.0722 1564        MMCSS - ok
11:37:03.0727 1564        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:37:03.0728 1564        Modem - ok
11:37:03.0730 1564        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:37:03.0731 1564        monitor - ok
11:37:03.0740 1564        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:37:03.0741 1564        mouclass - ok
11:37:03.0747 1564        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:37:03.0749 1564        mouhid - ok
11:37:03.0755 1564        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:37:03.0756 1564        mountmgr - ok
11:37:03.0767 1564        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:37:03.0770 1564        MozillaMaintenance - ok
11:37:03.0777 1564        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:37:03.0780 1564        mpio - ok
11:37:03.0785 1564        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:37:03.0786 1564        mpsdrv - ok
11:37:03.0819 1564        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:37:03.0830 1564        MpsSvc - ok
11:37:03.0839 1564        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:37:03.0842 1564        MRxDAV - ok
11:37:03.0852 1564        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:37:03.0854 1564        mrxsmb - ok
11:37:03.0869 1564        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:37:03.0872 1564        mrxsmb10 - ok
11:37:03.0880 1564        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:37:03.0882 1564        mrxsmb20 - ok
11:37:03.0886 1564        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:37:03.0888 1564        msahci - ok
11:37:03.0896 1564        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:37:03.0899 1564        msdsm - ok
11:37:03.0906 1564        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:37:03.0909 1564        MSDTC - ok
11:37:03.0916 1564        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:37:03.0917 1564        Msfs - ok
11:37:03.0920 1564        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:37:03.0921 1564        mshidkmdf - ok
11:37:03.0924 1564        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:37:03.0925 1564        msisadrv - ok
11:37:03.0932 1564        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:37:03.0936 1564        MSiSCSI - ok
11:37:03.0938 1564        msiserver - ok
11:37:03.0942 1564        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:37:03.0944 1564        MSKSSRV - ok
11:37:03.0946 1564        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:37:03.0947 1564        MSPCLOCK - ok
11:37:03.0950 1564        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:37:03.0951 1564        MSPQM - ok
11:37:03.0981 1564        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:37:03.0984 1564        MsRPC - ok
11:37:03.0989 1564        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:37:03.0990 1564        mssmbios - ok
11:37:03.0992 1564        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:37:03.0993 1564        MSTEE - ok
11:37:03.0996 1564        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:37:03.0997 1564        MTConfig - ok
11:37:04.0001 1564        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:37:04.0002 1564        Mup - ok
11:37:04.0071 1564        mysql - ok
11:37:04.0096 1564        MyWiFiDHCPDNS  (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:37:04.0104 1564        MyWiFiDHCPDNS - ok
11:37:04.0129 1564        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:37:04.0140 1564        napagent - ok
11:37:04.0157 1564        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:37:04.0161 1564        NativeWifiP - ok
11:37:04.0191 1564        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:37:04.0200 1564        NDIS - ok
11:37:04.0210 1564        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:37:04.0212 1564        NdisCap - ok
11:37:04.0214 1564        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:37:04.0215 1564        NdisTapi - ok
11:37:04.0219 1564        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:37:04.0221 1564        Ndisuio - ok
11:37:04.0228 1564        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:37:04.0230 1564        NdisWan - ok
11:37:04.0235 1564        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:37:04.0236 1564        NDProxy - ok
11:37:04.0240 1564        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:37:04.0241 1564        NetBIOS - ok
11:37:04.0252 1564        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:37:04.0255 1564        NetBT - ok
11:37:04.0261 1564        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:04.0262 1564        Netlogon - ok
11:37:04.0276 1564        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:37:04.0282 1564        Netman - ok
11:37:04.0299 1564        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0305 1564        NetMsmqActivator - ok
11:37:04.0308 1564        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0309 1564        NetPipeActivator - ok
11:37:04.0327 1564        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:37:04.0335 1564        netprofm - ok
11:37:04.0338 1564        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0340 1564        NetTcpActivator - ok
11:37:04.0343 1564        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0345 1564        NetTcpPortSharing - ok
11:37:04.0624 1564        NETwNs64        (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:37:04.0728 1564        NETwNs64 - ok
11:37:04.0759 1564        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:37:04.0761 1564        nfrd960 - ok
11:37:04.0772 1564        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:37:04.0776 1564        NlaSvc - ok
11:37:04.0783 1564        NLNdisMP        (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:37:04.0784 1564        NLNdisMP - ok
11:37:04.0787 1564        NLNdisPT        (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:37:04.0788 1564        NLNdisPT - ok
11:37:04.0862 1564        nlsvc          (6988373e38223438b09f0c27d7e67393) C:\Program Files\NetLimiter 3\nlsvc.exe
11:37:04.0877 1564        nlsvc - ok
11:37:04.0889 1564        nltdi          (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
11:37:04.0890 1564        nltdi - ok
11:37:04.0920 1564        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:37:04.0921 1564        Npfs - ok
11:37:04.0926 1564        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:37:04.0928 1564        nsi - ok
11:37:04.0932 1564        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:37:04.0933 1564        nsiproxy - ok
11:37:04.0997 1564        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:37:05.0017 1564        Ntfs - ok
11:37:05.0046 1564        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:37:05.0047 1564        Null - ok
11:37:05.0053 1564        nusb3hub        (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
11:37:05.0055 1564        nusb3hub - ok
11:37:05.0071 1564        nusb3xhc        (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
11:37:05.0076 1564        nusb3xhc - ok
11:37:05.0098 1564        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
11:37:05.0100 1564        NVHDA - ok
11:37:05.0552 1564        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:37:05.0611 1564        nvlddmkm - ok
11:37:05.0644 1564        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:37:05.0646 1564        nvraid - ok
11:37:05.0653 1564        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:37:05.0656 1564        nvstor - ok
11:37:05.0692 1564        NVSvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
11:37:05.0697 1564        NVSvc - ok
11:37:05.0741 1564        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:37:05.0753 1564        nvUpdatusService - ok
11:37:05.0787 1564        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:37:05.0789 1564        nv_agp - ok
11:37:05.0794 1564        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:37:05.0795 1564        ohci1394 - ok
11:37:05.0804 1564        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:05.0806 1564        ose - ok
11:37:05.0988 1564        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:37:06.0029 1564        osppsvc - ok
11:37:06.0060 1564        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:06.0064 1564        p2pimsvc - ok
11:37:06.0080 1564        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:37:06.0087 1564        p2psvc - ok
11:37:06.0108 1564        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:37:06.0111 1564        Parport - ok
11:37:06.0124 1564        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:37:06.0125 1564        partmgr - ok
11:37:06.0134 1564        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:37:06.0138 1564        PcaSvc - ok
11:37:06.0148 1564        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:37:06.0151 1564        pci - ok
11:37:06.0155 1564        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:37:06.0156 1564        pciide - ok
11:37:06.0166 1564        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:37:06.0170 1564        pcmcia - ok
11:37:06.0176 1564        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:37:06.0177 1564        pcw - ok
11:37:06.0199 1564        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:37:06.0207 1564        PEAUTH - ok
11:37:06.0227 1564        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:37:06.0228 1564        PerfHost - ok
11:37:06.0278 1564        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:37:06.0296 1564        pla - ok
11:37:06.0314 1564        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:37:06.0321 1564        PlugPlay - ok
11:37:06.0327 1564        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:37:06.0329 1564        PNRPAutoReg - ok
11:37:06.0343 1564        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:06.0347 1564        PNRPsvc - ok
11:37:06.0362 1564        Point64        (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
11:37:06.0364 1564        Point64 - ok
11:37:06.0383 1564        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:37:06.0390 1564        PolicyAgent - ok
11:37:06.0402 1564        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:37:06.0407 1564        Power - ok
11:37:06.0415 1564        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:37:06.0417 1564        PptpMiniport - ok
11:37:06.0424 1564        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:37:06.0426 1564        Processor - ok
11:37:06.0440 1564        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:37:06.0444 1564        ProfSvc - ok
11:37:06.0451 1564        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:06.0453 1564        ProtectedStorage - ok
11:37:06.0462 1564        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:37:06.0464 1564        Psched - ok
11:37:06.0519 1564        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:37:06.0537 1564        ql2300 - ok
11:37:06.0571 1564        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:37:06.0574 1564        ql40xx - ok
11:37:06.0585 1564        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:37:06.0590 1564        QWAVE - ok
11:37:06.0596 1564        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:37:06.0598 1564        QWAVEdrv - ok
11:37:06.0602 1564        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:37:06.0603 1564        RasAcd - ok
11:37:06.0610 1564        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:06.0612 1564        RasAgileVpn - ok
11:37:06.0619 1564        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:37:06.0623 1564        RasAuto - ok
11:37:06.0631 1564        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:06.0633 1564        Rasl2tp - ok
11:37:06.0648 1564        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:37:06.0654 1564        RasMan - ok
11:37:06.0662 1564        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:06.0664 1564        RasPppoe - ok
11:37:06.0670 1564        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:37:06.0672 1564        RasSstp - ok
11:37:06.0686 1564        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:37:06.0691 1564        rdbss - ok
11:37:06.0696 1564        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:37:06.0698 1564        rdpbus - ok
11:37:06.0702 1564        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:06.0703 1564        RDPCDD - ok
11:37:06.0709 1564        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:37:06.0710 1564        RDPENCDD - ok
11:37:06.0715 1564        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:37:06.0716 1564        RDPREFMP - ok
11:37:06.0729 1564        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:37:06.0733 1564        RDPWD - ok
11:37:06.0744 1564        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:37:06.0747 1564        rdyboost - ok
11:37:06.0779 1564        RegSrvc        (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:37:06.0785 1564        RegSrvc - ok
11:37:06.0794 1564        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:37:06.0796 1564        RemoteAccess - ok
11:37:06.0803 1564        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:37:06.0806 1564        RemoteRegistry - ok
11:37:06.0824 1564        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:37:06.0826 1564        RFCOMM - ok
11:37:06.0832 1564        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:37:06.0835 1564        RpcEptMapper - ok
11:37:06.0837 1564        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:37:06.0839 1564        RpcLocator - ok
11:37:06.0854 1564        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:06.0857 1564        RpcSs - ok
11:37:06.0863 1564        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:37:06.0864 1564        rspndr - ok
11:37:06.0878 1564        RSUSBVSTOR      (e54a5586a28d0630a79a68bbab84bfcf) C:\Windows\System32\Drivers\RtsUVStor.sys
11:37:06.0880 1564        RSUSBVSTOR - ok
11:37:06.0894 1564        RTL8167        (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:37:06.0896 1564        RTL8167 - ok
11:37:06.0922 1564        RTL8192su      (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:37:06.0931 1564        RTL8192su - ok
11:37:06.0939 1564        rzudd          (a237566b5a53d17d8348334853f11b38) C:\Windows\system32\DRIVERS\rzudd.sys
11:37:06.0942 1564        rzudd - ok
11:37:06.0948 1564        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:06.0949 1564        SamSs - ok
11:37:06.0955 1564        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:37:06.0958 1564        sbp2port - ok
11:37:06.0967 1564        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:37:06.0971 1564        SCardSvr - ok
11:37:06.0989 1564        SCDEmu          (3ac948640421e3891a49aa83c6b77b7a) C:\Windows\system32\drivers\SCDEmu.sys
11:37:06.0990 1564        SCDEmu - ok
11:37:06.0995 1564        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:37:06.0996 1564        scfilter - ok
11:37:07.0031 1564        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:37:07.0043 1564        Schedule - ok
11:37:07.0051 1564        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:07.0052 1564        SCPolicySvc - ok
11:37:07.0061 1564        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:37:07.0064 1564        SDRSVC - ok
11:37:07.0076 1564        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:37:07.0077 1564        secdrv - ok
11:37:07.0082 1564        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:37:07.0084 1564        seclogon - ok
11:37:07.0090 1564        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:37:07.0093 1564        SENS - ok
11:37:07.0097 1564        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:37:07.0100 1564        SensrSvc - ok
11:37:07.0105 1564        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:37:07.0107 1564        Serenum - ok
11:37:07.0116 1564        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:37:07.0118 1564        Serial - ok
11:37:07.0122 1564        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:37:07.0124 1564        sermouse - ok
11:37:07.0134 1564        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:37:07.0138 1564        SessionEnv - ok
11:37:07.0141 1564        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:37:07.0143 1564        sffdisk - ok
11:37:07.0146 1564        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:37:07.0147 1564        sffp_mmc - ok
11:37:07.0151 1564        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:37:07.0152 1564        sffp_sd - ok
11:37:07.0156 1564        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:37:07.0157 1564        sfloppy - ok
11:37:07.0189 1564        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:37:07.0193 1564        Sftfs - ok
11:37:07.0218 1564        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:37:07.0220 1564        sftlist - ok
11:37:07.0237 1564        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:37:07.0238 1564        Sftplay - ok
11:37:07.0245 1564        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:37:07.0246 1564        Sftredir - ok
11:37:07.0249 1564        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:37:07.0249 1564        Sftvol - ok
11:37:07.0261 1564        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:37:07.0262 1564        sftvsa - ok
11:37:07.0278 1564        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:37:07.0282 1564        SharedAccess - ok
11:37:07.0299 1564        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:37:07.0303 1564        ShellHWDetection - ok
11:37:07.0308 1564        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:37:07.0310 1564        SiSRaid2 - ok
11:37:07.0316 1564        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:37:07.0317 1564        SiSRaid4 - ok
11:37:07.0332 1564        SkypeUpdate    (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:37:07.0333 1564        SkypeUpdate - ok
11:37:07.0340 1564        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:37:07.0342 1564        Smb - ok
11:37:07.0347 1564        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:37:07.0349 1564        SNMPTRAP - ok
11:37:07.0370 1564        speedfan        (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
11:37:07.0371 1564        speedfan - ok
11:37:07.0380 1564        spfdrv          (6fdc40a0fb834de6b03e596b3734e25a) C:\Windows\system32\DRIVERS\spfdrv.sys
11:37:07.0380 1564        spfdrv - ok
11:37:07.0384 1564        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:37:07.0384 1564        spldr - ok
11:37:07.0403 1564        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:37:07.0407 1564        Spooler - ok
11:37:07.0531 1564        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:37:07.0563 1564        sppsvc - ok
11:37:07.0589 1564        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:37:07.0591 1564        sppuinotify - ok
11:37:07.0615 1564        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:37:07.0619 1564        srv - ok
11:37:07.0642 1564        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:37:07.0647 1564        srv2 - ok
11:37:07.0656 1564        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:37:07.0659 1564        srvnet - ok
11:37:07.0669 1564        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:37:07.0673 1564        SSDPSRV - ok
11:37:07.0679 1564        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:37:07.0682 1564        SstpSvc - ok
11:37:07.0689 1564        Steam Client Service - ok
11:37:07.0696 1564        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:37:07.0698 1564        stexstor - ok
11:37:07.0726 1564        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:37:07.0737 1564        stisvc - ok
11:37:07.0743 1564        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:37:07.0744 1564        swenum - ok
11:37:07.0762 1564        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:37:07.0769 1564        swprv - ok
11:37:07.0818 1564        SynTP          (f4db1d9e6a42d491f0f8e21854301c0b) C:\Windows\system32\drivers\SynTP.sys
11:37:07.0831 1564        SynTP - ok
11:37:07.0903 1564        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:37:07.0924 1564        SysMain - ok
11:37:07.0951 1564        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:37:07.0955 1564        TabletInputService - ok
11:37:07.0969 1564        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:37:07.0975 1564        TapiSrv - ok
11:37:07.0982 1564        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:37:07.0985 1564        TBS - ok
11:37:08.0068 1564        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:37:08.0092 1564        Tcpip - ok
11:37:08.0200 1564        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:37:08.0214 1564        TCPIP6 - ok
11:37:08.0247 1564        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:37:08.0248 1564        tcpipreg - ok
11:37:08.0251 1564        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:37:08.0252 1564        TDPIPE - ok
11:37:08.0256 1564        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:37:08.0257 1564        TDTCP - ok
11:37:08.0263 1564        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:37:08.0265 1564        tdx - ok
11:37:08.0393 1564        TeamViewer7    (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:37:08.0412 1564        TeamViewer7 - ok
11:37:08.0443 1564        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:37:08.0444 1564        TermDD - ok
11:37:08.0473 1564        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:37:08.0484 1564        TermService - ok
11:37:08.0489 1564        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:37:08.0492 1564        Themes - ok
11:37:08.0498 1564        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:08.0500 1564        THREADORDER - ok
11:37:08.0509 1564        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:37:08.0511 1564        TrkWks - ok
11:37:08.0519 1564        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:37:08.0520 1564        TrustedInstaller - ok
11:37:08.0526 1564        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:08.0527 1564        tssecsrv - ok
11:37:08.0530 1564        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:37:08.0532 1564        TsUsbFlt - ok
11:37:08.0536 1564        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:37:08.0537 1564        TsUsbGD - ok
11:37:08.0544 1564        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:37:08.0546 1564        tunnel - ok
11:37:08.0550 1564        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:37:08.0552 1564        uagp35 - ok
11:37:08.0564 1564        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:37:08.0567 1564        udfs - ok
11:37:08.0574 1564        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:37:08.0576 1564        UI0Detect - ok
11:37:08.0582 1564        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:37:08.0584 1564        uliagpkx - ok
11:37:08.0590 1564        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:37:08.0591 1564        umbus - ok
11:37:08.0594 1564        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:37:08.0595 1564        UmPass - ok
11:37:08.0609 1564        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:37:08.0614 1564        upnphost - ok
11:37:08.0621 1564        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:08.0622 1564        usbccgp - ok
11:37:08.0633 1564        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:37:08.0635 1564        usbcir - ok
11:37:08.0640 1564        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:37:08.0641 1564        usbehci - ok
11:37:08.0656 1564        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:37:08.0660 1564        usbhub - ok
11:37:08.0664 1564        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:37:08.0665 1564        usbohci - ok
11:37:08.0669 1564        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:37:08.0670 1564        usbprint - ok
11:37:08.0676 1564        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:08.0677 1564        USBSTOR - ok
11:37:08.0682 1564        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:37:08.0684 1564        usbuhci - ok
11:37:08.0693 1564        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:37:08.0696 1564        usbvideo - ok
11:37:08.0701 1564        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:37:08.0703 1564        UxSms - ok
11:37:08.0708 1564        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:08.0709 1564        VaultSvc - ok
11:37:08.0725 1564        VBoxDrv        (ed492636ee26ec43daa4baa7ef0da7ad) C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:37:08.0726 1564        VBoxDrv - ok
11:37:08.0744 1564        VBoxNetAdp      (58e2365e7fd880624f648c63c5d22009) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:37:08.0745 1564        VBoxNetAdp - ok
11:37:08.0756 1564        VBoxUSBMon      (99906a079a6c24d4b8b0dbed02b7869b) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:37:08.0757 1564        VBoxUSBMon - ok
11:37:08.0764 1564        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:37:08.0765 1564        vdrvroot - ok
11:37:08.0780 1564        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:37:08.0786 1564        vds - ok
11:37:08.0791 1564        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:08.0793 1564        vga - ok
11:37:08.0796 1564        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:37:08.0797 1564        VgaSave - ok
11:37:08.0812 1564        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\DRIVERS\vhdmp.sys
11:37:08.0814 1564        vhdmp - ok
11:37:08.0818 1564        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:37:08.0820 1564        viaide - ok
11:37:09.0143 1564        VMAuthdService  (94cf2d157c8fd9089afa5da78aa64c65) D:\lolplayer\vmware-authd.exe
11:37:09.0145 1564        VMAuthdService - ok
11:37:09.0165 1564        vmci            (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:37:09.0168 1564        vmci - ok
11:37:09.0182 1564        vmkbd          (0b13268268b3d2c99ba5021593d0f767) C:\Windows\system32\drivers\VMkbd.sys
11:37:09.0184 1564        vmkbd - ok
11:37:09.0193 1564        VMnetAdapter    (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:37:09.0194 1564        VMnetAdapter - ok
11:37:09.0205 1564        VMnetBridge    (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:37:09.0207 1564        VMnetBridge - ok
11:37:09.0213 1564        VMnetDHCP - ok
11:37:09.0224 1564        VMnetuserif    (518d188f04bc4c6ba0581775b9a5ea90) C:\Windows\system32\drivers\vmnetuserif.sys
11:37:09.0225 1564        VMnetuserif - ok
11:37:09.0275 1564        VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:37:09.0284 1564        VMUSBArbService - ok
11:37:09.0293 1564        VMware NAT Service - ok
11:37:09.0307 1564        vmx86          (baf28a75b00b79dc92702af7acffd3e5) C:\Windows\system32\drivers\vmx86.sys
11:37:09.0308 1564        vmx86 - ok
11:37:09.0314 1564        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:37:09.0316 1564        volmgr - ok
11:37:09.0332 1564        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:37:09.0338 1564        volmgrx - ok
11:37:09.0352 1564        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:37:09.0357 1564        volsnap - ok
11:37:09.0375 1564        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:37:09.0379 1564        vsmraid - ok
11:37:09.0439 1564        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:37:09.0464 1564        VSS - ok
11:37:09.0494 1564        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:37:09.0495 1564        vwifibus - ok
11:37:09.0501 1564        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:37:09.0503 1564        vwififlt - ok
11:37:09.0509 1564        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:37:09.0511 1564        vwifimp - ok
11:37:09.0528 1564        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:37:09.0535 1564        W32Time - ok
11:37:09.0543 1564        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:37:09.0545 1564        WacomPen - ok
11:37:09.0553 1564        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:09.0555 1564        WANARP - ok
11:37:09.0558 1564        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:09.0559 1564        Wanarpv6 - ok
11:37:09.0574 1564        watchmi        (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
11:37:09.0575 1564        watchmi - ok
11:37:09.0632 1564        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:37:09.0654 1564        wbengine - ok
11:37:09.0683 1564        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:37:09.0687 1564        WbioSrvc - ok
11:37:09.0700 1564        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:37:09.0706 1564        wcncsvc - ok
11:37:09.0711 1564        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:37:09.0713 1564        WcsPlugInService - ok
11:37:09.0724 1564        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:37:09.0726 1564        Wd - ok
11:37:09.0752 1564        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:37:09.0760 1564        Wdf01000 - ok
11:37:09.0768 1564        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:37:09.0771 1564        WdiServiceHost - ok
11:37:09.0774 1564        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:37:09.0777 1564        WdiSystemHost - ok
11:37:09.0789 1564        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:37:09.0794 1564        WebClient - ok
11:37:09.0807 1564        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:37:09.0813 1564        Wecsvc - ok
11:37:09.0820 1564        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:37:09.0823 1564        wercplsupport - ok
11:37:09.0831 1564        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:37:09.0835 1564        WerSvc - ok
11:37:09.0847 1564        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:37:09.0848 1564        WfpLwf - ok
11:37:09.0853 1564        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:37:09.0855 1564        WIMMount - ok
11:37:09.0860 1564        WinDefend - ok
11:37:09.0867 1564        WinHttpAutoProxySvc - ok
11:37:09.0884 1564        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:37:09.0887 1564        Winmgmt - ok
11:37:09.0954 1564        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:37:09.0977 1564        WinRM - ok
11:37:10.0014 1564        WinUSB          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
11:37:10.0016 1564        WinUSB - ok
11:37:10.0042 1564        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:37:10.0051 1564        Wlansvc - ok
11:37:10.0059 1564        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:37:10.0061 1564        wlcrasvc - ok
11:37:10.0121 1564        wlidsvc        (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:37:10.0131 1564        wlidsvc - ok
11:37:10.0158 1564        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:37:10.0159 1564        WmiAcpi - ok
11:37:10.0174 1564        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:37:10.0177 1564        wmiApSrv - ok
11:37:10.0183 1564        WMPNetworkSvc - ok
11:37:10.0187 1564        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:37:10.0190 1564        WPCSvc - ok
11:37:10.0197 1564        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:37:10.0200 1564        WPDBusEnum - ok
11:37:10.0205 1564        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:37:10.0206 1564        ws2ifsl - ok
11:37:10.0213 1564        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:37:10.0216 1564        wscsvc - ok
11:37:10.0219 1564        WSearch - ok
11:37:10.0229 1564        wsvd            (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
11:37:10.0232 1564        wsvd - ok
11:37:10.0334 1564        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:37:10.0363 1564        wuauserv - ok
11:37:10.0400 1564        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:37:10.0403 1564        WudfPf - ok
11:37:10.0419 1564        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:37:10.0423 1564        WUDFRd - ok
11:37:10.0431 1564        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:37:10.0435 1564        wudfsvc - ok
11:37:10.0447 1564        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:37:10.0453 1564        WwanSvc - ok
11:37:10.0469 1564        MBR (0x1B8)    (4f8aa8c9692c179b2e9b4211951a7a17) \Device\Harddisk0\DR0
11:37:12.0281 1564        \Device\Harddisk0\DR0 - ok
11:37:12.0568 1564        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:37:12.0573 1564        \Device\Harddisk1\DR1 - ok
11:37:12.0579 1564        Boot (0x1200)  (e1da271c95f85fff2e544e4bf404d60b) \Device\Harddisk0\DR0\Partition0
11:37:12.0582 1564        \Device\Harddisk0\DR0\Partition0 - ok
11:37:12.0586 1564        Boot (0x1200)  (98b28a0c5748267f683ccab02a22c671) \Device\Harddisk0\DR0\Partition1
11:37:12.0588 1564        \Device\Harddisk0\DR0\Partition1 - ok
11:37:12.0594 1564        Boot (0x1200)  (98a273af72666909c2c295fd57b39090) \Device\Harddisk1\DR1\Partition0
11:37:12.0596 1564        \Device\Harddisk1\DR1\Partition0 - ok
11:37:12.0616 1564        Boot (0x1200)  (2e7c58836535a7fd47b70a467fbff6c4) \Device\Harddisk1\DR1\Partition1
11:37:12.0619 1564        \Device\Harddisk1\DR1\Partition1 - ok
11:37:12.0619 1564        ============================================================
11:37:12.0619 1564        Scan finished
11:37:12.0620 1564        ============================================================
11:37:12.0634 1380        Detected object count: 0
11:37:12.0634 1380        Actual detected object count: 0
11:38:38.0328 3380        ============================================================
11:38:38.0328 3380        Scan started
11:38:38.0328 3380        Mode: Manual;
11:38:38.0328 3380        ============================================================
11:38:38.0438 3380        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:38:38.0439 3380        1394ohci - ok
11:38:38.0452 3380        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:38:38.0453 3380        ACPI - ok
11:38:38.0456 3380        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:38:38.0456 3380        AcpiPmi - ok
11:38:38.0471 3380        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:38:38.0472 3380        AdobeARMservice - ok
11:38:38.0522 3380        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:38:38.0526 3380        AdobeFlashPlayerUpdateSvc - ok
11:38:38.0549 3380        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:38:38.0552 3380        adp94xx - ok
11:38:38.0568 3380        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:38:38.0570 3380        adpahci - ok
11:38:38.0586 3380        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:38:38.0587 3380        adpu320 - ok
11:38:38.0594 3380        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:38:38.0595 3380        AeLookupSvc - ok
11:38:38.0610 3380        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:38:38.0614 3380        AFD - ok
11:38:38.0620 3380        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:38:38.0621 3380        agp440 - ok
11:38:38.0627 3380        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:38:38.0628 3380        ALG - ok
11:38:38.0630 3380        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:38:38.0631 3380        aliide - ok
11:38:38.0633 3380        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:38:38.0633 3380        amdide - ok
11:38:38.0638 3380        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:38:38.0638 3380        AmdK8 - ok
11:38:38.0642 3380        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:38:38.0643 3380        AmdPPM - ok
11:38:38.0648 3380        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:38:38.0649 3380        amdsata - ok
11:38:38.0656 3380        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:38:38.0657 3380        amdsbs - ok
11:38:38.0661 3380        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:38:38.0661 3380        amdxata - ok
11:38:38.0673 3380        AMPPAL          (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
11:38:38.0674 3380        AMPPAL - ok
11:38:38.0677 3380        AMPPALP        (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
11:38:38.0678 3380        AMPPALP - ok
11:38:38.0713 3380        AMPPALR3        (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:38:38.0720 3380        AMPPALR3 - ok
11:38:38.0722 3380        Apache2.2      (f41e453a90ef19217cee1675f5256ee7) D:\xampp\apache\bin\httpd.exe
11:38:38.0723 3380        Apache2.2 - ok
11:38:38.0754 3380        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:38:38.0754 3380        AppID - ok
11:38:38.0759 3380        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:38:38.0759 3380        AppIDSvc - ok
11:38:38.0765 3380        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:38:38.0766 3380        Appinfo - ok
11:38:38.0773 3380        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:38:38.0774 3380        arc - ok
11:38:38.0780 3380        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:38:38.0781 3380        arcsas - ok
11:38:38.0796 3380        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:38:38.0797 3380        aspnet_state - ok
11:38:38.0800 3380        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:38:38.0800 3380        AsyncMac - ok
11:38:38.0804 3380        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:38:38.0804 3380        atapi - ok
11:38:38.0826 3380        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:38:38.0830 3380        AudioEndpointBuilder - ok
11:38:38.0836 3380        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:38:38.0840 3380        AudioSrv - ok
11:38:38.0867 3380        AVP            (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
11:38:38.0869 3380        AVP - ok
11:38:38.0877 3380        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:38:38.0879 3380        AxInstSV - ok
11:38:38.0899 3380        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:38:38.0902 3380        b06bdrv - ok
11:38:38.0914 3380        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:38:38.0916 3380        b57nd60a - ok
11:38:38.0925 3380        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:38:38.0926 3380        BDESVC - ok
11:38:38.0928 3380        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:38:38.0929 3380        Beep - ok
11:38:38.0953 3380        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:38:38.0957 3380        BFE - ok
11:38:38.0988 3380        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:38:38.0995 3380        BITS - ok
11:38:39.0005 3380        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:38:39.0006 3380        blbdrive - ok
11:38:39.0037 3380        Bluetooth Device Monitor (55b0c8441de7d91a819a39d0351154a2) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:38:39.0043 3380        Bluetooth Device Monitor - ok
11:38:39.0088 3380        Bluetooth Media Service (7e262330df0c4be4ece853b59b9cbe4c) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:38:39.0097 3380        Bluetooth Media Service - ok
11:38:39.0128 3380        Bluetooth OBEX Service (8bf4b9956e13871a88a3810074e2e110) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:38:39.0133 3380        Bluetooth OBEX Service - ok
11:38:39.0160 3380        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:38:39.0161 3380        bowser - ok
11:38:39.0163 3380        BRA_Scheduler  (05c9416889b03877781712ebb41cafee) D:\MFC\bratimer.exe
11:38:39.0164 3380        BRA_Scheduler - ok
11:38:39.0167 3380        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:38:39.0168 3380        BrFiltLo - ok
11:38:39.0170 3380        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:38:39.0171 3380        BrFiltUp - ok
11:38:39.0178 3380        Bridge          (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:38:39.0179 3380        Bridge - ok
11:38:39.0182 3380        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:38:39.0182 3380        BridgeMP - ok
11:38:39.0190 3380        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:38:39.0191 3380        Browser - ok
11:38:39.0203 3380        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:38:39.0204 3380        Brserid - ok
11:38:39.0211 3380        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:38:39.0212 3380        BrSerWdm - ok
11:38:39.0215 3380        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:38:39.0215 3380        BrUsbMdm - ok
11:38:39.0217 3380        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:38:39.0218 3380        BrUsbSer - ok
11:38:39.0222 3380        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:38:39.0223 3380        BthEnum - ok
11:38:39.0230 3380        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:38:39.0231 3380        BTHMODEM - ok
11:38:39.0246 3380        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:38:39.0247 3380        BthPan - ok
11:38:39.0265 3380        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:38:39.0268 3380        BTHPORT - ok
11:38:39.0274 3380        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:38:39.0275 3380        bthserv - ok
11:38:39.0283 3380        BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:38:39.0284 3380        BTHSSecurityMgr - ok
11:38:39.0289 3380        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:38:39.0290 3380        BTHUSB - ok
11:38:39.0295 3380        btmaux          (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys
11:38:39.0295 3380        btmaux - ok
11:38:39.0307 3380        btmhsf          (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
11:38:39.0309 3380        btmhsf - ok
11:38:39.0335 3380        bwmservice      (ea48ac703a9f412a42bfca2fc048b63c) C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe
11:38:39.0338 3380        bwmservice - ok
11:38:39.0340 3380        catchme - ok
11:38:39.0347 3380        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:38:39.0347 3380        cdfs - ok
11:38:39.0355 3380        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:38:39.0356 3380        cdrom - ok
11:38:39.0361 3380        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:38:39.0362 3380        CertPropSvc - ok
11:38:39.0366 3380        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:38:39.0367 3380        circlass - ok
11:38:39.0380 3380        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:38:39.0382 3380        CLFS - ok
11:38:39.0398 3380        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:38:39.0399 3380        clr_optimization_v2.0.50727_32 - ok
11:38:39.0407 3380        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:38:39.0408 3380        clr_optimization_v2.0.50727_64 - ok
11:38:39.0419 3380        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:38:39.0420 3380        clr_optimization_v4.0.30319_32 - ok
11:38:39.0434 3380        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:38:39.0435 3380        clr_optimization_v4.0.30319_64 - ok
11:38:39.0437 3380        clwvd - ok
11:38:39.0440 3380        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:38:39.0440 3380        CmBatt - ok
11:38:39.0443 3380        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:38:39.0444 3380        cmdide - ok
11:38:39.0464 3380        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:38:39.0466 3380        CNG - ok
11:38:39.0469 3380        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:38:39.0470 3380        Compbatt - ok
11:38:39.0473 3380        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:38:39.0473 3380        CompositeBus - ok
11:38:39.0475 3380        COMSysApp - ok
11:38:39.0478 3380        copperhd        (44622785d2d2dd8b13e6dc969b6e34a4) C:\Windows\system32\drivers\copperhd.sys
11:38:39.0479 3380        copperhd - ok
11:38:39.0482 3380        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:38:39.0482 3380        crcdisk - ok
11:38:39.0491 3380        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:38:39.0492 3380        CryptSvc - ok
11:38:39.0527 3380        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:38:39.0530 3380        cvhsvc - ok
11:38:39.0548 3380        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:38:39.0551 3380        DcomLaunch - ok
11:38:39.0563 3380        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:38:39.0566 3380        defragsvc - ok
11:38:39.0578 3380        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:38:39.0579 3380        DfsC - ok
11:38:39.0590 3380        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:38:39.0592 3380        Dhcp - ok
11:38:39.0596 3380        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:38:39.0596 3380        discache - ok
11:38:39.0603 3380        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:38:39.0603 3380        Disk - ok
11:38:39.0612 3380        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:38:39.0613 3380        Dnscache - ok
11:38:39.0624 3380        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:38:39.0626 3380        dot3svc - ok
11:38:39.0634 3380        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:38:39.0635 3380        DPS - ok
11:38:39.0637 3380        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:38:39.0638 3380        drmkaud - ok
11:38:39.0656 3380        dtsoftbus01    (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:38:39.0657 3380        dtsoftbus01 - ok
11:38:39.0688 3380        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:38:39.0694 3380        DXGKrnl - ok
11:38:39.0696 3380        EagleX64 - ok
11:38:39.0704 3380        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:38:39.0706 3380        EapHost - ok
11:38:39.0824 3380        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:38:39.0838 3380        ebdrv - ok
11:38:39.0867 3380        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:38:39.0868 3380        EFS - ok
11:38:39.0905 3380        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:38:39.0908 3380        ehRecvr - ok
11:38:39.0914 3380        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:38:39.0915 3380        ehSched - ok
11:38:39.0944 3380        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:38:39.0948 3380        elxstor - ok
11:38:39.0952 3380        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:38:39.0953 3380        ErrDev - ok
11:38:39.0973 3380        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:38:39.0976 3380        EventSystem - ok
11:38:40.0028 3380        EvtEng          (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:38:40.0036 3380        EvtEng - ok
11:38:40.0071 3380        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:38:40.0073 3380        exfat - ok
11:38:40.0083 3380        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:38:40.0085 3380        fastfat - ok
11:38:40.0109 3380        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:38:40.0114 3380        Fax - ok
11:38:40.0119 3380        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:38:40.0120 3380        fdc - ok
11:38:40.0123 3380        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:38:40.0124 3380        fdPHost - ok
11:38:40.0129 3380        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:38:40.0130 3380        FDResPub - ok
11:38:40.0135 3380        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:38:40.0136 3380        FileInfo - ok
11:38:40.0139 3380        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:38:40.0140 3380        Filetrace - ok
11:38:40.0146 3380        FileZilla Server (bf72c20b44b85fd030aeaa721e35d512) D:\xampp\FileZillaFTP\FileZillaServer.exe
11:38:40.0150 3380        FileZilla Server - ok
11:38:40.0154 3380        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:38:40.0154 3380        flpydisk - ok
11:38:40.0166 3380        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:38:40.0167 3380        FltMgr - ok
11:38:40.0207 3380        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:38:40.0212 3380        FontCache - ok
11:38:40.0219 3380        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:38:40.0220 3380        FontCache3.0.0.0 - ok
11:38:40.0231 3380        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:38:40.0232 3380        FsDepends - ok
11:38:40.0235 3380        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:38:40.0235 3380        Fs_Rec - ok
11:38:40.0245 3380        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:38:40.0247 3380        fvevol - ok
11:38:40.0253 3380        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:38:40.0253 3380        gagp30kx - ok
11:38:40.0281 3380        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:38:40.0287 3380        gpsvc - ok
11:38:40.0293 3380        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
11:38:40.0294 3380        hamachi - ok
11:38:40.0301 3380        hcmon          (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:38:40.0302 3380        hcmon - ok
11:38:40.0310 3380        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:38:40.0310 3380        hcw85cir - ok
11:38:40.0323 3380        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:38:40.0325 3380        HdAudAddService - ok
11:38:40.0333 3380        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:38:40.0333 3380        HDAudBus - ok
11:38:40.0337 3380        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:38:40.0337 3380        HidBatt - ok
11:38:40.0344 3380        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:38:40.0344 3380        HidBth - ok
11:38:40.0349 3380        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:38:40.0349 3380        HidIr - ok
11:38:40.0353 3380        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:38:40.0353 3380        hidserv - ok
11:38:40.0357 3380        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:38:40.0357 3380        HidUsb - ok
11:38:40.0358 3380        HiPatchService  (7388756bc5f9fe857c400e340b878af2) D:\Smite\HiPatchService.exe
11:38:40.0359 3380        HiPatchService - ok
11:38:40.0366 3380        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:38:40.0367 3380        hkmsvc - ok
11:38:40.0377 3380        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:38:40.0379 3380        HomeGroupListener - ok
11:38:40.0388 3380        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:38:40.0389 3380        HomeGroupProvider - ok
11:38:40.0395 3380        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:38:40.0396 3380        HpSAMD - ok
11:38:40.0413 3380        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:38:40.0417 3380        HTTP - ok
11:38:40.0420 3380        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:38:40.0420 3380        hwpolicy - ok
11:38:40.0426 3380        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:38:40.0427 3380        i8042prt - ok
11:38:40.0444 3380        iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
11:38:40.0447 3380        iaStor - ok
11:38:40.0454 3380        IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:38:40.0455 3380        IAStorDataMgrSvc - ok
11:38:40.0471 3380        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:38:40.0473 3380        iaStorV - ok
11:38:40.0485 3380        iBtFltCoex      (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:38:40.0486 3380        iBtFltCoex - ok
11:38:40.0517 3380        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:38:40.0522 3380        idsvc - ok
11:38:40.0702 3380        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:38:40.0728 3380        igfx - ok
11:38:40.0758 3380        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:38:40.0759 3380        iirsp - ok
11:38:40.0793 3380        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:38:40.0800 3380        IKEEXT - ok
11:38:40.0906 3380        IntcAzAudAddService (98f4e841ea43ed5a442f0dc60cab4326) C:\Windows\system32\drivers\RTKVHD64.sys
11:38:40.0919 3380        IntcAzAudAddService - ok
11:38:40.0950 3380        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:38:40.0950 3380        intelide - ok
11:38:40.0956 3380        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:38:40.0957 3380        intelppm - ok
11:38:40.0961 3380        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:38:40.0962 3380        IPBusEnum - ok
11:38:40.0967 3380        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:38:40.0968 3380        IpFilterDriver - ok
11:38:40.0988 3380        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:38:40.0991 3380        iphlpsvc - ok
11:38:40.0998 3380        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:38:40.0999 3380        IPMIDRV - ok
11:38:41.0006 3380        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:38:41.0007 3380        IPNAT - ok
11:38:41.0010 3380        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:38:41.0010 3380        IRENUM - ok
11:38:41.0015 3380        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:38:41.0016 3380        isapnp - ok
11:38:41.0031 3380        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:38:41.0032 3380        iScsiPrt - ok
11:38:41.0037 3380        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:38:41.0038 3380        kbdclass - ok
11:38:41.0042 3380        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:38:41.0043 3380        kbdhid - ok
11:38:41.0048 3380        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:41.0049 3380        KeyIso - ok
11:38:41.0069 3380        KL1            (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
11:38:41.0071 3380        KL1 - ok
11:38:41.0075 3380        kl2            (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
11:38:41.0075 3380        kl2 - ok
11:38:41.0100 3380        KLIF            (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
11:38:41.0104 3380        KLIF - ok
11:38:41.0109 3380        KLIM6          (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
11:38:41.0110 3380        KLIM6 - ok
11:38:41.0114 3380        klmouflt        (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
11:38:41.0114 3380        klmouflt - ok
11:38:41.0125 3380        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:38:41.0126 3380        KSecDD - ok
11:38:41.0141 3380        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:38:41.0142 3380        KSecPkg - ok
11:38:41.0146 3380        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:38:41.0146 3380        ksthunk - ok
11:38:41.0161 3380        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:38:41.0164 3380        KtmRm - ok
11:38:41.0174 3380        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:38:41.0177 3380        LanmanServer - ok
11:38:41.0186 3380        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:38:41.0188 3380        LanmanWorkstation - ok
11:38:41.0195 3380        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:38:41.0196 3380        lltdio - ok
11:38:41.0208 3380        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:38:41.0211 3380        lltdsvc - ok
11:38:41.0214 3380        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:38:41.0215 3380        lmhosts - ok
11:38:41.0224 3380        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:38:41.0225 3380        LSI_FC - ok
11:38:41.0233 3380        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:38:41.0234 3380        LSI_SAS - ok
11:38:41.0239 3380        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:38:41.0240 3380        LSI_SAS2 - ok
11:38:41.0249 3380        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:38:41.0250 3380        LSI_SCSI - ok
11:38:41.0257 3380        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:38:41.0258 3380        luafv - ok
11:38:41.0266 3380        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:38:41.0268 3380        Mcx2Svc - ok
11:38:41.0272 3380        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:38:41.0273 3380        megasas - ok
11:38:41.0285 3380        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:38:41.0286 3380        MegaSR - ok
11:38:41.0292 3380        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
11:38:41.0293 3380        MEIx64 - ok
11:38:41.0303 3380        Micro Star SCM  (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
11:38:41.0304 3380        Micro Star SCM - ok
11:38:41.0310 3380        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:38:41.0312 3380        MMCSS - ok
11:38:41.0316 3380        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:38:41.0317 3380        Modem - ok
11:38:41.0319 3380        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:38:41.0320 3380        monitor - ok
11:38:41.0329 3380        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:38:41.0330 3380        mouclass - ok
11:38:41.0335 3380        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:38:41.0336 3380        mouhid - ok
11:38:41.0342 3380        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:38:41.0343 3380        mountmgr - ok
11:38:41.0350 3380        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:38:41.0351 3380        MozillaMaintenance - ok
11:38:41.0359 3380        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:38:41.0360 3380        mpio - ok
11:38:41.0366 3380        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:38:41.0367 3380        mpsdrv - ok
11:38:41.0394 3380        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:38:41.0400 3380        MpsSvc - ok
11:38:41.0408 3380        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:38:41.0410 3380        MRxDAV - ok
11:38:41.0417 3380        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:38:41.0419 3380        mrxsmb - ok
11:38:41.0430 3380        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:38:41.0432 3380        mrxsmb10 - ok
11:38:41.0440 3380        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:38:41.0441 3380        mrxsmb20 - ok
11:38:41.0446 3380        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:38:41.0446 3380        msahci - ok
11:38:41.0455 3380        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:38:41.0456 3380        msdsm - ok
11:38:41.0463 3380        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:38:41.0465 3380        MSDTC - ok
11:38:41.0472 3380        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:38:41.0472 3380        Msfs - ok
11:38:41.0475 3380        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:38:41.0475 3380        mshidkmdf - ok
11:38:41.0479 3380        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:38:41.0480 3380        msisadrv - ok
11:38:41.0487 3380        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:38:41.0488 3380        MSiSCSI - ok
11:38:41.0491 3380        msiserver - ok
11:38:41.0495 3380        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:38:41.0495 3380        MSKSSRV - ok
11:38:41.0498 3380        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:38:41.0498 3380        MSPCLOCK - ok
11:38:41.0501 3380        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:38:41.0502 3380        MSPQM - ok
11:38:41.0516 3380        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:38:41.0518 3380        MsRPC - ok
11:38:41.0524 3380        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:38:41.0525 3380        mssmbios - ok
11:38:41.0527 3380        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:38:41.0528 3380        MSTEE - ok
11:38:41.0531 3380        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:38:41.0532 3380        MTConfig - ok
11:38:41.0537 3380        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:38:41.0538 3380        Mup - ok
11:38:41.0539 3380        mysql - ok
11:38:41.0557 3380        MyWiFiDHCPDNS  (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:38:41.0559 3380        MyWiFiDHCPDNS - ok
11:38:41.0580 3380        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:38:41.0584 3380        napagent - ok
11:38:41.0600 3380        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:38:41.0602 3380        NativeWifiP - ok
11:38:41.0637 3380        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:38:41.0644 3380        NDIS - ok
11:38:41.0650 3380        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:38:41.0650 3380        NdisCap - ok
11:38:41.0654 3380        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:38:41.0654 3380        NdisTapi - ok
11:38:41.0657 3380        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:38:41.0658 3380        Ndisuio - ok
11:38:41.0666 3380        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:38:41.0667 3380        NdisWan - ok
11:38:41.0672 3380        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:38:41.0673 3380        NDProxy - ok
11:38:41.0676 3380        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:38:41.0676 3380        NetBIOS - ok
11:38:41.0687 3380        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:38:41.0688 3380        NetBT - ok
11:38:41.0693 3380        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:41.0694 3380        Netlogon - ok
11:38:41.0709 3380        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:38:41.0712 3380        Netman - ok
11:38:41.0728 3380        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0729 3380        NetMsmqActivator - ok
11:38:41.0731 3380        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0732 3380        NetPipeActivator - ok
11:38:41.0749 3380        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:38:41.0752 3380        netprofm - ok
11:38:41.0754 3380        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0755 3380        NetTcpActivator - ok
11:38:41.0757 3380        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0758 3380        NetTcpPortSharing - ok
11:38:42.0032 3380        NETwNs64        (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:38:42.0068 3380        NETwNs64 - ok
11:38:42.0101 3380        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:38:42.0102 3380        nfrd960 - ok
11:38:42.0114 3380        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:38:42.0117 3380        NlaSvc - ok
11:38:42.0122 3380        NLNdisMP        (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:38:42.0123 3380        NLNdisMP - ok
11:38:42.0124 3380        NLNdisPT        (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:38:42.0125 3380        NLNdisPT - ok
11:38:42.0195 3380        nlsvc          (6988373e38223438b09f0c27d7e67393) C:\Program Files\NetLimiter 3\nlsvc.exe
11:38:42.0208 3380        nlsvc - ok
11:38:42.0224 3380        nltdi          (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
11:38:42.0225 3380        nltdi - ok
11:38:42.0254 3380        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:38:42.0255 3380        Npfs - ok
11:38:42.0261 3380        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:38:42.0263 3380        nsi - ok
11:38:42.0267 3380        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:38:42.0268 3380        nsiproxy - ok
11:38:42.0335 3380        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:38:42.0349 3380        Ntfs - ok
11:38:42.0379 3380        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:38:42.0380 3380        Null - ok
11:38:42.0388 3380        nusb3hub        (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
11:38:42.0389 3380        nusb3hub - ok
11:38:42.0403 3380        nusb3xhc        (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
11:38:42.0405 3380        nusb3xhc - ok
11:38:42.0422 3380        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
11:38:42.0424 3380        NVHDA - ok
11:38:42.0863 3380        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:38:42.0923 3380        nvlddmkm - ok
11:38:42.0956 3380        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:38:42.0957 3380        nvraid - ok
11:38:42.0965 3380        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:38:42.0965 3380        nvstor - ok
11:38:43.0010 3380        NVSvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
11:38:43.0021 3380        NVSvc - ok
11:38:43.0075 3380        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:38:43.0089 3380        nvUpdatusService - ok
11:38:43.0127 3380        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:38:43.0128 3380        nv_agp - ok
11:38:43.0135 3380        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:38:43.0135 3380        ohci1394 - ok
11:38:43.0147 3380        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:38:43.0148 3380        ose - ok
11:38:43.0318 3380        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:38:43.0344 3380        osppsvc - ok
11:38:43.0374 3380        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:38:43.0377 3380        p2pimsvc - ok
11:38:43.0393 3380        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:38:43.0396 3380        p2psvc - ok
11:38:43.0414 3380        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:38:43.0414 3380        Parport - ok
11:38:43.0425 3380        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:38:43.0426 3380        partmgr - ok
11:38:43.0433 3380        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:38:43.0435 3380        PcaSvc - ok
11:38:43.0444 3380        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:38:43.0445 3380        pci - ok
11:38:43.0448 3380        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:38:43.0448 3380        pciide - ok
11:38:43.0457 3380        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:38:43.0458 3380        pcmcia - ok
11:38:43.0464 3380        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:38:43.0465 3380        pcw - ok
11:38:43.0485 3380        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:38:43.0488 3380        PEAUTH - ok
11:38:43.0508 3380        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:38:43.0509 3380        PerfHost - ok
11:38:43.0559 3380        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:38:43.0571 3380        pla - ok
11:38:43.0588 3380        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:38:43.0591 3380        PlugPlay - ok
11:38:43.0596 3380        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:38:43.0597 3380        PNRPAutoReg - ok
11:38:43.0616 3380        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:38:43.0619 3380        PNRPsvc - ok
11:38:43.0635 3380        Point64        (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
11:38:43.0636 3380        Point64 - ok
11:38:43.0659 3380        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:38:43.0661 3380        PolicyAgent - ok
11:38:43.0677 3380        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:38:43.0679 3380        Power - ok
11:38:43.0685 3380        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:38:43.0686 3380        PptpMiniport - ok
11:38:43.0691 3380        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:38:43.0691 3380        Processor - ok
11:38:43.0703 3380        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:38:43.0705 3380        ProfSvc - ok
11:38:43.0711 3380        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:43.0712 3380        ProtectedStorage - ok
11:38:43.0720 3380        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:38:43.0721 3380        Psched - ok
11:38:43.0772 3380        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:38:43.0785 3380        ql2300 - ok
11:38:43.0815 3380        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:38:43.0816 3380        ql40xx - ok
11:38:43.0825 3380        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:38:43.0828 3380        QWAVE - ok
11:38:43.0833 3380        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:38:43.0834 3380        QWAVEdrv - ok
11:38:43.0836 3380        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:38:43.0836 3380        RasAcd - ok
11:38:43.0841 3380        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:38:43.0842 3380        RasAgileVpn - ok
11:38:43.0848 3380        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:38:43.0850 3380        RasAuto - ok
11:38:43.0858 3380        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:38:43.0858 3380        Rasl2tp - ok
11:38:43.0868 3380        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:38:43.0870 3380        RasMan - ok
11:38:43.0875 3380        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:38:43.0876 3380        RasPppoe - ok
11:38:43.0881 3380        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:38:43.0882 3380        RasSstp - ok
11:38:43.0894 3380        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:38:43.0896 3380        rdbss - ok
11:38:43.0900 3380        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:38:43.0901 3380        rdpbus - ok
11:38:43.0903 3380        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:38:43.0904 3380        RDPCDD - ok
11:38:43.0907 3380        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:38:43.0907 3380        RDPENCDD - ok
11:38:43.0911 3380        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:38:43.0911 3380        RDPREFMP - ok
11:38:43.0924 3380        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:38:43.0925 3380        RDPWD - ok
11:38:43.0934 3380        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:38:43.0936 3380        rdyboost - ok
11:38:43.0964 3380        RegSrvc        (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:38:43.0969 3380        RegSrvc - ok
11:38:43.0977 3380        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:38:43.0979 3380        RemoteAccess - ok
11:38:43.0988 3380        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:38:43.0991 3380        RemoteRegistry - ok
11:38:44.0009 3380        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:38:44.0010 3380        RFCOMM - ok
11:38:44.0016 3380        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:38:44.0017 3380        RpcEptMapper - ok
11:38:44.0020 3380        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:38:44.0021 3380        RpcLocator - ok
11:38:44.0038 3380        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:38:44.0041 3380        RpcSs - ok
11:38:44.0047 3380        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:38:44.0048 3380        rspndr - ok
11:38:44.0061 3380        RSUSBVSTOR      (e54a5586a28d0630a79a68bbab84bfcf) C:\Windows\System32\Drivers\RtsUVStor.sys
11:38:44.0062 3380        RSUSBVSTOR - ok
11:38:44.0076 3380        RTL8167        (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:38:44.0078 3380        RTL8167 - ok
11:38:44.0102 3380        RTL8192su      (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:38:44.0105 3380        RTL8192su - ok
11:38:44.0113 3380        rzudd          (a237566b5a53d17d8348334853f11b38) C:\Windows\system32\DRIVERS\rzudd.sys
11:38:44.0113 3380        rzudd - ok
11:38:44.0118 3380        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:44.0119 3380        SamSs - ok
11:38:44.0125 3380        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:38:44.0126 3380        sbp2port - ok
11:38:44.0135 3380        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:38:44.0137 3380        SCardSvr - ok
11:38:44.0151 3380        SCDEmu          (3ac948640421e3891a49aa83c6b77b7a) C:\Windows\system32\drivers\SCDEmu.sys
11:38:44.0152 3380        SCDEmu - ok
11:38:44.0156 3380        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:38:44.0156 3380        scfilter - ok
11:38:44.0185 3380        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:38:44.0191 3380        Schedule - ok
11:38:44.0198 3380        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:38:44.0199 3380        SCPolicySvc - ok
11:38:44.0213 3380        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:38:44.0215 3380        SDRSVC - ok
11:38:44.0225 3380        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:38:44.0225 3380        secdrv - ok
11:38:44.0230 3380        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:38:44.0231 3380        seclogon - ok
11:38:44.0238 3380        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:38:44.0239 3380        SENS - ok
11:38:44.0244 3380        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:38:44.0245 3380        SensrSvc - ok
11:38:44.0249 3380        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:38:44.0250 3380        Serenum - ok
11:38:44.0260 3380        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:38:44.0261 3380        Serial - ok
11:38:44.0265 3380        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:38:44.0265 3380        sermouse - ok
11:38:44.0275 3380        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:38:44.0277 3380        SessionEnv - ok
11:38:44.0279 3380        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:38:44.0280 3380        sffdisk - ok
11:38:44.0283 3380        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:38:44.0283 3380        sffp_mmc - ok
11:38:44.0286 3380        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:38:44.0287 3380        sffp_sd - ok
11:38:44.0290 3380        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:38:44.0291 3380        sfloppy - ok
11:38:44.0320 3380        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:38:44.0323 3380        Sftfs - ok
11:38:44.0347 3380        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:38:44.0349 3380        sftlist - ok
11:38:44.0365 3380        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:38:44.0366 3380        Sftplay - ok
11:38:44.0373 3380        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:38:44.0373 3380        Sftredir - ok
11:38:44.0376 3380        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:38:44.0377 3380        Sftvol - ok
11:38:44.0389 3380        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:38:44.0391 3380        sftvsa - ok
11:38:44.0405 3380        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:38:44.0407 3380        SharedAccess - ok
11:38:44.0421 3380        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:38:44.0424 3380        ShellHWDetection - ok
11:38:44.0429 3380        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:38:44.0430 3380        SiSRaid2 - ok
11:38:44.0436 3380        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:38:44.0436 3380        SiSRaid4 - ok
11:38:44.0449 3380        SkypeUpdate    (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:38:44.0449 3380        SkypeUpdate - ok
11:38:44.0456 3380        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:38:44.0457 3380        Smb - ok
11:38:44.0462 3380        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:38:44.0463 3380        SNMPTRAP - ok
11:38:44.0482 3380        speedfan        (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
11:38:44.0482 3380        speedfan - ok
11:38:44.0488 3380        spfdrv          (6fdc40a0fb834de6b03e596b3734e25a) C:\Windows\system32\DRIVERS\spfdrv.sys
11:38:44.0489 3380        spfdrv - ok
11:38:44.0493 3380        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:38:44.0493 3380        spldr - ok
11:38:44.0512 3380        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:38:44.0516 3380        Spooler - ok
11:38:44.0633 3380        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:38:44.0657 3380        sppsvc - ok
11:38:44.0681 3380        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:38:44.0682 3380        sppuinotify - ok
11:38:44.0703 3380        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:38:44.0706 3380        srv - ok
11:38:44.0722 3380        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:38:44.0725 3380        srv2 - ok
11:38:44.0734 3380        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:38:44.0735 3380        srvnet - ok
11:38:44.0746 3380        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:38:44.0748 3380        SSDPSRV - ok
11:38:44.0756 3380        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:38:44.0757 3380        SstpSvc - ok
11:38:44.0763 3380        Steam Client Service - ok
11:38:44.0770 3380        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:38:44.0770 3380        stexstor - ok
11:38:44.0791 3380        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:38:44.0796 3380        stisvc - ok
11:38:44.0800 3380        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:38:44.0801 3380        swenum - ok
11:38:44.0819 3380        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:38:44.0823 3380        swprv - ok
11:38:44.0872 3380        SynTP          (f4db1d9e6a42d491f0f8e21854301c0b) C:\Windows\system32\drivers\SynTP.sys
11:38:44.0884 3380        SynTP - ok
11:38:44.0970 3380        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:38:44.0987 3380        SysMain - ok
11:38:45.0017 3380        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:38:45.0019 3380        TabletInputService - ok
11:38:45.0033 3380        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:38:45.0037 3380        TapiSrv - ok
11:38:45.0044 3380        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:38:45.0046 3380        TBS - ok
11:38:45.0131 3380        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:38:45.0144 3380        Tcpip - ok
11:38:45.0239 3380        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:38:45.0253 3380        TCPIP6 - ok
11:38:45.0288 3380        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:38:45.0288 3380        tcpipreg - ok
11:38:45.0292 3380        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:38:45.0292 3380        TDPIPE - ok
11:38:45.0296 3380        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:38:45.0297 3380        TDTCP - ok
11:38:45.0303 3380        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:38:45.0304 3380        tdx - ok
11:38:45.0435 3380        TeamViewer7    (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:38:45.0450 3380        TeamViewer7 - ok
11:38:45.0483 3380        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:38:45.0484 3380        TermDD - ok
11:38:45.0518 3380        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:38:45.0522 3380        TermService - ok
11:38:45.0528 3380        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:38:45.0530 3380        Themes - ok
11:38:45.0536 3380        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:38:45.0538 3380        THREADORDER - ok
11:38:45.0545 3380        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:38:45.0547 3380        TrkWks - ok
11:38:45.0557 3380        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:38:45.0558 3380        TrustedInstaller - ok
11:38:45.0564 3380        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:38:45.0565 3380        tssecsrv - ok
11:38:45.0568 3380        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:38:45.0569 3380        TsUsbFlt - ok
11:38:45.0573 3380        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:38:45.0573 3380        TsUsbGD - ok
11:38:45.0581 3380        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:38:45.0581 3380        tunnel - ok
11:38:45.0587 3380        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:38:45.0588 3380        uagp35 - ok
11:38:45.0601 3380        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:38:45.0603 3380        udfs - ok
11:38:45.0610 3380        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:38:45.0611 3380        UI0Detect - ok
11:38:45.0617 3380        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:38:45.0618 3380        uliagpkx - ok
11:38:45.0623 3380        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:38:45.0624 3380        umbus - ok
11:38:45.0627 3380        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:38:45.0627 3380        UmPass - ok
11:38:45.0640 3380        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:38:45.0642 3380        upnphost - ok
11:38:45.0650 3380        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:38:45.0651 3380        usbccgp - ok
11:38:45.0658 3380        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:38:45.0659 3380        usbcir - ok
11:38:45.0664 3380        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:38:45.0665 3380        usbehci - ok
11:38:45.0682 3380        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:38:45.0684 3380        usbhub - ok
11:38:45.0688 3380        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:38:45.0689 3380        usbohci - ok
11:38:45.0693 3380        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:38:45.0693 3380        usbprint - ok
11:38:45.0702 3380        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:38:45.0703 3380        USBSTOR - ok
11:38:45.0707 3380        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:38:45.0708 3380        usbuhci - ok
11:38:45.0717 3380        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:38:45.0718 3380        usbvideo - ok
11:38:45.0722 3380        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:38:45.0724 3380        UxSms - ok
11:38:45.0729 3380        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:45.0730 3380        VaultSvc - ok
11:38:45.0746 3380        VBoxDrv        (ed492636ee26ec43daa4baa7ef0da7ad) C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:38:45.0747 3380        VBoxDrv - ok
11:38:45.0760 3380        VBoxNetAdp      (58e2365e7fd880624f648c63c5d22009) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:38:45.0761 3380        VBoxNetAdp - ok
11:38:45.0774 3380        VBoxUSBMon      (99906a079a6c24d4b8b0dbed02b7869b) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:38:45.0774 3380        VBoxUSBMon - ok
11:38:45.0784 3380        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:38:45.0784 3380        vdrvroot - ok
11:38:45.0803 3380        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:38:45.0807 3380        vds - ok
11:38:45.0812 3380        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:38:45.0813 3380        vga - ok
11:38:45.0816 3380        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:38:45.0816 3380        VgaSave - ok
11:38:45.0827 3380        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\DRIVERS\vhdmp.sys
11:38:45.0829 3380        vhdmp - ok
11:38:45.0832 3380        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:38:45.0833 3380        viaide - ok
11:38:45.0835 3380        VMAuthdService  (94cf2d157c8fd9089afa5da78aa64c65) D:\lolplayer\vmware-authd.exe
11:38:45.0835 3380        VMAuthdService - ok
11:38:45.0852 3380        vmci            (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:38:45.0853 3380        vmci - ok
11:38:45.0860 3380        vmkbd          (0b13268268b3d2c99ba5021593d0f767) C:\Windows\system32\drivers\VMkbd.sys
11:38:45.0860 3380        vmkbd - ok
11:38:45.0864 3380        VMnetAdapter    (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:38:45.0864 3380        VMnetAdapter - ok
11:38:45.0872 3380        VMnetBridge    (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:38:45.0872 3380        VMnetBridge - ok
11:38:45.0874 3380        VMnetDHCP - ok
11:38:45.0881 3380        VMnetuserif    (518d188f04bc4c6ba0581775b9a5ea90) C:\Windows\system32\drivers\vmnetuserif.sys
11:38:45.0881 3380        VMnetuserif - ok
11:38:45.0919 3380        VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:38:45.0927 3380        VMUSBArbService - ok
11:38:45.0934 3380        VMware NAT Service - ok
11:38:45.0951 3380        vmx86          (baf28a75b00b79dc92702af7acffd3e5) C:\Windows\system32\drivers\vmx86.sys
11:38:45.0952 3380        vmx86 - ok
11:38:45.0957 3380        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:38:45.0958 3380        volmgr - ok
11:38:45.0972 3380        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:38:45.0974 3380        volmgrx - ok
11:38:45.0987 3380        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:38:45.0988 3380        volsnap - ok
11:38:46.0002 3380        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:38:46.0003 3380        vsmraid - ok
11:38:46.0057 3380        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:38:46.0068 3380        VSS - ok
11:38:46.0098 3380        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:38:46.0099 3380        vwifibus - ok
11:38:46.0103 3380        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:38:46.0103 3380        vwififlt - ok
11:38:46.0107 3380        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:38:46.0108 3380        vwifimp - ok
11:38:46.0122 3380        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:38:46.0126 3380        W32Time - ok
11:38:46.0132 3380        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:38:46.0133 3380        WacomPen - ok
11:38:46.0140 3380        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:38:46.0141 3380        WANARP - ok
11:38:46.0143 3380        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:38:46.0144 3380        Wanarpv6 - ok
11:38:46.0157 3380        watchmi        (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
11:38:46.0158 3380        watchmi - ok
11:38:46.0210 3380        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:38:46.0220 3380        wbengine - ok
11:38:46.0251 3380        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:38:46.0254 3380        WbioSrvc - ok
11:38:46.0271 3380        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:38:46.0275 3380        wcncsvc - ok
11:38:46.0281 3380        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:38:46.0283 3380        WcsPlugInService - ok
11:38:46.0294 3380        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:38:46.0295 3380        Wd - ok
11:38:46.0321 3380        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:38:46.0325 3380        Wdf01000 - ok
11:38:46.0333 3380        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:46.0336 3380        WdiServiceHost - ok
11:38:46.0338 3380        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:46.0341 3380        WdiSystemHost - ok
11:38:46.0354 3380        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:38:46.0358 3380        WebClient - ok
11:38:46.0378 3380        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:38:46.0380 3380        Wecsvc - ok
11:38:46.0387 3380        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:38:46.0389 3380        wercplsupport - ok
11:38:46.0396 3380        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:38:46.0397 3380        WerSvc - ok
11:38:46.0405 3380        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:38:46.0406 3380        WfpLwf - ok
11:38:46.0409 3380        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:38:46.0409 3380        WIMMount - ok
11:38:46.0414 3380        WinDefend - ok
11:38:46.0419 3380        WinHttpAutoProxySvc - ok
11:38:46.0437 3380        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:38:46.0439 3380        Winmgmt - ok
11:38:46.0505 3380        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:38:46.0519 3380        WinRM - ok
11:38:46.0555 3380        WinUSB          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
11:38:46.0556 3380        WinUSB - ok
11:38:46.0584 3380        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:38:46.0591 3380        Wlansvc - ok
11:38:46.0598 3380        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:38:46.0599 3380        wlcrasvc - ok
11:38:46.0674 3380        wlidsvc        (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:38:46.0695 3380        wlidsvc - ok
11:38:46.0741 3380        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:38:46.0742 3380        WmiAcpi - ok
11:38:46.0763 3380        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:38:46.0766 3380        wmiApSrv - ok
11:38:46.0773 3380        WMPNetworkSvc - ok
11:38:46.0780 3380        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:38:46.0783 3380        WPCSvc - ok
11:38:46.0792 3380        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:38:46.0795 3380        WPDBusEnum - ok
11:38:46.0802 3380        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:38:46.0803 3380        ws2ifsl - ok
11:38:46.0812 3380        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:38:46.0815 3380        wscsvc - ok
11:38:46.0817 3380        WSearch - ok
11:38:46.0826 3380        wsvd            (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
11:38:46.0827 3380        wsvd - ok
11:38:46.0924 3380        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:38:46.0942 3380        wuauserv - ok
11:38:46.0974 3380        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:38:46.0974 3380        WudfPf - ok
11:38:46.0981 3380        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:38:46.0982 3380        WUDFRd - ok
11:38:46.0990 3380        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:38:46.0992 3380        wudfsvc - ok
11:38:47.0002 3380        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:38:47.0005 3380        WwanSvc - ok
11:38:47.0019 3380        MBR (0x1B8)    (4f8aa8c9692c179b2e9b4211951a7a17) \Device\Harddisk0\DR0
11:38:48.0927 3380        \Device\Harddisk0\DR0 - ok
11:38:49.0213 3380        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:38:49.0217 3380        \Device\Harddisk1\DR1 - ok
11:38:49.0220 3380        Boot (0x1200)  (e1da271c95f85fff2e544e4bf404d60b) \Device\Harddisk0\DR0\Partition0
11:38:49.0222 3380        \Device\Harddisk0\DR0\Partition0 - ok
11:38:49.0226 3380        Boot (0x1200)  (98b28a0c5748267f683ccab02a22c671) \Device\Harddisk0\DR0\Partition1
11:38:49.0228 3380        \Device\Harddisk0\DR0\Partition1 - ok
11:38:49.0232 3380        Boot (0x1200)  (98a273af72666909c2c295fd57b39090) \Device\Harddisk1\DR1\Partition0
11:38:49.0234 3380        \Device\Harddisk1\DR1\Partition0 - ok
11:38:49.0253 3380        Boot (0x1200)  (2e7c58836535a7fd47b70a467fbff6c4) \Device\Harddisk1\DR1\Partition1
11:38:49.0255 3380        \Device\Harddisk1\DR1\Partition1 - ok
11:38:49.0255 3380        ============================================================
11:38:49.0255 3380        Scan finished
11:38:49.0255 3380        ============================================================
11:38:49.0263 7172        Detected object count: 0
11:38:49.0263 7172        Actual detected object count: 0
11:39:02.0715 7372        Deinitialize success
der Scan dauerte nur knapp 10 Sekunden ist das normal?

t'john 26.07.2012 10:48
Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 5 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Malte_1234 26.07.2012 18:18
Erledigt.

Ist damit alles i.O.?


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:08 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131