| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Immer wieder Werbe Pop ups unten rechts im Firefox und Internet ExplorerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.06.2012, 13:21
| #1 |
| |  Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Seit einigen Wochen, wie auch immer habe ich mir die nervende Werbung eingefangen, welche sich beim surfen immer wieder von unten rechts einschiebt. Evtl. kann mir jemand kurz behilflich sein. Alle Virenscanner finden nichts. Hier mal die Log Datei von HijackThis und Malwarebytes Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:19:33, on 30.06.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\OneMediaHub\pushfnbl.exe C:\Users\L5566\AppData\Roaming\Wuala\Wuala.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AcroTray.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Users\L5566\Desktop\HiJackThis204.exe C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O1 - Hosts: 149.5.18.172 www.google-analytics.com. O1 - Hosts: 149.5.18.172 ad-emea.doubleclick.net. O1 - Hosts: 149.5.18.172 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: OneMediaHub.lnk = C:\Program Files (x86)\OneMediaHub\pushfnbl.exe O4 - Startup: Wuala.lnk = L5566\AppData\Roaming\Wuala\Wuala.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: M4-Service - Unknown owner - C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10470 bytes ******************* Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.30.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 L5566 :: L5566-PC [Administrator] Schutz: Deaktiviert 30.06.2012 14:12:28 mbam-log-2012-06-30 (14-12-28).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206811 Laufzeit: 3 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Besten Dank! |
|
30.06.2012, 13:24
| #2 |
| /// Malware-holic   |  Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer hi
__________________1. gibts eig ganz deutlich nen hinweis, wir möchten keine hjt logs sehen :-) 2. sind das alle Malwarebytes logs? 3. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
02.07.2012, 12:16
| #3 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Hier die Dateien
__________________OTL: lOTL Logfile: Code:
ATTFilter OTL logfile created on: 02.07.2012 12:22:28 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\L5566\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 66,82% Memory free 7,49 Gb Paging File | 5,97 Gb Available in Paging File | 79,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,39 Gb Total Space | 82,50 Gb Free Space | 56,36% Space Free | Partition Type: NTFS Drive D: | 151,60 Gb Total Space | 121,32 Gb Free Space | 80,02% Space Free | Partition Type: NTFS Computer Name: L5566-PC | User Name: L5566 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.02 11:49:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe PRC - [2012.06.22 10:14:42 | 000,145,408 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\pushfnbl.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.24 19:59:49 | 001,592,160 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Capture.exe PRC - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.01.16 12:04:46 | 001,007,472 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe PRC - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe PRC - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe PRC - [2011.09.09 19:46:10 | 008,158,720 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe PRC - [2011.07.06 05:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe PRC - [2011.06.15 23:12:58 | 002,158,160 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe PRC - [2011.06.15 22:14:06 | 007,057,488 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe PRC - [2011.06.04 18:18:22 | 002,213,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe PRC - [2011.04.14 21:38:50 | 000,727,120 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe PRC - [2011.02.17 02:03:20 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe ========== Modules (No Company Name) ========== MOD - [2012.06.22 10:14:42 | 000,145,408 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\pushfnbl.exe MOD - [2012.06.22 10:14:38 | 001,544,704 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\winmainclientdll.dll MOD - [2011.02.17 02:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll MOD - [2006.08.12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2011.08.11 01:47:10 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC) SRV - [2012.06.26 08:32:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.01.31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.01.16 12:04:46 | 001,007,472 | ---- | M] () [Auto | Running] -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe -- (M4-Service) SRV - [2011.09.12 11:53:02 | 000,024,576 | ---- | M] (BISS GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe -- (WinRiskXASmClSoftwareUpdate) SRV - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2011.09.09 19:46:10 | 008,158,720 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2011.07.28 00:34:30 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2011.07.06 05:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.09 16:27:34 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3) DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.09 04:21:34 | 000,206,128 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2011.08.11 02:39:32 | 009,981,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.08.11 01:10:06 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.07.12 19:48:40 | 000,146,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2011.07.12 19:48:36 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2011.07.12 19:48:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2011.07.05 21:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011.05.16 23:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.04.30 20:31:36 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:64bit: - [2011.03.18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2011.03.18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.23 00:51:08 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.17 22:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.28 16:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI) DRV:64bit: - [2007.06.14 14:43:36 | 000,543,232 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys -- (Ltn_stk7070P_64) DRV:64bit: - [2007.06.13 19:29:40 | 000,016,256 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys -- (Ltn_stkrc_64) DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2012.02.01 14:24:02 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.munich-broker.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF 5B 7B FA 5C E7 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.12 14:36:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.03.27 20:40:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 08:32:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 20:40:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 08:32:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 20:40:40 | 000,000,000 | ---D | M] [2012.02.10 10:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L5566\AppData\Roaming\mozilla\Extensions [2012.06.29 08:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L5566\AppData\Roaming\mozilla\Firefox\Profiles\7vqytien.default\extensions [2012.06.09 15:38:00 | 000,000,000 | ---D | M] (GraphOn GO-Global) -- C:\Users\L5566\AppData\Roaming\mozilla\Firefox\Profiles\7vqytien.default\extensions\support@graphon.com [2012.05.28 23:11:01 | 000,001,494 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mozilla\Firefox\Profiles\7vqytien.default\searchplugins\web-search-powered-by-google.xml [2012.02.10 10:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.05.18 11:46:35 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\L5566\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7VQYTIEN.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2012.06.26 08:32:40 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.06.26 08:32:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.26 08:32:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.26 08:32:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.26 08:32:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.26 08:32:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.26 08:32:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.03.27 18:15:31 | 000,003,589 | -HS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip4.adobe.com O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 250 more lines... O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - Startup: C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk = C:\Program Files (x86)\OneMediaHub\pushfnbl.exe () O4 - Startup: C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk = C:\Users\L5566\AppData\Roaming\Wuala\Wuala.exe (LaCie) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{420F407E-9FAA-4FCB-BCC5-9E18FF7BE504}: DhcpNameServer = 192.168.2.5 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F52B3DA6-F761-4149-9899-969880E581C9}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O27:64bit: - HKLM IFEO\bwclrhost.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\eraser.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nv_o2o_teilnehmer_de.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\bwclrhost.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\eraser.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nv_o2o_teilnehmer_de.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.07.02 11:49:01 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe [2012.07.02 08:10:01 | 000,000,000 | ---D | C] -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte [2012.06.30 11:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.30 11:38:36 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.30 11:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.30 09:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.06.30 09:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.06.29 14:25:55 | 000,000,000 | ---D | C] -- C:\Users\L5566\Desktop\formulare [2012.06.26 08:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OneMediaHub [2012.06.15 19:57:27 | 000,000,000 | ---D | C] -- C:\Users\L5566\AppData\Roaming\Avira [2012.06.15 19:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.06.15 19:50:53 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.06.15 19:50:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.06.15 19:50:52 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.06.15 19:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.06.15 19:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.06.13 18:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java ========== Files - Modified Within 30 Days ========== [2012.07.02 12:05:01 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.02 12:05:01 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.02 11:55:06 | 000,001,920 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk [2012.07.02 11:54:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.02 11:54:39 | 3016,753,152 | -HS- | M] () -- C:\hiberfil.sys [2012.07.02 11:49:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe [2012.07.02 10:51:52 | 000,001,456 | ---- | M] () -- C:\Users\L5566\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.06.30 14:18:48 | 000,010,473 | ---- | M] () -- C:\Users\L5566\Desktop\log30.06 [2012.06.29 12:22:51 | 000,002,092 | -H-- | M] () -- C:\Users\L5566\Documents\Default.rdp [2012.06.27 07:59:42 | 000,070,099 | ---- | M] () -- C:\Users\L5566\AppData\Local\WinRisk_Background.jpg [2012.06.27 07:59:42 | 000,005,345 | ---- | M] () -- C:\Users\L5566\AppData\Local\BWSmartClientAppRes.WinRisk_Login.html [2012.06.27 07:59:42 | 000,002,028 | ---- | M] () -- C:\Users\L5566\AppData\Local\IR_LoginBtn.gif [2012.06.27 07:59:42 | 000,000,405 | ---- | M] () -- C:\Users\L5566\AppData\Local\WinRisk_Smile.gif [2012.06.27 07:59:42 | 000,000,077 | ---- | M] () -- C:\Users\L5566\AppData\Local\bullet.gif [2012.06.15 21:39:53 | 004,899,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.15 20:27:51 | 000,705,572 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.15 20:27:51 | 000,659,826 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.15 20:27:51 | 000,151,888 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.15 20:27:51 | 000,124,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.15 20:27:50 | 001,659,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.15 18:15:02 | 000,022,520 | ---- | M] () -- C:\Users\L5566\Desktop\Skandia-Logo.jpg [2012.06.14 18:46:06 | 000,638,218 | ---- | M] () -- C:\Users\L5566\Desktop\bu-comdirect.pdf ========== Files Created - No Company Name ========== [2012.06.30 11:19:33 | 000,010,473 | ---- | C] () -- C:\Users\L5566\Desktop\log30.06 [2012.06.26 08:39:03 | 000,001,920 | ---- | C] () -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk [2012.06.15 18:15:00 | 000,022,520 | ---- | C] () -- C:\Users\L5566\Desktop\Skandia-Logo.jpg [2012.06.14 18:36:10 | 000,638,218 | ---- | C] () -- C:\Users\L5566\Desktop\bu-comdirect.pdf [2012.05.05 13:04:46 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.04.05 17:34:05 | 000,000,132 | ---- | C] () -- C:\Users\L5566\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.03.05 13:50:29 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\QL56F.DLL [2012.03.04 15:36:59 | 000,000,280 | ---- | C] () -- C:\Windows\ODBC.INI [2012.02.15 20:07:49 | 000,070,099 | ---- | C] () -- C:\Users\L5566\AppData\Local\WinRisk_Background.jpg [2012.02.15 20:07:49 | 000,005,345 | ---- | C] () -- C:\Users\L5566\AppData\Local\BWSmartClientAppRes.WinRisk_Login.html [2012.02.15 20:07:49 | 000,002,028 | ---- | C] () -- C:\Users\L5566\AppData\Local\IR_LoginBtn.gif [2012.02.15 20:07:49 | 000,000,405 | ---- | C] () -- C:\Users\L5566\AppData\Local\WinRisk_Smile.gif [2012.02.15 20:07:49 | 000,000,077 | ---- | C] () -- C:\Users\L5566\AppData\Local\bullet.gif [2012.02.09 12:01:00 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012.02.09 12:01:00 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2012.02.09 11:59:56 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.09 11:59:56 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7820N.DAT [2012.02.09 11:58:28 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2012.02.07 21:01:22 | 000,001,456 | ---- | C] () -- C:\Users\L5566\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.02.07 18:08:54 | 001,659,876 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.03 20:56:01 | 000,007,603 | ---- | C] () -- C:\Users\L5566\AppData\Local\Resmon.ResmonCfg [2012.02.03 16:02:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.02.03 15:08:56 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2012.02.11 10:08:39 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\avidemux [2012.04.28 17:03:22 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\BitTorrent [2012.07.02 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\FileZilla [2012.02.25 08:49:30 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Funambol [2012.03.21 20:29:31 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\ICAClient [2012.05.05 12:59:06 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\ImgBurn [2012.03.07 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\IrfanView [2012.02.24 20:00:41 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Mikogo 4 [2012.03.06 16:56:17 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\MORGEN & MORGEN [2012.03.04 15:36:47 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Simon Brown, HB9DRV [2012.02.09 11:21:17 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\TeamViewer [2012.02.12 18:27:21 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\TuneUp Software [2012.03.06 12:14:33 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Wuala [2012.03.31 18:27:26 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.02.03 15:52:48 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012.03.27 20:17:24 | 000,000,000 | R--D | M] -- C:\Adobe CS5_5 [2012.06.15 20:39:31 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2012.03.06 16:48:27 | 000,000,000 | ---D | M] -- C:\cvw410 [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.03.13 10:18:01 | 000,000,000 | ---D | M] -- C:\DRIVERS [2012.03.06 16:54:35 | 000,000,000 | ---D | M] -- C:\kvw809 [2012.03.06 16:57:19 | 000,000,000 | ---D | M] -- C:\lvw811 [2012.02.03 23:03:37 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.06.02 09:42:54 | 000,000,000 | R--D | M] -- C:\Program Files [2012.06.30 11:38:36 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.06.30 09:17:55 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Programme [2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.07.02 12:25:29 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.02.03 15:52:41 | 000,000,000 | R--D | M] -- C:\Users [2012.05.22 17:48:44 | 000,000,000 | ---D | M] -- C:\Windows [2012.03.21 09:35:52 | 000,000,000 | ---D | M] -- C:\xampp [2012.03.20 21:23:35 | 000,000,000 | ---D | M] -- C:\xampplite < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.07.02 12:41:50 | 002,883,584 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT [2012.07.02 12:41:50 | 000,262,144 | -HS- | M] () -- C:\Users\L5566\ntuser.dat.LOG1 [2012.02.03 15:52:41 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\ntuser.dat.LOG2 [2012.03.27 08:14:31 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_new.LOG1 [2012.03.27 08:14:31 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_new.LOG2 [2012.05.22 14:46:35 | 002,883,584 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_old [2012.02.03 16:01:59 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012.02.03 16:01:59 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012.02.03 16:01:59 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.05.23 09:06:18 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TM.blf [2012.05.23 09:06:18 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2012.05.23 09:06:18 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2012.03.27 09:00:51 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TM.blf [2012.03.27 09:00:51 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2012.03.27 09:00:51 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2012.02.03 15:52:42 | 000,000,020 | -HS- | M] () -- C:\Users\L5566\ntuser.ini [2012.02.09 16:06:22 | 000,000,000 | ---- | M] () -- C:\Users\L5566\Sti_Trace.log < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:638A9051428ED7E7 < End of report > Extra:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 02.07.2012 12:22:28 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\L5566\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,75 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 66,82% Memory free
7,49 Gb Paging File | 5,97 Gb Available in Paging File | 79,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 82,50 Gb Free Space | 56,36% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 121,32 Gb Free Space | 80,02% Space Free | Partition Type: NTFS
Computer Name: L5566-PC | User Name: L5566 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15BB5DD1-1C45-43FB-BE8B-1ABE7F3B0A43}" = rport=445 | protocol=6 | dir=out | app=system |
"{2FD65B50-81DE-4CD6-AB7E-945D7FC3288C}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{3F3E6CAF-B5D5-489B-9119-0200A06C67D4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{41A4C6C7-6789-4FA5-85EF-D8C498D22C44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{46ECBE37-ED00-489D-8B6C-DEE6A2132D2E}" = lport=445 | protocol=6 | dir=in | app=system |
"{4AF07023-E387-42F3-98D8-ACA340E041A5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4DD4B959-E701-4F43-8459-5673AA113FA0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5E617879-0217-43AB-A789-9C639A24A995}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E5F94D3-49B2-439A-872C-E8CC124DE72B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{744BB372-4231-45C9-8522-7EB049AE802C}" = lport=137 | protocol=17 | dir=in | app=system |
"{8804A1AC-0FCB-4EDB-B1E1-DC06652259CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B25402DE-1CE1-4C77-A08C-F691F6C1AB93}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4DCA09A-F2FD-49C7-B1B8-F54CDF8B4B94}" = rport=138 | protocol=17 | dir=out | app=system |
"{B7DCABDF-3801-429E-9CB2-57D744F7634D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE0F02DC-5E91-4E21-ACF7-9BCBA2917433}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C6524984-6058-445A-9A8D-18E378C5FEB8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7A0AC78-1329-4E9D-9EA0-D6895DA85BC1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D28EBA31-3A62-49AC-93DF-B5B342E149EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5A95CE4-464F-4A6C-A0D7-9E339EBE4771}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6F8911A-126E-4469-ABDC-C98B5FBFDEDD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D9400377-AC33-46DC-A14C-F2572DF6E11F}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB064320-20A0-45E6-8335-9E3D51058197}" = lport=139 | protocol=6 | dir=in | app=system |
"{FA3F3025-3AB8-454F-A28C-C252821AB5BA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD54E06B-F240-41BF-A512-30E5483C830D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFF8289D-334F-4C46-AEB0-510BE01DD387}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0558EAE9-527A-4869-9795-D2FF0AF614F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{099BD194-09A6-4AB9-8F02-528DD2FB774E}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{1B022277-4211-43B3-A905-08C6CA2A3865}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{257FF820-DEB6-4C05-B025-3397170C42F7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{269A5456-7B85-4127-BFC3-73DD6DCB112D}" = dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{281DDEB3-1435-4580-B31C-2750C52F367D}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{2DFB9FF5-F6D4-4A88-95C4-E8364FC4331B}" = protocol=6 | dir=out | app=system |
"{2F43C7B4-B683-4FB2-AFF1-932525EB803B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{346A3803-9437-4AE6-BE4C-5748E3B96414}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3A12D18D-FAF9-493C-8F66-2595399368C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D665B3D-5E44-4817-8B4C-069F8567D790}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43B421BF-DCD4-4E50-A964-2A6A5E1A60FF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5CFE8673-5FFC-42DB-96BC-B274C97A804E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5DD1A59C-CCEB-4A87-AE0A-483DED8A3672}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{78A81413-FD60-4835-9B93-EA3847081573}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8F91F951-78CC-4168-A022-1BC3528BE3BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A05F0ECC-0AD6-44E6-92C8-D46114677117}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{A0FD8419-37EA-42DF-AB56-2266D652811A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6E5AE81-0BA2-4D99-9507-1E2C0C32B2B8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B13B320D-75A6-4F22-87A9-DF1C51A670DA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B39D6228-5E38-4757-BA31-39C5D2AEF9AA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B6538E2B-5FB9-4D84-BA21-D936FE5DB6A7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{B6EFCD28-5724-448F-838B-AD101658B85B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBBBBE25-3688-48AE-A0AA-8D0C511EBAB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CEB158F7-2769-4720-AEE8-A604B232867B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D51EC984-1252-4220-A0E9-1F41AA43BE57}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D8CC6C04-BC29-4F55-9427-F36784787023}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{DA139DD9-03F2-4158-AB85-50BCD5D8A5A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EAA44F16-E03E-4922-B5D4-0D62184365D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED04495D-8E50-4C68-BDF7-5174E5D296F1}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{F785647A-B527-4726-B4D1-16E7565FDC91}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{F8AD4B64-AFBD-4D4F-9EBD-22CA6EE9C5B0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{F9C212B9-6C65-4F30-B3E0-DD4383750846}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{0E233885-A91C-4F73-8658-0AB109EBF713}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"TCP Query User{1186D4B6-E33F-4985-AC05-45DD55B81C7C}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{24657E65-C0B7-40C3-A9D4-7CF764D88266}C:\xampplite\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampplite\apache\bin\httpd.exe |
"TCP Query User{38E7E53B-5130-4DE8-BFA7-DA4C2976D296}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe |
"TCP Query User{88040AA8-0E04-4CF0-9AB7-352D7112EEBB}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe |
"TCP Query User{96951AD4-7F69-4565-8582-2677DE1920B6}C:\xampplite\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampplite\mysql\bin\mysqld.exe |
"TCP Query User{E67C1D69-2ACD-472F-9FE9-8A1B97198BA7}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{FD665BA6-55FC-48CE-8274-B9414AA60F6E}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{0D71D216-290B-445E-96AE-287BE8E231FF}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe |
"UDP Query User{5D7F112C-303E-4845-A401-13C3E1A526BF}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{7359B8D7-E1ED-4666-BF61-07B2A26BCE54}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe |
"UDP Query User{A572C1D8-C370-461D-9CC6-DE9541665C89}C:\xampplite\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampplite\mysql\bin\mysqld.exe |
"UDP Query User{ABD7D1F1-037F-4F74-98C4-1E899911AE06}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"UDP Query User{AE7039C0-5E76-427C-9144-DD55E6A2CAB9}C:\xampplite\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampplite\apache\bin\httpd.exe |
"UDP Query User{CDD0F888-FD82-4E9D-BB85-C85191C28F69}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{FBB4DD89-73D1-46A6-9F63-AEC68334348C}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}" = Eraser 6.0.9.2343
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B25CE7B1-4C28-4C77-B8F0-BA00989CD697}" = CodeMeter Runtime Kit v4.30c
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Elantech" = ETDWare PS/2-X64 10.7.5.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C3736A1-D934-4CC0-9E6F-6FD77432A3DC}" = InterRisk WinRisk Smart-Client 4.9.0
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Samsung Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DF979D5-464C-4926-AF73-54C1C219F06A}" = Ham Radio Deluxe
"{54613ADC-0DDC-4BFE-8D25-281272D58D5D}" = KV-WIN
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7C01245B-7B67-4E2B-926D-8E917C2AE77A}" = CV-WIN
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.4.1
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OUTLOOKR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OUTLOOKR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_OUTLOOKR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AEDEA4E0-2B49-4D9F-8CF6-F5B086A244FF}_is1" = AltersvorsorgePLANER VersicherungsPraxis24
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BFC1E04D-AA94-4E5F-A220-89209FF0FA3A}" = LV-WIN
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7820N
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF0E815B-0853-4F90-AA9D-368EE44A7D3F}_is1" = Awh_MC
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Setup" = DivX-Setup
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OneMediaHub" = OneMediaHub 11.0.4
"OUTLOOKR" = Microsoft Office Outlook 2007
"PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.0
"Winamp" = Winamp
"WinMerge_is1" = WinMerge 2.12.4
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
"xampp" = XAMPP 1.7.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
"Mikogo 4" = Mikogo 4
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Wuala" = Wuala
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.06.2012 12:57:31 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
Error - 27.06.2012 08:10:51 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
Error - 28.06.2012 09:20:05 | Computer Name = L5566-PC | Source = Application Hang | ID = 1002
Description = Programm Acrobat.exe, Version 10.0.0.396 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a08 Startzeit:
01cd552616ab4dbe Endzeit: 175 Anwendungspfad: C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrobat.exe Berichts-ID:
Error - 28.06.2012 16:54:11 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
Error - 29.06.2012 02:29:38 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070015.
Error - 30.06.2012 03:16:56 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
Error - 30.06.2012 08:45:04 | Computer Name = L5566-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 01.07.2012 12:23:48 | Computer Name = L5566-PC | Source = MsiInstaller | ID = 11316
Description =
Error - 01.07.2012 13:18:09 | Computer Name = L5566-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 13.0.1.4548,
Zeitstempel: 0x4fda5ff0 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x1a44 Startzeit der fehlerhaften Anwendung: 0x01cd57ad677e2564 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: ba55c2c6-c3a0-11e1-a9f8-90a4de9d12e8
Error - 02.07.2012 05:51:51 | Computer Name = L5566-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.53.1 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 700 Startzeit:
01cd5837f09f00aa Endzeit: 12 Anwendungspfad: C:\Users\L5566\Desktop\OTL.exe Berichts-ID:
[ Media Center Events ]
Error - 24.06.2012 00:09:55 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 06:09:52 - Fehler beim Herstellen der Internetverbindung. 06:09:52
- Serververbindung konnte nicht hergestellt werden..
Error - 28.06.2012 01:03:44 | Computer Name = L5566-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) PCTV DiBcom
BDA Digital Tuner (Dev1 Path0)
Error - 28.06.2012 01:04:15 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 07:04:14 - Fehler beim Herstellen der Internetverbindung. 07:04:14
- Serververbindung konnte nicht hergestellt werden..
Error - 28.06.2012 01:04:33 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 07:04:21 - Fehler beim Herstellen der Internetverbindung. 07:04:21
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 21:34:18 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 03:34:18 - Fehler beim Herstellen der Internetverbindung. 03:34:18
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 21:34:31 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 03:34:23 - Fehler beim Herstellen der Internetverbindung. 03:34:23
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 22:34:40 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 04:34:40 - Fehler beim Herstellen der Internetverbindung. 04:34:40
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 22:34:52 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 04:34:45 - Fehler beim Herstellen der Internetverbindung. 04:34:45
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 23:34:57 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 05:34:57 - Fehler beim Herstellen der Internetverbindung. 05:34:57
- Serververbindung konnte nicht hergestellt werden..
Error - 30.06.2012 23:35:06 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 05:35:03 - Fehler beim Herstellen der Internetverbindung. 05:35:03
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 07.02.2012 13:30:35 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.02.2012 11:37:11 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.02.2012 05:07:03 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 23.06.2012 01:42:39 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.06.2012 01:43:39 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.06.2012 02:25:32 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.06.2012 02:26:38 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.06.2012 02:26:44 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.06.2012 02:27:10 | Computer Name = L5566-PC | Source = DCOM | ID = 10010
Description =
Error - 23.06.2012 02:27:45 | Computer Name = L5566-PC | Source = DCOM | ID = 10010
Description =
Error - 23.06.2012 02:29:23 | Computer Name = L5566-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 23.06.2012 02:32:45 | Computer Name = L5566-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 23.06.2012 13:21:55 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
|
|
02.07.2012, 17:21
| #4 |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.07.2012, 17:49
| #5 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer 18:40:20.0138 6056 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22 18:40:20.0261 6056 ============================================================ 18:40:20.0261 6056 Current date / time: 2012/07/02 18:40:20.0261 18:40:20.0261 6056 SystemInfo: 18:40:20.0261 6056 18:40:20.0261 6056 OS Version: 6.1.7601 ServicePack: 1.0 18:40:20.0261 6056 Product type: Workstation 18:40:20.0262 6056 ComputerName: L5566-PC 18:40:20.0262 6056 UserName: L5566 18:40:20.0262 6056 Windows directory: C:\Windows 18:40:20.0262 6056 System windows directory: C:\Windows 18:40:20.0262 6056 Running under WOW64 18:40:20.0262 6056 Processor architecture: Intel x64 18:40:20.0262 6056 Number of processors: 2 18:40:20.0262 6056 Page size: 0x1000 18:40:20.0262 6056 Boot type: Normal boot 18:40:20.0262 6056 ============================================================ 18:40:21.0858 6056 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:40:21.0870 6056 ============================================================ 18:40:21.0870 6056 \Device\Harddisk0\DR0: 18:40:21.0870 6056 MBR partitions: 18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C6000 18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x12F35800 18:40:21.0870 6056 ============================================================ 18:40:21.0891 6056 C: <-> \Device\Harddisk0\DR0\Partition1 18:40:21.0930 6056 D: <-> \Device\Harddisk0\DR0\Partition2 18:40:21.0930 6056 ============================================================ 18:40:21.0930 6056 Initialize success 18:40:21.0930 6056 ============================================================ 18:40:30.0910 1744 ============================================================ 18:40:30.0910 1744 Scan started 18:40:30.0910 1744 Mode: Manual; SigCheck; TDLFS; 18:40:30.0910 1744 ============================================================ 18:40:31.0859 1744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:40:31.0960 1744 1394ohci - ok 18:40:32.0024 1744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:40:32.0054 1744 ACPI - ok 18:40:32.0086 1744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:40:32.0116 1744 AcpiPmi - ok 18:40:32.0184 1744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:40:32.0218 1744 adp94xx - ok 18:40:32.0249 1744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:40:32.0279 1744 adpahci - ok 18:40:32.0335 1744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:40:32.0363 1744 adpu320 - ok 18:40:32.0402 1744 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:40:32.0475 1744 AeLookupSvc - ok 18:40:32.0527 1744 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:40:32.0563 1744 AFD - ok 18:40:32.0604 1744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:40:32.0627 1744 agp440 - ok 18:40:32.0658 1744 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:40:32.0689 1744 ALG - ok 18:40:32.0716 1744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:40:32.0737 1744 aliide - ok 18:40:32.0780 1744 AMD External Events Utility (8743eeca8cea54555fc584090b16de9d) C:\Windows\system32\atiesrxx.exe 18:40:32.0812 1744 AMD External Events Utility - ok 18:40:32.0834 1744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:40:32.0857 1744 amdide - ok 18:40:32.0889 1744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:40:32.0914 1744 AmdK8 - ok 18:40:33.0522 1744 amdkmdag (0a97540b21807e5e77dfd6ff2ca86e2a) C:\Windows\system32\DRIVERS\atikmdag.sys 18:40:33.0755 1744 amdkmdag - ok 18:40:33.0964 1744 amdkmdap (a11c4af5e8777f13ce7df011e892239c) C:\Windows\system32\DRIVERS\atikmpag.sys 18:40:33.0997 1744 amdkmdap - ok 18:40:34.0031 1744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:40:34.0056 1744 AmdPPM - ok 18:40:34.0088 1744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:40:34.0112 1744 amdsata - ok 18:40:34.0151 1744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:40:34.0185 1744 amdsbs - ok 18:40:34.0222 1744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:40:34.0243 1744 amdxata - ok 18:40:34.0333 1744 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:40:34.0358 1744 AntiVirSchedulerService - ok 18:40:34.0385 1744 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:40:34.0406 1744 AntiVirService - ok 18:40:34.0458 1744 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) c:\xampp\apache\bin\httpd.exe 18:40:34.0467 1744 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning 18:40:34.0468 1744 Apache2.2 - detected UnsignedFile.Multi.Generic (1) 18:40:34.0500 1744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:40:34.0563 1744 AppID - ok 18:40:34.0605 1744 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:40:34.0674 1744 AppIDSvc - ok 18:40:34.0695 1744 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 18:40:34.0760 1744 Appinfo - ok 18:40:34.0794 1744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:40:34.0818 1744 arc - ok 18:40:34.0849 1744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:40:34.0872 1744 arcsas - ok 18:40:34.0990 1744 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:40:35.0010 1744 aspnet_state - ok 18:40:35.0030 1744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:40:35.0096 1744 AsyncMac - ok 18:40:35.0120 1744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:40:35.0143 1744 atapi - ok 18:40:35.0183 1744 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys 18:40:35.0214 1744 AtiHDAudioService - ok 18:40:35.0280 1744 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:40:35.0356 1744 AudioEndpointBuilder - ok 18:40:35.0371 1744 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:40:35.0447 1744 AudioSrv - ok 18:40:35.0512 1744 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 18:40:35.0535 1744 avgntflt - ok 18:40:35.0561 1744 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 18:40:35.0585 1744 avipbb - ok 18:40:35.0625 1744 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 18:40:35.0647 1744 avkmgr - ok 18:40:35.0685 1744 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 18:40:35.0722 1744 AxInstSV - ok 18:40:35.0779 1744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:40:35.0813 1744 b06bdrv - ok 18:40:35.0852 1744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:40:35.0881 1744 b57nd60a - ok 18:40:36.0163 1744 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys 18:40:36.0311 1744 BCM43XX - ok 18:40:36.0415 1744 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:40:36.0442 1744 BDESVC - ok 18:40:36.0501 1744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:40:36.0568 1744 Beep - ok 18:40:36.0645 1744 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 18:40:36.0721 1744 BFE - ok 18:40:36.0787 1744 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 18:40:36.0869 1744 BITS - ok 18:40:36.0936 1744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:40:36.0960 1744 blbdrive - ok 18:40:37.0001 1744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:40:37.0025 1744 bowser - ok 18:40:37.0053 1744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:40:37.0083 1744 BrFiltLo - ok 18:40:37.0093 1744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:40:37.0123 1744 BrFiltUp - ok 18:40:37.0160 1744 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 18:40:37.0229 1744 Browser - ok 18:40:37.0276 1744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:40:37.0306 1744 Brserid - ok 18:40:37.0315 1744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:40:37.0346 1744 BrSerWdm - ok 18:40:37.0353 1744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:40:37.0383 1744 BrUsbMdm - ok 18:40:37.0391 1744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:40:37.0420 1744 BrUsbSer - ok 18:40:37.0451 1744 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 18:40:37.0480 1744 BthEnum - ok 18:40:37.0516 1744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:40:37.0546 1744 BTHMODEM - ok 18:40:37.0581 1744 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:40:37.0611 1744 BthPan - ok 18:40:37.0667 1744 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 18:40:37.0699 1744 BTHPORT - ok 18:40:37.0728 1744 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:40:37.0795 1744 bthserv - ok 18:40:37.0834 1744 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 18:40:37.0860 1744 BTHUSB - ok 18:40:37.0917 1744 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys 18:40:37.0952 1744 BTWAMPFL - ok 18:40:37.0979 1744 btwaudio (24bff9d75310f3059ee44f38bf0de0b2) C:\Windows\system32\drivers\btwaudio.sys 18:40:38.0001 1744 btwaudio - ok 18:40:38.0031 1744 btwavdt (858b305ade425732cff9ded182f94fb8) C:\Windows\system32\DRIVERS\btwavdt.sys 18:40:38.0054 1744 btwavdt - ok 18:40:38.0171 1744 btwdins (305097081be9a372484360c696f025ee) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 18:40:38.0212 1744 btwdins - ok 18:40:38.0244 1744 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys 18:40:38.0265 1744 btwl2cap - ok 18:40:38.0281 1744 btwrchid (3bd876387d6c538690300f9ec198856b) C:\Windows\system32\DRIVERS\btwrchid.sys 18:40:38.0301 1744 btwrchid - ok 18:40:38.0345 1744 cbfs3 (555fa105c22b1616094edad1cbfb0551) C:\Windows\system32\drivers\cbfs3.sys 18:40:38.0379 1744 cbfs3 - ok 18:40:38.0422 1744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:40:38.0492 1744 cdfs - ok 18:40:38.0531 1744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:40:38.0557 1744 cdrom - ok 18:40:38.0594 1744 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:40:38.0662 1744 CertPropSvc - ok 18:40:38.0690 1744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:40:38.0718 1744 circlass - ok 18:40:38.0748 1744 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE 18:40:38.0773 1744 CISVC - ok 18:40:38.0820 1744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:40:38.0851 1744 CLFS - ok 18:40:38.0931 1744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:40:38.0952 1744 clr_optimization_v2.0.50727_32 - ok 18:40:39.0024 1744 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:40:39.0047 1744 clr_optimization_v2.0.50727_64 - ok 18:40:39.0107 1744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:40:39.0129 1744 clr_optimization_v4.0.30319_32 - ok 18:40:39.0162 1744 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:40:39.0184 1744 clr_optimization_v4.0.30319_64 - ok 18:40:39.0192 1744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:40:39.0217 1744 CmBatt - ok 18:40:39.0249 1744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:40:39.0271 1744 cmdide - ok 18:40:39.0323 1744 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:40:39.0370 1744 CNG - ok 18:40:39.0558 1744 CodeMeter.exe (1c15404ea8fc42dab8a7b3765ed53e58) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe 18:40:39.0636 1744 CodeMeter.exe - ok 18:40:39.0771 1744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:40:39.0794 1744 Compbatt - ok 18:40:39.0826 1744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:40:39.0857 1744 CompositeBus - ok 18:40:39.0866 1744 COMSysApp - ok 18:40:39.0903 1744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:40:39.0926 1744 crcdisk - ok 18:40:39.0969 1744 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 18:40:39.0996 1744 CryptSvc - ok 18:40:40.0057 1744 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:40:40.0132 1744 DcomLaunch - ok 18:40:40.0181 1744 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:40:40.0254 1744 defragsvc - ok 18:40:40.0297 1744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:40:40.0363 1744 DfsC - ok 18:40:40.0406 1744 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 18:40:40.0476 1744 Dhcp - ok 18:40:40.0509 1744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:40:40.0577 1744 discache - ok 18:40:40.0601 1744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:40:40.0624 1744 Disk - ok 18:40:40.0659 1744 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 18:40:40.0685 1744 Dnscache - ok 18:40:40.0735 1744 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 18:40:40.0804 1744 dot3svc - ok 18:40:40.0844 1744 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 18:40:40.0910 1744 DPS - ok 18:40:40.0935 1744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:40:40.0965 1744 drmkaud - ok 18:40:41.0047 1744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:40:41.0095 1744 DXGKrnl - ok 18:40:41.0121 1744 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:40:41.0191 1744 EapHost - ok 18:40:41.0409 1744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:40:41.0492 1744 ebdrv - ok 18:40:41.0600 1744 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 18:40:41.0626 1744 EFS - ok 18:40:41.0725 1744 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 18:40:41.0767 1744 ehRecvr - ok 18:40:41.0808 1744 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:40:41.0839 1744 ehSched - ok 18:40:41.0941 1744 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 18:40:41.0964 1744 ElbyCDFL - ok 18:40:41.0980 1744 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 18:40:42.0003 1744 ElbyCDIO - ok 18:40:42.0070 1744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:40:42.0106 1744 elxstor - ok 18:40:42.0132 1744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:40:42.0158 1744 ErrDev - ok 18:40:42.0203 1744 ETD (a06dd18ea3630cb2d7ecede15ac21678) C:\Windows\system32\DRIVERS\ETD.sys 18:40:42.0230 1744 ETD - ok 18:40:42.0298 1744 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:40:42.0374 1744 EventSystem - ok 18:40:42.0418 1744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:40:42.0489 1744 exfat - ok 18:40:42.0517 1744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:40:42.0587 1744 fastfat - ok 18:40:42.0664 1744 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 18:40:42.0700 1744 Fax - ok 18:40:42.0727 1744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:40:42.0751 1744 fdc - ok 18:40:42.0789 1744 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:40:42.0856 1744 fdPHost - ok 18:40:42.0869 1744 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:40:42.0937 1744 FDResPub - ok 18:40:42.0960 1744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:40:42.0983 1744 FileInfo - ok 18:40:43.0018 1744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:40:43.0085 1744 Filetrace - ok 18:40:43.0106 1744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:40:43.0131 1744 flpydisk - ok 18:40:43.0183 1744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:40:43.0212 1744 FltMgr - ok 18:40:43.0319 1744 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 18:40:43.0364 1744 FontCache - ok 18:40:43.0445 1744 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:40:43.0464 1744 FontCache3.0.0.0 - ok 18:40:43.0507 1744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:40:43.0530 1744 FsDepends - ok 18:40:43.0556 1744 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 18:40:43.0579 1744 Fs_Rec - ok 18:40:43.0612 1744 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys 18:40:43.0633 1744 FTDIBUS - ok 18:40:43.0643 1744 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys 18:40:43.0662 1744 FTSER2K - ok 18:40:43.0706 1744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:40:43.0739 1744 fvevol - ok 18:40:43.0772 1744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:40:43.0795 1744 gagp30kx - ok 18:40:43.0878 1744 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 18:40:43.0956 1744 gpsvc - ok 18:40:43.0977 1744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:40:44.0002 1744 hcw85cir - ok 18:40:44.0051 1744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:40:44.0085 1744 HdAudAddService - ok 18:40:44.0108 1744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:40:44.0138 1744 HDAudBus - ok 18:40:44.0171 1744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:40:44.0196 1744 HidBatt - ok 18:40:44.0225 1744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:40:44.0256 1744 HidBth - ok 18:40:44.0264 1744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:40:44.0293 1744 HidIr - ok 18:40:44.0321 1744 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 18:40:44.0389 1744 hidserv - ok 18:40:44.0426 1744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:40:44.0451 1744 HidUsb - ok 18:40:44.0485 1744 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 18:40:44.0556 1744 hkmsvc - ok 18:40:44.0591 1744 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 18:40:44.0619 1744 HomeGroupListener - ok 18:40:44.0657 1744 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 18:40:44.0686 1744 HomeGroupProvider - ok 18:40:44.0719 1744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:40:44.0742 1744 HpSAMD - ok 18:40:44.0805 1744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:40:44.0884 1744 HTTP - ok 18:40:44.0925 1744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:40:44.0946 1744 hwpolicy - ok 18:40:44.0970 1744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:40:44.0996 1744 i8042prt - ok 18:40:45.0047 1744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:40:45.0083 1744 iaStorV - ok 18:40:45.0223 1744 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:40:45.0264 1744 idsvc - ok 18:40:45.0294 1744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:40:45.0319 1744 iirsp - ok 18:40:45.0401 1744 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 18:40:45.0485 1744 IKEEXT - ok 18:40:45.0684 1744 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys 18:40:45.0779 1744 IntcAzAudAddService - ok 18:40:45.0912 1744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:40:45.0933 1744 intelide - ok 18:40:45.0957 1744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:40:45.0983 1744 intelppm - ok 18:40:46.0023 1744 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:40:46.0095 1744 IPBusEnum - ok 18:40:46.0128 1744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:40:46.0195 1744 IpFilterDriver - ok 18:40:46.0268 1744 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 18:40:46.0346 1744 iphlpsvc - ok 18:40:46.0390 1744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:40:46.0415 1744 IPMIDRV - ok 18:40:46.0452 1744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:40:46.0521 1744 IPNAT - ok 18:40:46.0540 1744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:40:46.0573 1744 IRENUM - ok 18:40:46.0615 1744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:40:46.0640 1744 isapnp - ok 18:40:46.0679 1744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:40:46.0708 1744 iScsiPrt - ok 18:40:46.0734 1744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 18:40:46.0759 1744 kbdclass - ok 18:40:46.0793 1744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 18:40:46.0818 1744 kbdhid - ok 18:40:46.0854 1744 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:40:46.0883 1744 KeyIso - ok 18:40:46.0904 1744 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:40:46.0929 1744 KSecDD - ok 18:40:46.0948 1744 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:40:46.0973 1744 KSecPkg - ok 18:40:47.0002 1744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:40:47.0070 1744 ksthunk - ok 18:40:47.0121 1744 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:40:47.0204 1744 KtmRm - ok 18:40:47.0262 1744 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 18:40:47.0337 1744 LanmanServer - ok 18:40:47.0378 1744 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 18:40:47.0458 1744 LanmanWorkstation - ok 18:40:47.0478 1744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:40:47.0549 1744 lltdio - ok 18:40:47.0600 1744 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:40:47.0676 1744 lltdsvc - ok 18:40:47.0697 1744 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:40:47.0768 1744 lmhosts - ok 18:40:47.0800 1744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:40:47.0825 1744 LSI_FC - ok 18:40:47.0869 1744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:40:47.0894 1744 LSI_SAS - ok 18:40:47.0911 1744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:40:47.0937 1744 LSI_SAS2 - ok 18:40:47.0966 1744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:40:47.0991 1744 LSI_SCSI - ok 18:40:48.0100 1744 Ltn_stk7070P_64 (639d24e769bdbec6145e4c1921669b73) C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys 18:40:48.0132 1744 Ltn_stk7070P_64 - ok 18:40:48.0182 1744 Ltn_stkrc_64 (e028df5a96827a87898d4d7eb768e3ab) C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys 18:40:48.0206 1744 Ltn_stkrc_64 - ok 18:40:48.0227 1744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:40:48.0298 1744 luafv - ok 18:40:48.0446 1744 M4-Service (f1d72877fa97d617be70aefb3a30cd91) C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe 18:40:48.0491 1744 M4-Service - ok 18:40:48.0535 1744 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 18:40:48.0559 1744 MBAMProtector - ok 18:40:48.0678 1744 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:40:48.0716 1744 MBAMService - ok 18:40:48.0759 1744 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 18:40:48.0789 1744 Mcx2Svc - ok 18:40:48.0818 1744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:40:48.0842 1744 megasas - ok 18:40:48.0898 1744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:40:48.0928 1744 MegaSR - ok 18:40:48.0973 1744 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:40:49.0045 1744 MMCSS - ok 18:40:49.0063 1744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:40:49.0128 1744 Modem - ok 18:40:49.0157 1744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:40:49.0185 1744 monitor - ok 18:40:49.0214 1744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:40:49.0236 1744 mouclass - ok 18:40:49.0264 1744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:40:49.0288 1744 mouhid - ok 18:40:49.0327 1744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:40:49.0351 1744 mountmgr - ok 18:40:49.0419 1744 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:40:49.0445 1744 MozillaMaintenance - ok 18:40:49.0486 1744 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 18:40:49.0530 1744 MpFilter - ok 18:40:49.0571 1744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:40:49.0603 1744 mpio - ok 18:40:49.0656 1744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:40:49.0725 1744 mpsdrv - ok 18:40:49.0799 1744 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 18:40:49.0892 1744 MpsSvc - ok 18:40:49.0922 1744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:40:49.0956 1744 MRxDAV - ok 18:40:49.0990 1744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:40:50.0014 1744 mrxsmb - ok 18:40:50.0040 1744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:40:50.0067 1744 mrxsmb10 - ok 18:40:50.0080 1744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:40:50.0104 1744 mrxsmb20 - ok 18:40:50.0132 1744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:40:50.0154 1744 msahci - ok 18:40:50.0184 1744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:40:50.0208 1744 msdsm - ok 18:40:50.0246 1744 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:40:50.0273 1744 MSDTC - ok 18:40:50.0308 1744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:40:50.0372 1744 Msfs - ok 18:40:50.0383 1744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:40:50.0446 1744 mshidkmdf - ok 18:40:50.0467 1744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:40:50.0488 1744 msisadrv - ok 18:40:50.0530 1744 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:40:50.0598 1744 MSiSCSI - ok 18:40:50.0607 1744 msiserver - ok 18:40:50.0634 1744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:40:50.0698 1744 MSKSSRV - ok 18:40:50.0762 1744 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe 18:40:50.0784 1744 MsMpSvc - ok 18:40:50.0813 1744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:40:50.0886 1744 MSPCLOCK - ok 18:40:50.0924 1744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:40:51.0001 1744 MSPQM - ok 18:40:51.0060 1744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:40:51.0094 1744 MsRPC - ok 18:40:51.0138 1744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:40:51.0161 1744 mssmbios - ok 18:40:51.0202 1744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:40:51.0273 1744 MSTEE - ok 18:40:51.0284 1744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:40:51.0310 1744 MTConfig - ok 18:40:51.0330 1744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:40:51.0354 1744 Mup - ok 18:40:51.0426 1744 mysql - ok 18:40:51.0487 1744 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 18:40:51.0566 1744 napagent - ok 18:40:51.0614 1744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:40:51.0655 1744 NativeWifiP - ok 18:40:51.0735 1744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:40:51.0785 1744 NDIS - ok 18:40:51.0911 1744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:40:51.0984 1744 NdisCap - ok 18:40:52.0031 1744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:40:52.0121 1744 NdisTapi - ok 18:40:52.0208 1744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:40:52.0288 1744 Ndisuio - ok 18:40:52.0365 1744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:40:52.0444 1744 NdisWan - ok 18:40:52.0497 1744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:40:52.0571 1744 NDProxy - ok 18:40:52.0608 1744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:40:52.0679 1744 NetBIOS - ok 18:40:52.0728 1744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:40:52.0802 1744 NetBT - ok 18:40:52.0839 1744 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:40:52.0871 1744 Netlogon - ok 18:40:52.0918 1744 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:40:52.0995 1744 Netman - ok 18:40:53.0105 1744 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:40:53.0128 1744 NetMsmqActivator - ok 18:40:53.0137 1744 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:40:53.0158 1744 NetPipeActivator - ok 18:40:53.0217 1744 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:40:53.0304 1744 netprofm - ok 18:40:53.0313 1744 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:40:53.0335 1744 NetTcpActivator - ok 18:40:53.0342 1744 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:40:53.0369 1744 NetTcpPortSharing - ok 18:40:53.0428 1744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:40:53.0450 1744 nfrd960 - ok 18:40:53.0490 1744 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 18:40:53.0511 1744 NisDrv - ok 18:40:53.0609 1744 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe 18:40:53.0642 1744 NisSrv - ok 18:40:53.0700 1744 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 18:40:53.0777 1744 NlaSvc - ok 18:40:53.0799 1744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:40:53.0867 1744 Npfs - ok 18:40:53.0905 1744 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:40:53.0973 1744 nsi - ok 18:40:54.0024 1744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:40:54.0105 1744 nsiproxy - ok 18:40:54.0248 1744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:40:54.0317 1744 Ntfs - ok 18:40:54.0450 1744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:40:54.0518 1744 Null - ok 18:40:54.0555 1744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:40:54.0581 1744 nvraid - ok 18:40:54.0612 1744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:40:54.0641 1744 nvstor - ok 18:40:54.0665 1744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:40:54.0692 1744 nv_agp - ok 18:40:54.0809 1744 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:40:54.0840 1744 odserv - ok 18:40:54.0875 1744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:40:54.0901 1744 ohci1394 - ok 18:40:54.0941 1744 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:40:54.0965 1744 ose - ok 18:40:55.0021 1744 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:40:55.0053 1744 p2pimsvc - ok 18:40:55.0104 1744 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:40:55.0140 1744 p2psvc - ok 18:40:55.0188 1744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:40:55.0216 1744 Parport - ok 18:40:55.0260 1744 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 18:40:55.0285 1744 partmgr - ok 18:40:55.0334 1744 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:40:55.0379 1744 PcaSvc - ok 18:40:55.0427 1744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:40:55.0454 1744 pci - ok 18:40:55.0481 1744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:40:55.0503 1744 pciide - ok 18:40:55.0546 1744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:40:55.0575 1744 pcmcia - ok 18:40:55.0598 1744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:40:55.0622 1744 pcw - ok 18:40:55.0725 1744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:40:55.0807 1744 PEAUTH - ok 18:40:55.0920 1744 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:40:55.0970 1744 PerfHost - ok 18:40:56.0163 1744 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 18:40:56.0255 1744 pla - ok 18:40:56.0302 1744 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 18:40:56.0336 1744 PlugPlay - ok 18:40:56.0358 1744 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:40:56.0386 1744 PNRPAutoReg - ok 18:40:56.0421 1744 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:40:56.0456 1744 PNRPsvc - ok 18:40:56.0526 1744 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 18:40:56.0617 1744 PolicyAgent - ok 18:40:56.0662 1744 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:40:56.0734 1744 Power - ok 18:40:56.0793 1744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:40:56.0859 1744 PptpMiniport - ok 18:40:56.0891 1744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:40:56.0916 1744 Processor - ok 18:40:56.0985 1744 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 18:40:57.0014 1744 ProfSvc - ok 18:40:57.0033 1744 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:40:57.0056 1744 ProtectedStorage - ok 18:40:57.0093 1744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:40:57.0159 1744 Psched - ok 18:40:57.0276 1744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:40:57.0344 1744 ql2300 - ok 18:40:57.0493 1744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:40:57.0518 1744 ql40xx - ok 18:40:57.0575 1744 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:40:57.0615 1744 QWAVE - ok 18:40:57.0647 1744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:40:57.0681 1744 QWAVEdrv - ok 18:40:57.0727 1744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:40:57.0792 1744 RasAcd - ok 18:40:57.0818 1744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:40:57.0885 1744 RasAgileVpn - ok 18:40:57.0921 1744 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:40:57.0992 1744 RasAuto - ok 18:40:58.0032 1744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:40:58.0102 1744 Rasl2tp - ok 18:40:58.0163 1744 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 18:40:58.0233 1744 RasMan - ok 18:40:58.0266 1744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:40:58.0338 1744 RasPppoe - ok 18:40:58.0351 1744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:40:58.0439 1744 RasSstp - ok 18:40:58.0481 1744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:40:58.0564 1744 rdbss - ok 18:40:58.0597 1744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:40:58.0626 1744 rdpbus - ok 18:40:58.0645 1744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:40:58.0711 1744 RDPCDD - ok 18:40:58.0729 1744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:40:58.0793 1744 RDPENCDD - ok 18:40:58.0805 1744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:40:58.0869 1744 RDPREFMP - ok 18:40:58.0905 1744 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 18:40:58.0930 1744 RDPWD - ok 18:40:58.0974 1744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:40:59.0001 1744 rdyboost - ok 18:40:59.0043 1744 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:40:59.0113 1744 RemoteAccess - ok 18:40:59.0149 1744 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:40:59.0219 1744 RemoteRegistry - ok 18:40:59.0257 1744 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 18:40:59.0288 1744 RFCOMM - ok 18:40:59.0337 1744 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:40:59.0404 1744 RpcEptMapper - ok 18:40:59.0431 1744 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:40:59.0456 1744 RpcLocator - ok 18:40:59.0528 1744 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:40:59.0605 1744 RpcSs - ok 18:40:59.0645 1744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:40:59.0711 1744 rspndr - ok 18:40:59.0779 1744 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys 18:40:59.0812 1744 RTL8167 - ok 18:40:59.0833 1744 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys 18:40:59.0852 1744 SABI - ok 18:40:59.0877 1744 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:40:59.0901 1744 SamSs - ok 18:40:59.0939 1744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:40:59.0963 1744 sbp2port - ok 18:41:00.0005 1744 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:41:00.0074 1744 SCardSvr - ok 18:41:00.0106 1744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:41:00.0200 1744 scfilter - ok 18:41:00.0311 1744 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 18:41:00.0407 1744 Schedule - ok 18:41:00.0439 1744 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:41:00.0505 1744 SCPolicySvc - ok 18:41:00.0538 1744 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 18:41:00.0565 1744 SDRSVC - ok 18:41:00.0615 1744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:41:00.0682 1744 secdrv - ok 18:41:00.0709 1744 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 18:41:00.0775 1744 seclogon - ok 18:41:00.0816 1744 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 18:41:00.0884 1744 SENS - ok 18:41:00.0899 1744 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:41:00.0926 1744 SensrSvc - ok 18:41:00.0952 1744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:41:00.0976 1744 Serenum - ok 18:41:00.0998 1744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:41:01.0023 1744 Serial - ok 18:41:01.0063 1744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:41:01.0085 1744 sermouse - ok 18:41:01.0140 1744 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 18:41:01.0207 1744 SessionEnv - ok 18:41:01.0243 1744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:41:01.0303 1744 sffdisk - ok 18:41:01.0320 1744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:41:01.0344 1744 sffp_mmc - ok 18:41:01.0360 1744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:41:01.0387 1744 sffp_sd - ok 18:41:01.0419 1744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:41:01.0441 1744 sfloppy - ok 18:41:01.0506 1744 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:41:01.0577 1744 SharedAccess - ok 18:41:01.0633 1744 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 18:41:01.0705 1744 ShellHWDetection - ok 18:41:01.0726 1744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:41:01.0747 1744 SiSRaid2 - ok 18:41:01.0783 1744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:41:01.0806 1744 SiSRaid4 - ok 18:41:01.0878 1744 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 18:41:01.0900 1744 SkypeUpdate - ok 18:41:01.0928 1744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:41:01.0996 1744 Smb - ok 18:41:02.0098 1744 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:41:02.0138 1744 SNMPTRAP - ok 18:41:02.0177 1744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:41:02.0198 1744 spldr - ok 18:41:02.0262 1744 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 18:41:02.0339 1744 Spooler - ok 18:41:02.0590 1744 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 18:41:02.0748 1744 sppsvc - ok 18:41:02.0861 1744 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:41:02.0936 1744 sppuinotify - ok 18:41:03.0013 1744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:41:03.0044 1744 srv - ok 18:41:03.0072 1744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:41:03.0100 1744 srv2 - ok 18:41:03.0116 1744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:41:03.0140 1744 srvnet - ok 18:41:03.0197 1744 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:41:03.0268 1744 SSDPSRV - ok 18:41:03.0289 1744 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:41:03.0369 1744 SstpSvc - ok 18:41:03.0434 1744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:41:03.0459 1744 stexstor - ok 18:41:03.0493 1744 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 18:41:03.0520 1744 StillCam - ok 18:41:03.0585 1744 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 18:41:03.0637 1744 stisvc - ok 18:41:03.0669 1744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:41:03.0691 1744 swenum - ok 18:41:03.0811 1744 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 18:41:03.0850 1744 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 18:41:03.0850 1744 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 18:41:03.0915 1744 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:41:03.0992 1744 swprv - ok 18:41:04.0154 1744 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 18:41:04.0224 1744 SysMain - ok 18:41:04.0347 1744 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 18:41:04.0389 1744 TabletInputService - ok 18:41:04.0438 1744 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 18:41:04.0509 1744 TapiSrv - ok 18:41:04.0552 1744 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:41:04.0621 1744 TBS - ok 18:41:04.0806 1744 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 18:41:04.0889 1744 Tcpip - ok 18:41:05.0147 1744 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 18:41:05.0223 1744 TCPIP6 - ok 18:41:05.0366 1744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:41:05.0438 1744 tcpipreg - ok 18:41:05.0480 1744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:41:05.0504 1744 TDPIPE - ok 18:41:05.0534 1744 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 18:41:05.0558 1744 TDTCP - ok 18:41:05.0603 1744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:41:05.0671 1744 tdx - ok 18:41:06.0102 1744 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 18:41:06.0208 1744 TeamViewer7 - ok 18:41:06.0353 1744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:41:06.0378 1744 TermDD - ok 18:41:06.0451 1744 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 18:41:06.0532 1744 TermService - ok 18:41:06.0571 1744 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:41:06.0609 1744 Themes - ok 18:41:06.0651 1744 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:41:06.0722 1744 THREADORDER - ok 18:41:06.0771 1744 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:41:06.0841 1744 TrkWks - ok 18:41:06.0914 1744 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 18:41:06.0985 1744 TrustedInstaller - ok 18:41:07.0021 1744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:41:07.0089 1744 tssecsrv - ok 18:41:07.0123 1744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:41:07.0149 1744 TsUsbFlt - ok 18:41:07.0493 1744 TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe 18:41:07.0570 1744 TuneUp.UtilitiesSvc - ok 18:41:07.0643 1744 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 18:41:07.0664 1744 TuneUpUtilitiesDrv - ok 18:41:07.0803 1744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:41:07.0872 1744 tunnel - ok 18:41:07.0902 1744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:41:07.0926 1744 uagp35 - ok 18:41:07.0983 1744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:41:08.0054 1744 udfs - ok 18:41:08.0102 1744 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:41:08.0131 1744 UI0Detect - ok 18:41:08.0157 1744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:41:08.0180 1744 uliagpkx - ok 18:41:08.0206 1744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 18:41:08.0231 1744 umbus - ok 18:41:08.0268 1744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:41:08.0291 1744 UmPass - ok 18:41:08.0345 1744 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:41:08.0420 1744 upnphost - ok 18:41:08.0456 1744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:41:08.0481 1744 usbccgp - ok 18:41:08.0515 1744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:41:08.0546 1744 usbcir - ok 18:41:08.0568 1744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 18:41:08.0591 1744 usbehci - ok 18:41:08.0628 1744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:41:08.0659 1744 usbhub - ok 18:41:08.0688 1744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 18:41:08.0715 1744 usbohci - ok 18:41:08.0742 1744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:41:08.0771 1744 usbprint - ok 18:41:08.0793 1744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:41:08.0818 1744 USBSTOR - ok 18:41:08.0852 1744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:41:08.0875 1744 usbuhci - ok 18:41:08.0911 1744 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:41:08.0949 1744 usbvideo - ok 18:41:08.0985 1744 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:41:09.0055 1744 UxSms - ok 18:41:09.0121 1744 UxTuneUp (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll 18:41:09.0143 1744 UxTuneUp - ok 18:41:09.0167 1744 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:41:09.0196 1744 VaultSvc - ok 18:41:09.0229 1744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:41:09.0250 1744 vdrvroot - ok 18:41:09.0306 1744 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 18:41:09.0384 1744 vds - ok 18:41:09.0415 1744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:41:09.0448 1744 vga - ok 18:41:09.0468 1744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:41:09.0537 1744 VgaSave - ok 18:41:09.0588 1744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:41:09.0617 1744 vhdmp - ok 18:41:09.0639 1744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:41:09.0663 1744 viaide - ok 18:41:09.0692 1744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:41:09.0717 1744 volmgr - ok 18:41:09.0779 1744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:41:09.0811 1744 volmgrx - ok 18:41:09.0861 1744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:41:09.0891 1744 volsnap - ok 18:41:09.0935 1744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:41:09.0962 1744 vsmraid - ok 18:41:10.0079 1744 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 18:41:10.0176 1744 VSS - ok 18:41:10.0297 1744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:41:10.0327 1744 vwifibus - ok 18:41:10.0344 1744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:41:10.0378 1744 vwififlt - ok 18:41:10.0399 1744 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:41:10.0431 1744 vwifimp - ok 18:41:10.0485 1744 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:41:10.0561 1744 W32Time - ok 18:41:10.0588 1744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:41:10.0612 1744 WacomPen - ok 18:41:10.0649 1744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:41:10.0724 1744 WANARP - ok 18:41:10.0731 1744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:41:10.0800 1744 Wanarpv6 - ok 18:41:11.0082 1744 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:41:11.0137 1744 WatAdminSvc - ok 18:41:11.0260 1744 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 18:41:11.0313 1744 wbengine - ok 18:41:11.0423 1744 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:41:11.0463 1744 WbioSrvc - ok 18:41:11.0518 1744 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 18:41:11.0560 1744 wcncsvc - ok 18:41:11.0596 1744 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:41:11.0624 1744 WcsPlugInService - ok 18:41:11.0680 1744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:41:11.0702 1744 Wd - ok 18:41:11.0768 1744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:41:11.0806 1744 Wdf01000 - ok 18:41:11.0843 1744 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:41:11.0882 1744 WdiServiceHost - ok 18:41:11.0890 1744 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:41:11.0927 1744 WdiSystemHost - ok 18:41:11.0973 1744 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 18:41:12.0013 1744 WebClient - ok 18:41:12.0060 1744 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:41:12.0134 1744 Wecsvc - ok 18:41:12.0162 1744 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:41:12.0236 1744 wercplsupport - ok 18:41:12.0261 1744 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:41:12.0333 1744 WerSvc - ok 18:41:12.0487 1744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:41:12.0553 1744 WfpLwf - ok 18:41:12.0578 1744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:41:12.0601 1744 WIMMount - ok 18:41:12.0627 1744 WinDefend - ok 18:41:12.0648 1744 WinHttpAutoProxySvc - ok 18:41:12.0725 1744 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:41:12.0796 1744 Winmgmt - ok 18:41:12.0851 1744 WinRiskXASmClSoftwareUpdate (e694974965e268f8224cc37fabb67596) C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe 18:41:12.0861 1744 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - warning 18:41:12.0861 1744 WinRiskXASmClSoftwareUpdate - detected UnsignedFile.Multi.Generic (1) 18:41:13.0015 1744 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 18:41:13.0119 1744 WinRM - ok 18:41:13.0309 1744 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:41:13.0361 1744 Wlansvc - ok 18:41:13.0417 1744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:41:13.0442 1744 WmiAcpi - ok 18:41:13.0515 1744 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:41:13.0543 1744 wmiApSrv - ok 18:41:13.0573 1744 WMPNetworkSvc - ok 18:41:13.0602 1744 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:41:13.0629 1744 WPCSvc - ok 18:41:13.0672 1744 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 18:41:13.0702 1744 WPDBusEnum - ok 18:41:13.0726 1744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:41:13.0791 1744 ws2ifsl - ok 18:41:13.0838 1744 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 18:41:13.0874 1744 wscsvc - ok 18:41:13.0882 1744 WSearch - ok 18:41:14.0068 1744 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 18:41:14.0156 1744 wuauserv - ok 18:41:14.0286 1744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:41:14.0352 1744 WudfPf - ok 18:41:14.0387 1744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:41:14.0454 1744 WUDFRd - ok 18:41:14.0504 1744 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 18:41:14.0574 1744 wudfsvc - ok 18:41:14.0621 1744 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:41:14.0661 1744 WwanSvc - ok 18:41:14.0704 1744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:41:15.0069 1744 \Device\Harddisk0\DR0 - ok 18:41:15.0077 1744 Boot (0x1200) (3efce229d8639413c350b46bacaf68ec) \Device\Harddisk0\DR0\Partition0 18:41:15.0080 1744 \Device\Harddisk0\DR0\Partition0 - ok 18:41:15.0160 1744 Boot (0x1200) (f379b40a9d0f84d17e5e28a143d0d8a9) \Device\Harddisk0\DR0\Partition1 18:41:15.0178 1744 \Device\Harddisk0\DR0\Partition1 - ok 18:41:15.0217 1744 Boot (0x1200) (bf212a161a988d745538ff01a672611e) \Device\Harddisk0\DR0\Partition2 18:41:15.0311 1744 \Device\Harddisk0\DR0\Partition2 - ok 18:41:15.0314 1744 ============================================================ 18:41:15.0315 1744 Scan finished 18:41:15.0315 1744 ============================================================ 18:41:15.0341 4304 Detected object count: 3 18:41:15.0341 4304 Actual detected object count: 3 18:41:25.0845 4304 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user 18:41:25.0845 4304 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:41:25.0846 4304 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 18:41:25.0846 4304 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:41:25.0851 4304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - skipped by user 18:41:25.0852 4304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:43:13.0446 2304 ============================================================ 18:43:13.0446 2304 Scan started 18:43:13.0446 2304 Mode: Manual; SigCheck; TDLFS; 18:43:13.0446 2304 ============================================================ 18:43:13.0906 2304 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:43:13.0947 2304 1394ohci - ok 18:43:13.0990 2304 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:43:14.0019 2304 ACPI - ok 18:43:14.0043 2304 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:43:14.0071 2304 AcpiPmi - ok 18:43:14.0139 2304 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:43:14.0173 2304 adp94xx - ok 18:43:14.0207 2304 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:43:14.0236 2304 adpahci - ok 18:43:14.0281 2304 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:43:14.0306 2304 adpu320 - ok 18:43:14.0347 2304 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:43:14.0414 2304 AeLookupSvc - ok 18:43:14.0474 2304 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:43:14.0506 2304 AFD - ok 18:43:14.0538 2304 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:43:14.0560 2304 agp440 - ok 18:43:14.0594 2304 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:43:14.0618 2304 ALG - ok 18:43:14.0650 2304 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:43:14.0670 2304 aliide - ok 18:43:14.0716 2304 AMD External Events Utility (8743eeca8cea54555fc584090b16de9d) C:\Windows\system32\atiesrxx.exe 18:43:14.0747 2304 AMD External Events Utility - ok 18:43:14.0769 2304 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:43:14.0790 2304 amdide - ok 18:43:14.0813 2304 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:43:14.0837 2304 AmdK8 - ok 18:43:15.0480 2304 amdkmdag (0a97540b21807e5e77dfd6ff2ca86e2a) C:\Windows\system32\DRIVERS\atikmdag.sys 18:43:15.0685 2304 amdkmdag - ok 18:43:15.0871 2304 amdkmdap (a11c4af5e8777f13ce7df011e892239c) C:\Windows\system32\DRIVERS\atikmpag.sys 18:43:15.0925 2304 amdkmdap - ok 18:43:15.0955 2304 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:43:15.0977 2304 AmdPPM - ok 18:43:16.0012 2304 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:43:16.0035 2304 amdsata - ok 18:43:16.0076 2304 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:43:16.0102 2304 amdsbs - ok 18:43:16.0135 2304 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:43:16.0156 2304 amdxata - ok 18:43:16.0236 2304 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:43:16.0280 2304 AntiVirSchedulerService - ok 18:43:16.0298 2304 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:43:16.0318 2304 AntiVirService - ok 18:43:16.0371 2304 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) c:\xampp\apache\bin\httpd.exe 18:43:16.0378 2304 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning 18:43:16.0378 2304 Apache2.2 - detected UnsignedFile.Multi.Generic (1) 18:43:16.0413 2304 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:43:16.0476 2304 AppID - ok 18:43:16.0508 2304 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:43:16.0572 2304 AppIDSvc - ok 18:43:16.0598 2304 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 18:43:16.0660 2304 Appinfo - ok 18:43:16.0686 2304 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:43:16.0710 2304 arc - ok 18:43:16.0741 2304 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:43:16.0764 2304 arcsas - ok 18:43:16.0880 2304 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:43:16.0916 2304 aspnet_state - ok 18:43:16.0944 2304 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:43:17.0008 2304 AsyncMac - ok 18:43:17.0044 2304 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:43:17.0065 2304 atapi - ok 18:43:17.0110 2304 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys 18:43:17.0139 2304 AtiHDAudioService - ok 18:43:17.0220 2304 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:43:17.0298 2304 AudioEndpointBuilder - ok 18:43:17.0310 2304 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:43:17.0385 2304 AudioSrv - ok 18:43:17.0425 2304 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 18:43:17.0447 2304 avgntflt - ok 18:43:17.0473 2304 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 18:43:17.0497 2304 avipbb - ok 18:43:17.0516 2304 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 18:43:17.0536 2304 avkmgr - ok 18:43:17.0576 2304 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 18:43:17.0609 2304 AxInstSV - ok 18:43:17.0662 2304 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:43:17.0691 2304 b06bdrv - ok 18:43:17.0720 2304 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:43:17.0747 2304 b57nd60a - ok 18:43:18.0093 2304 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys 18:43:18.0234 2304 BCM43XX - ok 18:43:18.0340 2304 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:43:18.0369 2304 BDESVC - ok 18:43:18.0425 2304 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:43:18.0502 2304 Beep - ok 18:43:18.0575 2304 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 18:43:18.0661 2304 BFE - ok 18:43:18.0743 2304 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 18:43:18.0821 2304 BITS - ok 18:43:18.0882 2304 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:43:18.0912 2304 blbdrive - ok 18:43:18.0947 2304 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:43:18.0969 2304 bowser - ok 18:43:19.0000 2304 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:43:19.0026 2304 BrFiltLo - ok 18:43:19.0033 2304 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:43:19.0061 2304 BrFiltUp - ok 18:43:19.0096 2304 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 18:43:19.0160 2304 Browser - ok 18:43:19.0213 2304 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:43:19.0243 2304 Brserid - ok 18:43:19.0251 2304 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:43:19.0279 2304 BrSerWdm - ok 18:43:19.0286 2304 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:43:19.0315 2304 BrUsbMdm - ok 18:43:19.0321 2304 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:43:19.0345 2304 BrUsbSer - ok 18:43:19.0374 2304 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 18:43:19.0397 2304 BthEnum - ok 18:43:19.0429 2304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:43:19.0457 2304 BTHMODEM - ok 18:43:19.0495 2304 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:43:19.0525 2304 BthPan - ok 18:43:19.0585 2304 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 18:43:19.0621 2304 BTHPORT - ok 18:43:19.0652 2304 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:43:19.0717 2304 bthserv - ok 18:43:19.0756 2304 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 18:43:19.0778 2304 BTHUSB - ok 18:43:19.0833 2304 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys 18:43:19.0863 2304 BTWAMPFL - ok 18:43:19.0903 2304 btwaudio (24bff9d75310f3059ee44f38bf0de0b2) C:\Windows\system32\drivers\btwaudio.sys 18:43:19.0925 2304 btwaudio - ok 18:43:19.0955 2304 btwavdt (858b305ade425732cff9ded182f94fb8) C:\Windows\system32\DRIVERS\btwavdt.sys 18:43:19.0977 2304 btwavdt - ok 18:43:20.0108 2304 btwdins (305097081be9a372484360c696f025ee) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 18:43:20.0169 2304 btwdins - ok 18:43:20.0236 2304 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys 18:43:20.0257 2304 btwl2cap - ok 18:43:20.0328 2304 btwrchid (3bd876387d6c538690300f9ec198856b) C:\Windows\system32\DRIVERS\btwrchid.sys 18:43:20.0347 2304 btwrchid - ok 18:43:20.0426 2304 cbfs3 (555fa105c22b1616094edad1cbfb0551) C:\Windows\system32\drivers\cbfs3.sys 18:43:20.0463 2304 cbfs3 - ok 18:43:20.0502 2304 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:43:20.0571 2304 cdfs - ok 18:43:20.0611 2304 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:43:20.0636 2304 cdrom - ok 18:43:20.0674 2304 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:43:20.0740 2304 CertPropSvc - ok 18:43:20.0769 2304 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:43:20.0799 2304 circlass - ok 18:43:20.0828 2304 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE 18:43:20.0853 2304 CISVC - ok 18:43:20.0901 2304 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:43:20.0932 2304 CLFS - ok 18:43:21.0000 2304 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:43:21.0021 2304 clr_optimization_v2.0.50727_32 - ok 18:43:21.0092 2304 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:43:21.0114 2304 clr_optimization_v2.0.50727_64 - ok 18:43:21.0176 2304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:43:21.0197 2304 clr_optimization_v4.0.30319_32 - ok 18:43:21.0230 2304 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:43:21.0254 2304 clr_optimization_v4.0.30319_64 - ok 18:43:21.0260 2304 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:43:21.0284 2304 CmBatt - ok 18:43:21.0317 2304 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:43:21.0339 2304 cmdide - ok 18:43:21.0393 2304 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:43:21.0440 2304 CNG - ok 18:43:21.0633 2304 CodeMeter.exe (1c15404ea8fc42dab8a7b3765ed53e58) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe 18:43:21.0712 2304 CodeMeter.exe - ok 18:43:21.0851 2304 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:43:21.0877 2304 Compbatt - ok 18:43:21.0905 2304 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:43:21.0932 2304 CompositeBus - ok 18:43:21.0939 2304 COMSysApp - ok 18:43:21.0971 2304 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:43:21.0992 2304 crcdisk - ok 18:43:22.0039 2304 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 18:43:22.0065 2304 CryptSvc - ok 18:43:22.0129 2304 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:43:22.0212 2304 DcomLaunch - ok 18:43:22.0263 2304 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:43:22.0336 2304 defragsvc - ok 18:43:22.0377 2304 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:43:22.0441 2304 DfsC - ok 18:43:22.0489 2304 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 18:43:22.0558 2304 Dhcp - ok 18:43:22.0577 2304 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:43:22.0642 2304 discache - ok 18:43:22.0659 2304 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:43:22.0681 2304 Disk - ok 18:43:22.0716 2304 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 18:43:22.0740 2304 Dnscache - ok 18:43:22.0783 2304 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 18:43:22.0857 2304 dot3svc - ok 18:43:22.0901 2304 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 18:43:22.0966 2304 DPS - ok 18:43:22.0992 2304 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:43:23.0019 2304 drmkaud - ok 18:43:23.0118 2304 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:43:23.0163 2304 DXGKrnl - ok 18:43:23.0201 2304 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:43:23.0273 2304 EapHost - ok 18:43:23.0514 2304 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:43:23.0602 2304 ebdrv - ok 18:43:23.0701 2304 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 18:43:23.0727 2304 EFS - ok 18:43:23.0811 2304 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 18:43:23.0846 2304 ehRecvr - ok 18:43:23.0886 2304 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:43:23.0911 2304 ehSched - ok 18:43:23.0977 2304 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 18:43:24.0018 2304 ElbyCDFL - ok 18:43:24.0037 2304 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 18:43:24.0057 2304 ElbyCDIO - ok 18:43:24.0120 2304 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:43:24.0173 2304 elxstor - ok 18:43:24.0212 2304 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:43:24.0237 2304 ErrDev - ok 18:43:24.0292 2304 ETD (a06dd18ea3630cb2d7ecede15ac21678) C:\Windows\system32\DRIVERS\ETD.sys 18:43:24.0319 2304 ETD - ok 18:43:24.0399 2304 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:43:24.0478 2304 EventSystem - ok 18:43:24.0521 2304 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:43:24.0588 2304 exfat - ok 18:43:24.0619 2304 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:43:24.0686 2304 fastfat - ok 18:43:24.0761 2304 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 18:43:24.0796 2304 Fax - ok 18:43:24.0830 2304 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:43:24.0868 2304 fdc - ok 18:43:24.0902 2304 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:43:24.0967 2304 fdPHost - ok 18:43:24.0975 2304 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:43:25.0040 2304 FDResPub - ok 18:43:25.0062 2304 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:43:25.0084 2304 FileInfo - ok 18:43:25.0120 2304 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:43:25.0184 2304 Filetrace - ok 18:43:25.0198 2304 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:43:25.0220 2304 flpydisk - ok 18:43:25.0265 2304 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:43:25.0294 2304 FltMgr - ok 18:43:25.0436 2304 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 18:43:25.0487 2304 FontCache - ok 18:43:25.0573 2304 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:43:25.0595 2304 FontCache3.0.0.0 - ok 18:43:25.0655 2304 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:43:25.0678 2304 FsDepends - ok 18:43:25.0703 2304 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 18:43:25.0725 2304 Fs_Rec - ok 18:43:25.0759 2304 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys 18:43:25.0777 2304 FTDIBUS - ok 18:43:25.0787 2304 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys 18:43:25.0806 2304 FTSER2K - ok 18:43:25.0854 2304 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:43:25.0888 2304 fvevol - ok 18:43:25.0919 2304 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:43:25.0942 2304 gagp30kx - ok 18:43:26.0022 2304 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 18:43:26.0110 2304 gpsvc - ok 18:43:26.0146 2304 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:43:26.0176 2304 hcw85cir - ok 18:43:26.0236 2304 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:43:26.0279 2304 HdAudAddService - ok 18:43:26.0311 2304 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:43:26.0346 2304 HDAudBus - ok 18:43:26.0373 2304 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:43:26.0395 2304 HidBatt - ok 18:43:26.0416 2304 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:43:26.0444 2304 HidBth - ok 18:43:26.0451 2304 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:43:26.0479 2304 HidIr - ok 18:43:26.0501 2304 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 18:43:26.0568 2304 hidserv - ok 18:43:26.0595 2304 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:43:26.0618 2304 HidUsb - ok 18:43:26.0653 2304 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 18:43:26.0718 2304 hkmsvc - ok 18:43:26.0762 2304 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 18:43:26.0788 2304 HomeGroupListener - ok 18:43:26.0817 2304 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 18:43:26.0843 2304 HomeGroupProvider - ok 18:43:26.0889 2304 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:43:26.0911 2304 HpSAMD - ok 18:43:26.0979 2304 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:43:27.0058 2304 HTTP - ok 18:43:27.0083 2304 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:43:27.0104 2304 hwpolicy - ok 18:43:27.0129 2304 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:43:27.0152 2304 i8042prt - ok 18:43:27.0207 2304 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:43:27.0242 2304 iaStorV - ok 18:43:27.0397 2304 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:43:27.0443 2304 idsvc - ok 18:43:27.0474 2304 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:43:27.0496 2304 iirsp - ok 18:43:27.0584 2304 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 18:43:27.0661 2304 IKEEXT - ok 18:43:27.0872 2304 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys 18:43:27.0975 2304 IntcAzAudAddService - ok 18:43:28.0103 2304 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:43:28.0129 2304 intelide - ok 18:43:28.0175 2304 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:43:28.0197 2304 intelppm - ok 18:43:28.0238 2304 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:43:28.0305 2304 IPBusEnum - ok 18:43:28.0331 2304 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:43:28.0394 2304 IpFilterDriver - ok 18:43:28.0460 2304 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 18:43:28.0539 2304 iphlpsvc - ok 18:43:28.0582 2304 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:43:28.0605 2304 IPMIDRV - ok 18:43:28.0644 2304 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:43:28.0710 2304 IPNAT - ok 18:43:28.0732 2304 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:43:28.0761 2304 IRENUM - ok 18:43:28.0796 2304 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:43:28.0817 2304 isapnp - ok 18:43:28.0848 2304 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:43:28.0876 2304 iScsiPrt - ok 18:43:28.0902 2304 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 18:43:28.0923 2304 kbdclass - ok 18:43:28.0951 2304 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 18:43:28.0974 2304 kbdhid - ok 18:43:29.0002 2304 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:43:29.0024 2304 KeyIso - ok 18:43:29.0045 2304 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:43:29.0068 2304 KSecDD - ok 18:43:29.0095 2304 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:43:29.0120 2304 KSecPkg - ok 18:43:29.0148 2304 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:43:29.0212 2304 ksthunk - ok 18:43:29.0268 2304 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:43:29.0346 2304 KtmRm - ok 18:43:29.0386 2304 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 18:43:29.0454 2304 LanmanServer - ok 18:43:29.0486 2304 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 18:43:29.0553 2304 LanmanWorkstation - ok 18:43:29.0569 2304 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:43:29.0634 2304 lltdio - ok 18:43:29.0689 2304 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:43:29.0776 2304 lltdsvc - ok 18:43:29.0799 2304 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:43:29.0864 2304 lmhosts - ok 18:43:29.0890 2304 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:43:29.0914 2304 LSI_FC - ok 18:43:29.0949 2304 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:43:29.0973 2304 LSI_SAS - ok 18:43:29.0991 2304 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:43:30.0013 2304 LSI_SAS2 - ok 18:43:30.0034 2304 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:43:30.0058 2304 LSI_SCSI - ok 18:43:30.0121 2304 Ltn_stk7070P_64 (639d24e769bdbec6145e4c1921669b73) C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys 18:43:30.0153 2304 Ltn_stk7070P_64 - ok 18:43:30.0183 2304 Ltn_stkrc_64 (e028df5a96827a87898d4d7eb768e3ab) C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys 18:43:30.0202 2304 Ltn_stkrc_64 - ok 18:43:30.0227 2304 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:43:30.0292 2304 luafv - ok 18:43:30.0663 2304 M4-Service (f1d72877fa97d617be70aefb3a30cd91) C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe 18:43:30.0714 2304 M4-Service - ok 18:43:30.0737 2304 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 18:43:30.0760 2304 MBAMProtector - ok 18:43:30.0881 2304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:43:30.0920 2304 MBAMService - ok 18:43:30.0960 2304 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 18:43:30.0991 2304 Mcx2Svc - ok 18:43:31.0031 2304 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:43:31.0054 2304 megasas - ok 18:43:31.0103 2304 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:43:31.0133 2304 MegaSR - ok 18:43:31.0177 2304 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:43:31.0249 2304 MMCSS - ok 18:43:31.0264 2304 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:43:31.0330 2304 Modem - ok 18:43:31.0359 2304 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:43:31.0387 2304 monitor - ok 18:43:31.0415 2304 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:43:31.0437 2304 mouclass - ok 18:43:31.0465 2304 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:43:31.0488 2304 mouhid - ok 18:43:31.0528 2304 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:43:31.0552 2304 mountmgr - ok 18:43:31.0599 2304 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:43:31.0621 2304 MozillaMaintenance - ok 18:43:31.0655 2304 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 18:43:31.0683 2304 MpFilter - ok 18:43:31.0722 2304 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:43:31.0747 2304 mpio - ok 18:43:31.0776 2304 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:43:31.0841 2304 mpsdrv - ok 18:43:31.0931 2304 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 18:43:32.0026 2304 MpsSvc - ok 18:43:32.0068 2304 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:43:32.0109 2304 MRxDAV - ok 18:43:32.0157 2304 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:43:32.0185 2304 mrxsmb - ok 18:43:32.0224 2304 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:43:32.0253 2304 mrxsmb10 - ok 18:43:32.0265 2304 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:43:32.0288 2304 mrxsmb20 - ok 18:43:32.0311 2304 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:43:32.0332 2304 msahci - ok 18:43:32.0362 2304 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:43:32.0387 2304 msdsm - ok 18:43:32.0425 2304 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:43:32.0452 2304 MSDTC - ok 18:43:32.0487 2304 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:43:32.0550 2304 Msfs - ok 18:43:32.0562 2304 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:43:32.0625 2304 mshidkmdf - ok 18:43:32.0646 2304 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:43:32.0667 2304 msisadrv - ok 18:43:32.0709 2304 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:43:32.0779 2304 MSiSCSI - ok 18:43:32.0791 2304 msiserver - ok 18:43:32.0833 2304 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:43:32.0905 2304 MSKSSRV - ok 18:43:32.0963 2304 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe 18:43:32.0986 2304 MsMpSvc - ok 18:43:33.0015 2304 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:43:33.0097 2304 MSPCLOCK - ok 18:43:33.0125 2304 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:43:33.0200 2304 MSPQM - ok 18:43:33.0256 2304 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:43:33.0287 2304 MsRPC - ok 18:43:33.0317 2304 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:43:33.0339 2304 mssmbios - ok 18:43:33.0389 2304 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:43:33.0477 2304 MSTEE - ok 18:43:33.0484 2304 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:43:33.0506 2304 MTConfig - ok 18:43:33.0532 2304 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:43:33.0554 2304 Mup - ok 18:43:33.0627 2304 mysql - ok 18:43:33.0690 2304 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 18:43:33.0773 2304 napagent - ok 18:43:33.0824 2304 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:43:33.0866 2304 NativeWifiP - ok 18:43:33.0949 2304 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:43:34.0000 2304 NDIS - ok 18:43:34.0025 2304 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:43:34.0089 2304 NdisCap - ok 18:43:34.0105 2304 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:43:34.0169 2304 NdisTapi - ok 18:43:34.0193 2304 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:43:34.0256 2304 Ndisuio - ok 18:43:34.0293 2304 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:43:34.0358 2304 NdisWan - ok 18:43:34.0387 2304 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:43:34.0450 2304 NDProxy - ok 18:43:34.0487 2304 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:43:34.0552 2304 NetBIOS - ok 18:43:34.0599 2304 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:43:34.0665 2304 NetBT - ok 18:43:34.0690 2304 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:43:34.0713 2304 Netlogon - ok 18:43:34.0766 2304 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:43:34.0842 2304 Netman - ok 18:43:34.0951 2304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:43:34.0974 2304 NetMsmqActivator - ok 18:43:34.0989 2304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:43:35.0012 2304 NetPipeActivator - ok 18:43:35.0091 2304 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:43:35.0171 2304 netprofm - ok 18:43:35.0189 2304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:43:35.0219 2304 NetTcpActivator - ok 18:43:35.0239 2304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:43:35.0261 2304 NetTcpPortSharing - ok 18:43:35.0330 2304 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:43:35.0353 2304 nfrd960 - ok 18:43:35.0387 2304 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 18:43:35.0409 2304 NisDrv - ok 18:43:35.0491 2304 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe 18:43:35.0529 2304 NisSrv - ok 18:43:35.0576 2304 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 18:43:35.0646 2304 NlaSvc - ok 18:43:35.0669 2304 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:43:35.0735 2304 Npfs - ok 18:43:35.0820 2304 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:43:35.0895 2304 nsi - ok 18:43:35.0915 2304 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:43:35.0980 2304 nsiproxy - ok 18:43:36.0120 2304 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:43:36.0187 2304 Ntfs - ok 18:43:36.0318 2304 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:43:36.0403 2304 Null - ok 18:43:36.0448 2304 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:43:36.0475 2304 nvraid - ok 18:43:36.0513 2304 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:43:36.0547 2304 nvstor - ok 18:43:36.0581 2304 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:43:36.0606 2304 nv_agp - ok 18:43:36.0736 2304 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:43:36.0766 2304 odserv - ok 18:43:36.0810 2304 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:43:36.0835 2304 ohci1394 - ok 18:43:36.0877 2304 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:43:36.0899 2304 ose - ok 18:43:36.0974 2304 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:43:37.0009 2304 p2pimsvc - ok 18:43:37.0064 2304 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:43:37.0101 2304 p2psvc - ok 18:43:37.0129 2304 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:43:37.0153 2304 Parport - ok 18:43:37.0184 2304 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 18:43:37.0206 2304 partmgr - ok 18:43:37.0248 2304 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:43:37.0283 2304 PcaSvc - ok 18:43:37.0328 2304 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:43:37.0354 2304 pci - ok 18:43:37.0371 2304 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:43:37.0392 2304 pciide - ok 18:43:37.0425 2304 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:43:37.0452 2304 pcmcia - ok 18:43:37.0477 2304 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:43:37.0499 2304 pcw - ok 18:43:37.0560 2304 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:43:37.0648 2304 PEAUTH - ok 18:43:37.0755 2304 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:43:37.0781 2304 PerfHost - ok 18:43:37.0913 2304 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 18:43:38.0010 2304 pla - ok 18:43:38.0073 2304 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 18:43:38.0113 2304 PlugPlay - ok 18:43:38.0137 2304 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:43:38.0161 2304 PNRPAutoReg - ok 18:43:38.0202 2304 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:43:38.0231 2304 PNRPsvc - ok 18:43:38.0293 2304 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 18:43:38.0365 2304 PolicyAgent - ok 18:43:38.0407 2304 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:43:38.0476 2304 Power - ok 18:43:38.0527 2304 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:43:38.0599 2304 PptpMiniport - ok 18:43:38.0626 2304 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:43:38.0649 2304 Processor - ok 18:43:38.0697 2304 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 18:43:38.0728 2304 ProfSvc - ok 18:43:38.0757 2304 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:43:38.0780 2304 ProtectedStorage - ok 18:43:38.0816 2304 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:43:38.0884 2304 Psched - ok 18:43:39.0013 2304 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:43:39.0078 2304 ql2300 - ok 18:43:39.0236 2304 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:43:39.0260 2304 ql40xx - ok 18:43:39.0299 2304 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:43:39.0335 2304 QWAVE - ok 18:43:39.0349 2304 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:43:39.0379 2304 QWAVEdrv - ok 18:43:39.0405 2304 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:43:39.0469 2304 RasAcd - ok 18:43:39.0486 2304 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:43:39.0551 2304 RasAgileVpn - ok 18:43:39.0579 2304 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:43:39.0647 2304 RasAuto - ok 18:43:39.0678 2304 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:43:39.0744 2304 Rasl2tp - ok 18:43:39.0788 2304 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 18:43:39.0864 2304 RasMan - ok 18:43:39.0904 2304 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:43:39.0975 2304 RasPppoe - ok 18:43:39.0996 2304 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:43:40.0066 2304 RasSstp - ok 18:43:40.0114 2304 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:43:40.0183 2304 rdbss - ok 18:43:40.0210 2304 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:43:40.0237 2304 rdpbus - ok 18:43:40.0258 2304 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:43:40.0322 2304 RDPCDD - ok 18:43:40.0342 2304 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:43:40.0406 2304 RDPENCDD - ok 18:43:40.0418 2304 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:43:40.0482 2304 RDPREFMP - ok 18:43:40.0518 2304 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 18:43:40.0543 2304 RDPWD - ok 18:43:40.0587 2304 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:43:40.0613 2304 rdyboost - ok 18:43:40.0644 2304 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:43:40.0711 2304 RemoteAccess - ok 18:43:40.0751 2304 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:43:40.0819 2304 RemoteRegistry - ok 18:43:40.0869 2304 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 18:43:40.0899 2304 RFCOMM - ok 18:43:40.0938 2304 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:43:41.0005 2304 RpcEptMapper - ok 18:43:41.0032 2304 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:43:41.0057 2304 RpcLocator - ok 18:43:41.0118 2304 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:43:41.0193 2304 RpcSs - ok 18:43:41.0235 2304 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:43:41.0301 2304 rspndr - ok 18:43:41.0370 2304 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys 18:43:41.0412 2304 RTL8167 - ok 18:43:41.0434 2304 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys 18:43:41.0453 2304 SABI - ok 18:43:41.0479 2304 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:43:41.0502 2304 SamSs - ok 18:43:41.0530 2304 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:43:41.0553 2304 sbp2port - ok 18:43:41.0595 2304 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:43:41.0667 2304 SCardSvr - ok 18:43:41.0696 2304 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:43:41.0761 2304 scfilter - ok 18:43:41.0848 2304 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 18:43:41.0939 2304 Schedule - ok 18:43:41.0975 2304 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:43:42.0040 2304 SCPolicySvc - ok 18:43:42.0061 2304 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 18:43:42.0088 2304 SDRSVC - ok 18:43:42.0139 2304 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:43:42.0203 2304 secdrv - ok 18:43:42.0234 2304 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 18:43:42.0299 2304 seclogon - ok 18:43:42.0329 2304 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 18:43:42.0397 2304 SENS - ok 18:43:42.0413 2304 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:43:42.0437 2304 SensrSvc - ok 18:43:42.0465 2304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:43:42.0487 2304 Serenum - ok 18:43:42.0512 2304 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:43:42.0536 2304 Serial - ok 18:43:42.0576 2304 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:43:42.0599 2304 sermouse - ok 18:43:42.0653 2304 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 18:43:42.0726 2304 SessionEnv - ok 18:43:42.0764 2304 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:43:42.0786 2304 sffdisk - ok 18:43:42.0800 2304 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:43:42.0821 2304 sffp_mmc - ok 18:43:42.0840 2304 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:43:42.0869 2304 sffp_sd - ok 18:43:42.0899 2304 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:43:42.0921 2304 sfloppy - ok 18:43:42.0975 2304 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:43:43.0053 2304 SharedAccess - ok 18:43:43.0103 2304 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 18:43:43.0181 2304 ShellHWDetection - ok 18:43:43.0206 2304 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:43:43.0228 2304 SiSRaid2 - ok 18:43:43.0264 2304 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:43:43.0286 2304 SiSRaid4 - ok 18:43:43.0371 2304 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 18:43:43.0406 2304 SkypeUpdate - ok 18:43:43.0429 2304 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:43:43.0495 2304 Smb - ok 18:43:43.0535 2304 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:43:43.0561 2304 SNMPTRAP - ok 18:43:43.0575 2304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:43:43.0598 2304 spldr - ok 18:43:43.0661 2304 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 18:43:43.0735 2304 Spooler - ok 18:43:43.0989 2304 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 18:43:44.0118 2304 sppsvc - ok 18:43:44.0232 2304 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:43:44.0304 2304 sppuinotify - ok 18:43:44.0384 2304 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:43:44.0421 2304 srv - ok 18:43:44.0451 2304 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:43:44.0484 2304 srv2 - ok 18:43:44.0504 2304 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:43:44.0528 2304 srvnet - ok 18:43:44.0567 2304 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:43:44.0638 2304 SSDPSRV - ok 18:43:44.0658 2304 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:43:44.0729 2304 SstpSvc - ok 18:43:44.0758 2304 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:43:44.0779 2304 stexstor - ok 18:43:44.0807 2304 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 18:43:44.0836 2304 StillCam - ok 18:43:44.0900 2304 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 18:43:44.0947 2304 stisvc - ok 18:43:44.0972 2304 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:43:44.0993 2304 swenum - ok 18:43:45.0112 2304 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 18:43:45.0146 2304 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 18:43:45.0146 2304 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 18:43:45.0217 2304 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:43:45.0293 2304 swprv - ok 18:43:45.0433 2304 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 18:43:45.0501 2304 SysMain - ok 18:43:45.0626 2304 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 18:43:45.0667 2304 TabletInputService - ok 18:43:45.0708 2304 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 18:43:45.0778 2304 TapiSrv - ok 18:43:45.0820 2304 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:43:45.0888 2304 TBS - ok 18:43:46.0073 2304 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 18:43:46.0154 2304 Tcpip - ok 18:43:46.0405 2304 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 18:43:46.0486 2304 TCPIP6 - ok 18:43:46.0613 2304 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:43:46.0718 2304 tcpipreg - ok 18:43:46.0748 2304 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:43:46.0770 2304 TDPIPE - ok 18:43:46.0802 2304 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 18:43:46.0822 2304 TDTCP - ok 18:43:46.0870 2304 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:43:46.0935 2304 tdx - ok 18:43:47.0191 2304 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 18:43:47.0290 2304 TeamViewer7 - ok 18:43:47.0411 2304 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:43:47.0438 2304 TermDD - ok 18:43:47.0513 2304 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 18:43:47.0601 2304 TermService - ok 18:43:47.0673 2304 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:43:47.0716 2304 Themes - ok 18:43:47.0826 2304 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:43:47.0928 2304 THREADORDER - ok 18:43:47.0948 2304 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:43:48.0018 2304 TrkWks - ok 18:43:48.0072 2304 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 18:43:48.0148 2304 TrustedInstaller - ok 18:43:48.0190 2304 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:43:48.0253 2304 tssecsrv - ok 18:43:48.0289 2304 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:43:48.0311 2304 TsUsbFlt - ok 18:43:48.0532 2304 TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe 18:43:48.0606 2304 TuneUp.UtilitiesSvc - ok 18:43:48.0679 2304 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 18:43:48.0714 2304 TuneUpUtilitiesDrv - ok 18:43:48.0852 2304 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:43:48.0934 2304 tunnel - ok 18:43:48.0970 2304 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:43:48.0993 2304 uagp35 - ok 18:43:49.0040 2304 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:43:49.0107 2304 udfs - ok 18:43:49.0148 2304 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:43:49.0175 2304 UI0Detect - ok 18:43:49.0203 2304 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:43:49.0225 2304 uliagpkx - ok 18:43:49.0241 2304 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 18:43:49.0265 2304 umbus - ok 18:43:49.0300 2304 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:43:49.0322 2304 UmPass - ok 18:43:49.0370 2304 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:43:49.0451 2304 upnphost - ok 18:43:49.0491 2304 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:43:49.0515 2304 usbccgp - ok 18:43:49.0538 2304 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:43:49.0568 2304 usbcir - ok 18:43:49.0590 2304 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 18:43:49.0612 2304 usbehci - ok 18:43:49.0653 2304 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:43:49.0680 2304 usbhub - ok 18:43:49.0700 2304 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 18:43:49.0722 2304 usbohci - ok 18:43:49.0755 2304 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:43:49.0783 2304 usbprint - ok 18:43:49.0805 2304 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:43:49.0827 2304 USBSTOR - ok 18:43:49.0865 2304 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:43:49.0886 2304 usbuhci - ok 18:43:49.0913 2304 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:43:49.0944 2304 usbvideo - ok 18:43:49.0985 2304 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:43:50.0052 2304 UxSms - ok 18:43:50.0090 2304 UxTuneUp (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll 18:43:50.0109 2304 UxTuneUp - ok 18:43:50.0135 2304 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:43:50.0158 2304 VaultSvc - ok 18:43:50.0186 2304 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:43:50.0207 2304 vdrvroot - ok 18:43:50.0265 2304 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 18:43:50.0344 2304 vds - ok 18:43:50.0372 2304 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:43:50.0399 2304 vga - ok 18:43:50.0414 2304 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:43:50.0479 2304 VgaSave - ok 18:43:50.0523 2304 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:43:50.0549 2304 vhdmp - ok 18:43:50.0573 2304 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:43:50.0595 2304 viaide - ok 18:43:50.0615 2304 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:43:50.0637 2304 volmgr - ok 18:43:50.0692 2304 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:43:50.0728 2304 volmgrx - ok 18:43:50.0765 2304 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:43:50.0794 2304 volsnap - ok 18:43:50.0827 2304 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:43:50.0855 2304 vsmraid - ok 18:43:50.0978 2304 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 18:43:51.0073 2304 VSS - ok 18:43:51.0198 2304 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:43:51.0241 2304 vwifibus - ok 18:43:51.0264 2304 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:43:51.0295 2304 vwififlt - ok 18:43:51.0311 2304 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:43:51.0342 2304 vwifimp - ok 18:43:51.0399 2304 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:43:51.0473 2304 W32Time - ok 18:43:51.0501 2304 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:43:51.0524 2304 WacomPen - ok 18:43:51.0561 2304 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:43:51.0625 2304 WANARP - ok 18:43:51.0633 2304 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:43:51.0697 2304 Wanarpv6 - ok 18:43:51.0816 2304 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:43:51.0873 2304 WatAdminSvc - ok 18:43:51.0995 2304 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 18:43:52.0050 2304 wbengine - ok 18:43:52.0161 2304 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:43:52.0211 2304 WbioSrvc - ok 18:43:52.0266 2304 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 18:43:52.0307 2304 wcncsvc - ok 18:43:52.0342 2304 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:43:52.0367 2304 WcsPlugInService - ok 18:43:52.0427 2304 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:43:52.0455 2304 Wd - ok 18:43:52.0516 2304 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:43:52.0560 2304 Wdf01000 - ok 18:43:52.0599 2304 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:43:52.0635 2304 WdiServiceHost - ok 18:43:52.0641 2304 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:43:52.0677 2304 WdiSystemHost - ok 18:43:52.0713 2304 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 18:43:52.0751 2304 WebClient - ok 18:43:52.0795 2304 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:43:52.0868 2304 Wecsvc - ok 18:43:52.0895 2304 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:43:52.0964 2304 wercplsupport - ok 18:43:52.0984 2304 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:43:53.0052 2304 WerSvc - ok 18:43:53.0099 2304 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:43:53.0163 2304 WfpLwf - ok 18:43:53.0179 2304 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:43:53.0201 2304 WIMMount - ok 18:43:53.0229 2304 WinDefend - ok 18:43:53.0248 2304 WinHttpAutoProxySvc - ok 18:43:53.0328 2304 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:43:53.0411 2304 Winmgmt - ok 18:43:53.0453 2304 WinRiskXASmClSoftwareUpdate (e694974965e268f8224cc37fabb67596) C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe 18:43:53.0461 2304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - warning 18:43:53.0461 2304 WinRiskXASmClSoftwareUpdate - detected UnsignedFile.Multi.Generic (1) 18:43:53.0621 2304 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 18:43:53.0723 2304 WinRM - ok 18:43:53.0892 2304 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:43:53.0948 2304 Wlansvc - ok 18:43:54.0007 2304 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:43:54.0049 2304 WmiAcpi - ok 18:43:54.0117 2304 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:43:54.0144 2304 wmiApSrv - ok 18:43:54.0174 2304 WMPNetworkSvc - ok 18:43:54.0203 2304 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:43:54.0227 2304 WPCSvc - ok 18:43:54.0251 2304 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 18:43:54.0280 2304 WPDBusEnum - ok 18:43:54.0305 2304 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:43:54.0369 2304 ws2ifsl - ok 18:43:54.0403 2304 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 18:43:54.0437 2304 wscsvc - ok 18:43:54.0444 2304 WSearch - ok 18:43:54.0630 2304 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 18:43:54.0726 2304 wuauserv - ok 18:43:54.0868 2304 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:43:54.0942 2304 WudfPf - ok 18:43:54.0977 2304 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:43:55.0042 2304 WUDFRd - ok 18:43:55.0072 2304 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 18:43:55.0138 2304 wudfsvc - ok 18:43:55.0178 2304 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:43:55.0216 2304 WwanSvc - ok 18:43:55.0261 2304 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:43:55.0648 2304 \Device\Harddisk0\DR0 - ok 18:43:55.0659 2304 Boot (0x1200) (3efce229d8639413c350b46bacaf68ec) \Device\Harddisk0\DR0\Partition0 18:43:55.0663 2304 \Device\Harddisk0\DR0\Partition0 - ok 18:43:55.0706 2304 Boot (0x1200) (f379b40a9d0f84d17e5e28a143d0d8a9) \Device\Harddisk0\DR0\Partition1 18:43:55.0709 2304 \Device\Harddisk0\DR0\Partition1 - ok 18:43:55.0741 2304 Boot (0x1200) (bf212a161a988d745538ff01a672611e) \Device\Harddisk0\DR0\Partition2 18:43:55.0744 2304 \Device\Harddisk0\DR0\Partition2 - ok 18:43:55.0745 2304 ============================================================ 18:43:55.0745 2304 Scan finished 18:43:55.0745 2304 ============================================================ 18:43:55.0771 5068 Detected object count: 3 18:43:55.0771 5068 Actual detected object count: 3 18:43:59.0818 5068 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user 18:43:59.0819 5068 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:43:59.0819 5068 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 18:43:59.0819 5068 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:43:59.0823 5068 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - skipped by user 18:43:59.0823 5068 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
03.07.2012, 19:01
| #6 | |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet ExplorerCombofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer |
|
03.07.2012, 20:46
| #7 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Combofix Logfile: Code:
ATTFilter ComboFix 12-07-02.01 - L5566 03.07.2012 21:16:11.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3836.2352 [GMT 2:00]
ausgeführt von:: c:\users\L5566\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-03 bis 2012-07-03 ))))))))))))))))))))))))))))))
.
.
2012-07-03 19:29 . 2012-07-03 19:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-03 10:06 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B224A75-6164-447B-9170-7369A04F6AC3}\mpengine.dll
2012-07-02 16:40 . 2012-07-02 16:40 116016 ----a-w- c:\windows\system32\drivers\69983532.sys
2012-07-02 06:14 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-30 09:38 . 2012-06-30 09:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 09:38 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 07:17 . 2012-07-02 10:21 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-30 07:17 . 2012-07-02 09:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-06-26 06:38 . 2012-06-26 06:38 -------- d-----w- c:\program files (x86)\OneMediaHub
2012-06-26 06:32 . 2012-06-26 06:32 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-26 06:32 . 2012-06-26 06:32 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-21 09:33 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 09:33 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 09:33 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 09:33 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 09:33 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 09:33 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 09:33 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 09:32 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 09:32 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-15 17:57 . 2012-06-15 17:57 -------- d-----w- c:\users\L5566\AppData\Roaming\Avira
2012-06-15 17:50 . 2012-05-02 13:24 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-06-15 17:50 . 2012-04-27 08:20 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-15 17:50 . 2012-04-24 22:32 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-06-15 17:50 . 2012-06-15 17:50 -------- d-----w- c:\programdata\Avira
2012-06-15 17:50 . 2012-06-15 17:50 -------- d-----w- c:\program files (x86)\Avira
2012-06-15 17:40 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-15 17:40 . 2012-05-17 22:24 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-15 17:40 . 2012-05-17 23:21 140920 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-06-15 17:40 . 2012-05-18 02:51 174200 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-06-15 17:40 . 2012-05-18 01:57 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-06-15 17:40 . 2012-05-17 22:31 194560 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2012-06-14 06:07 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 06:07 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 06:07 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 06:07 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 06:01 . 2012-07-01 04:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-06-14 06:01 . 2012-07-01 04:35 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-06-14 06:01 . 2012-06-14 06:01 375632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-13 16:21 . 2012-06-13 16:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-13 16:21 . 2012-06-13 16:21 772592 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-13 06:07 . 2012-03-08 21:10 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-06-13 06:07 . 2012-03-08 21:10 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5A84C74-96CF-4D2F-B351-D5803E19979C}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-01 04:35 . 2012-06-02 07:44 375632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-28 06:17 . 2012-06-02 07:46 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-28 06:17 . 2012-06-02 07:45 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-13 16:21 . 2012-02-03 20:11 687600 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-29 11:09 . 2012-02-12 12:53 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2012-05-29 11:09 . 2012-04-14 06:56 25952 ----a-w- c:\windows\system32\authuitu.dll
2012-05-29 11:09 . 2012-04-14 06:56 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-05-29 11:09 . 2012-02-12 12:54 35680 ----a-w- c:\windows\system32\uxtuneup.dll
2012-05-29 11:09 . 2012-02-12 12:54 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-05-10 08:16 . 2012-05-10 08:16 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-10 08:16 . 2012-03-27 06:40 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-09 14:27 . 2012-05-18 06:18 190480 ----a-w- c:\windows\system32\CbFsMntNtf3.dll
2012-04-09 14:27 . 2012-05-18 06:18 158224 ----a-w- c:\windows\SysWow64\CbFsMntNtf3.dll
2012-04-09 14:27 . 2012-05-18 06:18 141328 ----a-w- c:\windows\system32\CbFsNetRdr3.dll
2012-04-09 14:27 . 2012-05-18 06:18 223760 ----a-w- c:\windows\SysWow64\CbFsNetRdr3.dll
2012-04-09 14:27 . 2012-02-03 20:11 352144 ----a-w- c:\windows\system32\drivers\cbfs3.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{89D80A96-D438-4E53-A324-9192F2397B12}"
[HKEY_CLASSES_ROOT\CLSID\{89D80A96-D438-4E53-A324-9192F2397B12}]
2012-04-09 14:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneMediaHub.lnk - c:\program files (x86)\OneMediaHub\pushfnbl.exe [2012-6-22 145408]
Wuala.lnk - c:\users\L5566\AppData\Roaming\Wuala\Wuala.exe [2011-11-22 451504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-7-28 1211680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 M4-Service;M4-Service;c:\users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-01-16 1007472]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 Ltn_stk7070P_64;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P_64.sys [2007-06-14 543232]
R3 Ltn_stkrc_64;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc_64.sys [2007-06-13 16256]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-26 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-01 1255736]
R4 WinRiskXASmClSoftwareUpdate;InterRisk WinRisk Smart-Client Softwareaktualisierung;c:\program files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [2011-09-12 24576]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2012-04-09 352144]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-10 204288]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-11 9981440]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-10 309248]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-04-30 437288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-22 39976]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-12-09 206128]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-01 11856]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{89D80A96-D438-4E53-A324-9192F2397B12}"
[HKEY_CLASSES_ROOT\CLSID\{89D80A96-D438-4E53-A324-9192F2397B12}]
2012-04-09 14:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2011-11-05 980368]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\L5566\AppData\Roaming\Mozilla\Firefox\Profiles\7vqytien.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-03 21:37:01
ComboFix-quarantined-files.txt 2012-07-03 19:37
.
Vor Suchlauf: 13 Verzeichnis(se), 93.272.698.880 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 92.925.997.056 Bytes frei
.
- - End Of File - - 9F26B9C984855B55F25AB6497894E804
|
|
04.07.2012, 16:46
| #8 |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer gibts noch popups?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.07.2012, 16:01
| #9 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Leider ja... Wobei es jetzt nicht mehr auf jeder Webseite auftritt wie noch zuvor. Die Pop ups sehen so aus: www.munich-broker.de/blog/wp-content/uploads/pop-up.png Wechseln immer wieder mal und poppen nicht auf jeder Seite auf. Bis jetzt ist mir das pop up nur noch auf meiner eigenen Webseite aufgefallen sowie auf der Seite von muenchen.de Sobald ich mit Wordpress als Admin auf meiner Homepage eingeloggt erscheinen keine Pop Ups mehr. Noch was... Es baut sich dann durch das Pop Up folgender Code in die Webseit ein: <div style="padding-top:15px;"> <iframe width="300" scrolling="no" height="250" frameborder="0" src="hxxp://tag.tlvmedia.com/?id=102031_125330&ad_type=banner&ad_size=300x250" marginheight="0" marginwidth="0"> <html> <head></head> <body> <script src="hxxp://tag.tlvmedia.com/tags.js?id=102031_125330&ad_type=banner&ad_size=300x250" type="text/javascript"> <iframe width="300" scrolling="no" height="250" frameborder="0" marginwidth="0" marginheight="0" style="width: 300px; height: 250px;" src="hxxp://ads.tlvmedia.com/st?ad_type=iframe&ad_size=300x250§ion=3021651"> </body> </html> </iframe> </div> |
|
06.07.2012, 21:49
| #10 |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer hi hast du nen backup deiner seite, dann mal einspielen und gucken obs noch auftritt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2012, 07:14
| #11 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Backup habe ich kein älteres, da mich das Problem schon länger plagt. Hier aber noch ein Code, der dessen Link genau zu dem Bild führt, welches sich einschiebt. <object width="300" height="250" wmode="opaque" loop="false" data="hxxp://content.yieldmanager.edgesuite.net/atoms/98/94/ae/d7/9894aed7064503bc3ea1da8068614f24.swf?clickTag=http%3A%2F%2Fads%2Etlvmedia%2Ecom%2Fclk%3F3%2CeJytjV1rgzAUhn%2DNd1JMYmJEdhF1Vodx65Z26M3wI%2EWjdZUaRuevn7 Vl%2DwN7ORweHl7OAcjB1V5ialFoFoQgy3YAoiTHtCIS6objOCY0kW1hy7L1MPTO3o4Xce0V0VPNliTDlGxuyBYV3fiFXrfnpbB5vVd3sRuy%2E4nYNts7Rsvf2qcsqbI072r3t%2DVvLmnnHpJ11s TvHD%2DvueIiOPI30HC%2ExLEIunQKDplgRiYeTf53%2E0HXG6UGDTENBvPk1bhSx69eVm2%2DKk%2E9rEalodl%2EqO9Bashv9%2De8lxoksxrb6aqQYVwgNmY3ylK1p8%2EFQUAw%2DAGkRWt5%2 C" type="application/x-shockwave-flash"><param value="opaque" name="wmode"><param value="hxxp://content.yieldmanager.edgesuite.net/atoms/98/94/ae/d7/9894aed7064503bc3ea1da8068614f24.swf?clickTag=http%3A%2F%2Fads%2Etlvmedia%2Ecom%2Fclk%3F3%2CeJytjV1rgzAUhn%2DNd1JMYmJEdhF1Vodx65Z26M3wI%2EWjdZUaRuevn7 Vl%2DwN7ORweHl7OAcjB1V5ialFoFoQgy3YAoiTHtCIS6objOCY0kW1hy7L1MPTO3o4Xce0V0VPNliTDlGxuyBYV3fiFXrfnpbB5vVd3sRuy%2E4nYNts7Rsvf2qcsqbI072r3t%2DVvLmnnHpJ11s TvHD%2DvueIiOPI30HC%2ExLEIunQKDplgRiYeTf53%2E0HXG6UGDTENBvPk1bhSx69eVm2%2DKk%2E9rEalodl%2EqO9Bashv9%2De8lxoksxrb6aqQYVwgNmY3ylK1p8%2EFQUAw%2DAGkRWt5%2 C" name="movie"></object> Das Ding ist, dass es sich nur von einem PC reinschiebt, auf anderen hab ich das Problem nicht. |
|
10.07.2012, 13:41
| #12 |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer hi, dann mach den betroffenen pc neu. der pc muss neu aufgesetzt und dann abgesichert werden 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.07.2012, 22:01
| #13 |
| | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer Hab den PC noch nicht neu gemacht. Mir ist in meiner Hosts Datei ganz weit unten etwas aufgefallen. Folgende Zeilen habe ich aus der Hosts Datei entfernt: 149.5.18.172 www.google-analytics.com. 149.5.18.172 ad-emea.doubleclick.net. 149.5.18.172 www.statcounter.com. 108.163.215.51 www.google-analytics.com. 108.163.215.51 ad-emea.doubleclick.net. 108.163.215.51 www.statcounter.com. Jetzt klappt alles. Die Pop Ups sind im IE sowie Firefox weg. Wie allerdings diese Zeilen da hinein gekommen sind ist mir schleierhaft. Könnte es sein, dass sich jemand Zugang verschafft hat? Da kein einziges Virenprogramm etwas gefunden hat, gehe ich davon aus dass mein PC sicher ist ??? Viele Grüße! |
|
14.07.2012, 12:22
| #14 |
| /// Malware-holic | Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer hi deswegen würde ich ja immernoch neu aufsetzen, denn es könnte malware aktiev gewesen sein, bzw noch saktiev sein.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer |
| administrator, adobe, antivir, avg, avira, bho, dateisystem, desktop, explorer, firefox, heuristiks/extra, heuristiks/shuriken, hijack, hijackthis, internet, internet explorer, mozilla, notification, opera, performance, plug-in, pop ups, rundll, scan, server, software, updates, ups, werbung, windows |
Linear-Darstellung
