| |
| |||||||
Log-Analyse und Auswertung: Win 7 Desktop Overlay "this programm cannot display the webpage"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.07.2012, 19:29
| #1 |
| |  Win 7 Desktop Overlay "this programm cannot display the webpage" hallo erstmal, hab mir gestern anscheinend was eingefangen. wenn ich den pc normal starte, braucht er schonmal länger wenn er den desktop lädt und sobald dieser erscheint bekomm ich gleich nen fullscreen overlay mit der fehlermeldung "this program cannot display webpage". ein beenden dieses overlay ist auf diversen wegen nicht möglich, auch verschwindet der taskmanager sofort nach erscheinen wieder. im abgesicherten modus kann ich ganz normal agieren soweit. allerdings funktioniert der restore nicht. das ganze spielt sich auf win7 64 bit system ab. Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.26.14 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 oliver :: OLIVER-PC [Administrator] Schutz: Deaktiviert 26.07.2012 21:52:26 mbam-log-2012-07-26 (21-52-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 460040 Laufzeit: 15 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 OTL OTL logfile created on: 27.07.2012 20:18:59 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\oliver\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,37% Memory free 16,00 Gb Paging File | 14,11 Gb Available in Paging File | 88,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,69 Gb Total Space | 1,37 Gb Free Space | 1,23% Space Free | Partition Type: NTFS Drive D: | 1397,26 Gb Total Space | 1381,79 Gb Free Space | 98,89% Space Free | Partition Type: NTFS Computer Name: OLIVER-PC | User Name: oliver | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.27 20:17:01 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\oliver\Downloads\OTL.exe PRC - [2012.07.26 21:54:49 | 000,050,477 | ---- | M] () -- C:\Users\oliver\Downloads\Defogger.exe PRC - [2011.12.18 22:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe ========== Modules (No Company Name) ========== MOD - [2012.07.26 21:54:49 | 000,050,477 | ---- | M] () -- C:\Users\oliver\Downloads\Defogger.exe MOD - [2012.07.10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll MOD - [2012.07.10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll MOD - [2012.07.10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll MOD - [2012.07.10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll MOD - [2012.07.10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll MOD - [2012.07.10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012.01.23 09:38:24 | 007,515,000 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom) SRV:64bit: - [2012.01.23 09:38:24 | 000,552,312 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe -- (TouchServiceWacom) SRV:64bit: - [2011.11.03 16:44:42 | 000,827,520 | ---- | M] (Check Point Software Technologies) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV:64bit: - [2011.04.20 03:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.06.20 09:38:15 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.05.08 12:40:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 12:40:36 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.28 21:11:19 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2011.12.18 22:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2011.11.14 00:42:54 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2011.11.14 00:42:52 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2011.11.13 22:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2011.08.29 23:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.05.08 19:45:34 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2012.05.08 19:45:34 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2012.05.08 12:40:41 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 12:40:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.05 15:18:06 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.12.15 16:00:35 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.11.14 11:29:54 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2011.11.14 11:29:44 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2011.11.14 11:29:42 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2011.11.14 00:43:36 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2011.11.14 00:42:40 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2011.11.14 00:42:12 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2011.11.13 22:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2011.11.13 22:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2011.11.03 16:44:22 | 000,033,672 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV:64bit: - [2011.08.29 23:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2011.08.08 15:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2011.05.07 18:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2011.04.20 03:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.04.20 02:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.12.18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 BA 3A 93 77 25 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.4: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\oliver\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\oliver\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.03.12 15:09:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.01.01 18:09:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.01.04 18:31:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.01.04 18:32:39 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\oliver\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_0\ CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_1\ CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_2\ CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_3\ CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_4\ CHR - Extension: Chrome OGame (de) = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdpddllhkgmdfdeccgkjofpegkdmnhp\1.2.76_5\ CHR - Extension: InfoCompte_lang = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kimhpeimnbifnhnehoclnkhakhcjbegb\1.4.4_0\ CHR - Extension: InfoCompte3 = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndpplchjhkahobdffdpicljlbeololmp\3.5.7_0\ CHR - Extension: Vuze Remote = C:\Users\oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk\2.3.15.10_0\ O1 HOSTS File: ([2012.01.04 16:23:01 | 000,002,292 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com O1 - Hosts: 127.0.0.1 hh-software.com O1 - Hosts: 127.0.0.1 www.hh-software.com O1 - Hosts: 127.0.0.1 activate.adobe.de O1 - Hosts: 24 more lines... O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Toolbar) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts) O4 - HKCU..\Run: [mtxilywwmxksrcf] C:\ProgramData\mtxilyww.exe () O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript File not found O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\oliver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90C19B23-A11D-4C92-B13F-55F13176D626}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{557b1410-379d-11e1-ba13-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{557b1410-379d-11e1-ba13-005056c00008}\Shell\AutoRun\command - "" = K:\AutoRunCD.exe O33 - MountPoints2\{ddd72c0b-3487-11e1-8134-0021973d996a}\Shell - "" = AutoRun O33 - MountPoints2\{ddd72c0b-3487-11e1-8134-0021973d996a}\Shell\AutoRun\command - "" = S:\UpdateInstaller.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.26 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\oliver\AppData\Roaming\Malwarebytes [2012.07.26 21:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.26 21:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.26 21:20:42 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.26 21:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.25 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\oliver\AppData\Local\ElevatedDiagnostics [2012.07.25 20:21:32 | 000,000,000 | ---D | C] -- C:\Users\oliver\AppData\Local\NPE [2012.07.25 20:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2012.07.25 19:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\hgrqtleemsdryye [2012.07.06 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\oliver\Desktop\New folder (6) [2012.07.06 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\oliver\Desktop\New folder (5) ========== Files - Modified Within 30 Days ========== [2012.07.26 21:55:34 | 000,800,130 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.26 21:55:34 | 000,665,664 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.26 21:55:34 | 000,127,280 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.26 21:55:14 | 000,000,168 | ---- | M] () -- C:\Users\oliver\defogger_reenable [2012.07.26 21:49:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.26 21:49:09 | 2146,885,631 | -HS- | M] () -- C:\hiberfil.sys [2012.07.26 21:45:28 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.26 21:20:43 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.25 22:46:31 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.25 22:46:31 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.25 22:43:46 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.25 22:43:45 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3747939165-3675581790-2051947424-1000UA.job [2012.07.25 20:02:11 | 000,415,860 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2012.07.25 19:41:14 | 000,000,051 | ---- | M] () -- C:\ProgramData\oynhmqcjejiwxzm [2012.07.25 19:41:01 | 000,061,440 | ---- | M] () -- C:\ProgramData\mtxilyww.exe [2012.07.25 06:42:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3747939165-3675581790-2051947424-1000Core.job [2012.07.22 23:45:24 | 000,397,516 | ---- | M] () -- C:\Users\oliver\Desktop\lände.jpg [2012.07.22 20:35:57 | 003,839,874 | ---- | M] () -- C:\Users\oliver\Desktop\IMG_2199.JPG [2012.07.21 19:11:04 | 000,076,497 | ---- | M] () -- C:\Users\oliver\Desktop\Capture4.JPG [2012.07.20 17:38:20 | 004,590,338 | ---- | M] () -- C:\Users\oliver\Desktop\IMG_2179.JPG [2012.07.20 17:33:20 | 002,581,115 | ---- | M] () -- C:\Users\oliver\Desktop\IMG_2185.JPG [2012.07.20 17:23:11 | 001,233,823 | ---- | M] () -- C:\Users\oliver\Desktop\IMG_2177.JPG [2012.07.19 16:19:57 | 003,147,846 | ---- | M] () -- C:\Users\oliver\Desktop\IMG_2148.JPG [2012.07.12 09:59:46 | 005,166,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.04 22:38:16 | 000,806,041 | ---- | M] () -- C:\Users\oliver\Desktop\wels.jpg [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.07.26 21:55:14 | 000,000,168 | ---- | C] () -- C:\Users\oliver\defogger_reenable [2012.07.26 21:20:43 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.25 19:41:14 | 000,061,440 | ---- | C] () -- C:\ProgramData\mtxilyww.exe [2012.07.25 19:41:05 | 000,000,051 | ---- | C] () -- C:\ProgramData\oynhmqcjejiwxzm [2012.07.22 23:45:23 | 000,397,516 | ---- | C] () -- C:\Users\oliver\Desktop\lände.jpg [2012.07.22 23:41:44 | 003,839,874 | ---- | C] () -- C:\Users\oliver\Desktop\IMG_2199.JPG [2012.07.21 19:11:04 | 000,076,497 | ---- | C] () -- C:\Users\oliver\Desktop\Capture4.JPG [2012.07.20 17:36:47 | 004,590,338 | ---- | C] () -- C:\Users\oliver\Desktop\IMG_2179.JPG [2012.07.20 17:35:45 | 002,581,115 | ---- | C] () -- C:\Users\oliver\Desktop\IMG_2185.JPG [2012.07.20 17:25:02 | 001,233,823 | ---- | C] () -- C:\Users\oliver\Desktop\IMG_2177.JPG [2012.07.19 23:06:14 | 003,147,846 | ---- | C] () -- C:\Users\oliver\Desktop\IMG_2148.JPG [2012.07.04 22:38:14 | 000,806,041 | ---- | C] () -- C:\Users\oliver\Desktop\wels.jpg [2012.05.15 13:56:49 | 002,860,568 | ---- | C] () -- C:\Users\oliver\IMG_8002.JPG [2012.05.15 13:56:49 | 002,782,017 | ---- | C] () -- C:\Users\oliver\IMG_8191.JPG [2012.05.15 13:56:49 | 002,681,339 | ---- | C] () -- C:\Users\oliver\IMG_8003.JPG [2012.05.15 13:56:49 | 002,671,878 | ---- | C] () -- C:\Users\oliver\IMG_8006.JPG [2012.05.15 13:56:49 | 002,571,365 | ---- | C] () -- C:\Users\oliver\IMG_8005.JPG [2012.05.15 13:56:49 | 002,402,120 | ---- | C] () -- C:\Users\oliver\IMG_8190.JPG [2012.04.29 18:33:52 | 000,000,094 | ---- | C] () -- C:\Users\oliver\AppData\Local\fusioncache.dat [2012.04.28 21:11:26 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.04.28 21:11:19 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.04.28 21:11:18 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012.04.24 17:37:02 | 000,000,632 | RHS- | C] () -- C:\Users\oliver\ntuser.pol [2012.02.28 00:59:07 | 000,000,132 | ---- | C] () -- C:\Users\oliver\AppData\Roaming\Adobe IllExport Filter CS5 Prefs [2012.01.01 18:10:56 | 000,805,404 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.01 16:50:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.03.17 18:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2012.07.13 01:05:35 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\Azureus [2012.01.01 18:09:43 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\CheckPoint [2012.02.22 02:00:08 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\DAEMON Tools Lite [2012.07.25 22:43:37 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\Dropbox [2012.01.04 02:01:51 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\HDRsoft [2012.02.28 00:49:48 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\MAXON [2012.01.04 18:50:49 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\PACE Anti-Piracy [2012.01.04 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.02.29 22:42:13 | 000,000,000 | ---D | M] -- C:\Users\oliver\AppData\Roaming\TeamViewer [2012.06.10 18:41:41 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 944 bytes -> C:\Users\oliver\AppData\Local\oRXvg9w4CbxQlX:QyV9312de8qjwYvtAgs @Alternate Data Stream - 64 bytes -> C:\Users\oliver\Desktop\fotos fabriken:AFP_AfpInfo @Alternate Data Stream - 20 bytes -> C:\Users\oliver\Desktop\logserv:Mac_Metadata < End of report > OTL Extras logfile created on: 27.07.2012 20:18:59 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\oliver\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,37% Memory free 16,00 Gb Paging File | 14,11 Gb Available in Paging File | 88,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,69 Gb Total Space | 1,37 Gb Free Space | 1,23% Space Free | Partition Type: NTFS Drive D: | 1397,26 Gb Total Space | 1381,79 Gb Free Space | 98,89% Space Free | Partition Type: NTFS Computer Name: OLIVER-PC | User Name: oliver | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00669B0E-7589-42C2-A1EE-72302D94FAE0}" = lport=2869 | protocol=6 | dir=in | app=system | "{04FA7B85-A941-4545-B072-5FDC361DDF04}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 | "{1C2F077E-4B40-42AB-89F1-BA3C051B4474}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{36F02FC9-2E53-486F-A467-7BACFF60662A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{39D5CE17-690C-41A6-879F-06849B0EBD86}" = rport=445 | protocol=6 | dir=out | app=system | "{41A0DBAD-CF6A-4E48-A7F7-CE9BDAB23057}" = lport=139 | protocol=6 | dir=in | app=system | "{41BF2AEB-0498-4A38-BD2B-3AC874E87CF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{47BC922C-DC32-4CF9-9B26-C519A1DD3F4D}" = rport=139 | protocol=6 | dir=out | app=system | "{71B4A233-77F5-480E-86FA-74899DDF7C35}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{778251BC-1D72-4DC1-8730-C257FC9428B1}" = lport=137 | protocol=17 | dir=in | app=system | "{8E7B0311-96D0-43D2-9469-AEB18F6AB022}" = rport=138 | protocol=17 | dir=out | app=system | "{9931368A-E72D-41F0-B15F-7D3CD916E6B7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9D228E6D-FA5F-4528-B12E-6D1C082A4EE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B754580F-6BB8-4547-9DC7-5CD0F3ACB297}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E011D7A5-D634-4436-B7F1-60F11936179F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{E014AFDB-2333-4B80-AEED-155DF18D7F65}" = rport=10243 | protocol=6 | dir=out | app=system | "{E749F67B-1FA1-4894-BB28-57E68EDC9DD9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F1BB9C66-94D7-4919-874E-322D2A4439BD}" = lport=138 | protocol=17 | dir=in | app=system | "{F3873C1F-23FA-4804-AB04-6EFE11DC1E3D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F48E12CF-FD0B-4641-B315-BB3766491615}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F9599BB2-422D-4FAA-B7F7-4AC93C7D5A4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FC0E5D23-86F9-476B-89A7-871656443050}" = lport=10243 | protocol=6 | dir=in | app=system | "{FC1E7318-666E-41AE-9604-57764AE5B748}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FC3D71C8-1CCA-48A2-A5FF-2878911E4E2C}" = lport=445 | protocol=6 | dir=in | app=system | "{FDB8F0EA-5546-4C43-9127-CE51FD2BDB0C}" = rport=137 | protocol=17 | dir=out | app=system | "{FF7C4B49-7B22-4F74-9A7C-0BD19CC885EA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0477815E-505C-4EB3-BE23-AAB88328C682}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{05BDF82E-9AA3-4FC4-909E-5214E720B65F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{06577054-D47D-415C-9214-4B57BC495DCA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{069594AB-F0A6-425E-AC85-1FA64573681F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{15FBD14D-285F-4088-A77D-00102A0B7D88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{1A5AD5AC-40DC-4C74-9484-760E13A9348D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{28C79AB8-3A1A-4A1C-8E6D-9C430757429D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2F629800-46E4-4147-9F2A-F8230AFE6447}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{3AF48CBC-EB4F-4268-8F69-D50EC6CB50A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3B4B7DA6-7710-4691-A26C-07B1898B42B6}" = protocol=17 | dir=in | app=c:\users\oliver\appdata\roaming\dropbox\bin\dropbox.exe | "{3FF16809-CACE-4439-B1D3-862C58786939}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4027B5EF-902B-4CB9-A686-3020F365AA86}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{456DCE8F-B035-46BB-9F3B-D69555E5C2E3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{482BCFA6-C7C8-4764-9A47-56397F3FF1D5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{49CC8BD2-C051-4705-8AF0-DD1EDB59C81A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4C9C76B8-B197-4389-83D1-732B3C35E6D6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{4CD7EC3D-85A3-4D0A-A1CC-D1BD4D0CDB86}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{4CF85D99-3A89-40F1-B8E4-38DC17F9549A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4F76390E-1ACF-4DC8-883E-C68523E86CE0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5568A5FA-04B6-4A16-99EE-88685D730C57}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe | "{5604AF65-1467-4228-B0C4-1B0F3A228B95}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{637A5AC6-F16D-4ED7-81EE-3956E85BEC3E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{64A36905-03FC-41A8-AC64-AEDAEFB67156}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{69EA44C5-8C6F-4922-B6EF-314B18A631DA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6A47E645-CF4A-4343-8D57-52884B698936}" = protocol=6 | dir=out | app=system | "{6FAE3253-125A-4C89-92C0-2F6998D4B3D2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{74DBE9BD-2E53-4AA8-AACB-DB62CAE99672}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7AE98C73-AFFE-4EF7-95B8-AFBF7B4133F2}" = protocol=17 | dir=in | app=c:\users\oliver\appdata\roaming\dropbox\bin\dropbox.exe | "{8796E0D8-FB05-44FD-AA62-0BFACFFE6FB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{882FB7BF-3B04-4B04-BA3B-35D8ED1231DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{89819204-E17E-43D7-93D3-5B8CADBA9F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{8F0B3994-4DF6-429B-A2B0-295B04A0B787}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{93EEBFE1-E0B4-4F41-BA35-946BB197CCFC}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{969DC30D-08FA-4C19-811D-E40CB9AF9FBB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{97749D94-520F-4421-94DD-EAA2BA4AE345}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9A32AEB5-A0EA-4C18-847A-B88501908E89}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9C501B05-9490-4787-AB0D-A6007D500226}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{9D4DF5D4-BFB2-40AA-8EED-311BF31FF777}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{A4FA0E05-508A-43C3-8784-97127EB7C53A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AB2278B9-DB8E-4BA3-900D-FC4D09E4A4AD}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe | "{ABB8E006-54A7-4D0A-9CE9-5EB060F7AD06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AE0E5B51-17CB-4E64-9685-B7A9FC1A6F21}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe | "{B3094AAA-64B4-437A-9443-D9CE47FC35C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{B66A9EB9-9649-45C1-864A-94A64C413D30}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{B98CC43F-F272-4A15-A903-901A530D8067}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{BA927F17-DF98-45F7-B648-08395034E626}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{BAC39FA0-BE5A-4B00-B646-42602CFB0F5B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{BAF79969-A082-4E3B-8817-7CCFDE1832CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{BD044719-9288-4680-9FA2-D4DBA4B32AED}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{C22F28B2-E42A-4EE4-B4B1-4AFA78029994}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C2FEEAAB-CF5A-49C8-8AA1-745C77CB46A3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C3B497F0-221E-474C-A959-F8E7C766857A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{C7EB2E39-4307-4445-A08D-C41FDBF30BE9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{C8E1FABF-E32C-4A09-BA9E-CE7D3D42CC59}" = protocol=6 | dir=in | app=c:\users\oliver\appdata\roaming\dropbox\bin\dropbox.exe | "{CE50E5F3-7A96-49ED-B00A-017CE0BC51C4}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe | "{CEFBDE2F-AD12-492C-839E-57DF9AB7FA3C}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{D43B5EB3-9CFF-4A98-AB56-029C2DABF671}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{DFB2958D-D1BF-4766-A28B-B263F1FF9384}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E072AC83-6CB2-417C-9DF7-34AA774EE336}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E4550090-F11B-433A-841A-494D426C913B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{E4B67AEF-AE8F-4583-85FF-40B3CF96155E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{E71678BE-7B6D-4248-A397-D7CB32C304EB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E982F6D7-4469-4BE1-A3D3-D0B81E3F11C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E98525C7-5FC3-4AC9-9794-BEF29E41B3EE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{ED8B9CBD-07C7-4410-A97D-CBFA3C928784}" = protocol=6 | dir=in | app=c:\users\oliver\appdata\roaming\dropbox\bin\dropbox.exe | "{F2C5D1FA-C312-416C-9EBC-9AE6F15AFCE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{FC30C70B-B80A-416C-BA0F-8313420FAAD0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{FCC94C78-25E8-4AAF-9FF5-477E35977475}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "TCP Query User{5147C2C7-0F82-446F-A7E6-AE70ABB977CD}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | "UDP Query User{A0D34E0C-C25C-4FF9-8308-51A503DE2FFB}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0308919C-E317-4293-8D3C-97EF307BCDBC}" = HP Officejet Pro 8500 A910 Product Improvement Study "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{EE7C94CC-BECB-4000-B5E3-D895307B9D5E}" = HP Officejet Pro 8500 A910 Basic Device Software "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "PhotomatixPro41x64_is1" = Photomatix Pro version 4.1.3 "Wacom Tablet Driver" = Wacom Tablet "WinRAR archiver" = WinRAR 4.01 (64-Bit) "ZoneAlarm Toolbar" = ZoneAlarm Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{16FCDD97-AE09-476B-88CD-261D852BD34C}" = Marketsplash Shortcuts "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{245F5D2D-6F34-4970-B8D7-D6F3C3C07575}" = ZoneAlarm Firewall "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Help "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}_Office14.VISIOR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PRJPROR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.VISIOR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}_Office14.VISIOR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010 "{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}_Office14.VISIOR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010 "{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010 "{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1) "{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010 "{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{96ACE4A4-C769-47D2-9FCE-4F46754857E7}" = ZoneAlarm Security "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C542173-96F0-435D-A95C-468CAAC75EA0}" = Adobe Flash Player 10 Plugin "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3 "{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection "{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "8461-7759-5462-8226" = Vuze "Adobe AIR" = Adobe AIR "Avira AntiVir Desktop" = Avira Free Antivirus "Black Mirror 3" = Black Mirror 3 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story "com.adobe.dmp.contentviewer" = Adobe Content Viewer "com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser "DAEMON Tools Lite" = DAEMON Tools Lite "EADM" = EA Download Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Office14.PRJPROR" = Microsoft Project Professional 2010 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "Office14.VISIOR" = Microsoft Visio Professional 2010 "PunkBusterSvc" = PunkBuster Services "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server "TeamViewer 7" = TeamViewer 7 "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.11 "VMware_Player" = VMware Player "Vuze_Remote Toolbar" = Vuze Remote Toolbar "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "ZoneAlarm Free" = ZoneAlarm Free "ZoneAlarm_Security Toolbar" = ZoneAlarm Security Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.07.2012 06:54:59 | Computer Name = oliver-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5117 Error - 25.07.2012 06:54:59 | Computer Name = oliver-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5117 Error - 25.07.2012 06:55:00 | Computer Name = oliver-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 25.07.2012 06:55:00 | Computer Name = oliver-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 6115 Error - 25.07.2012 06:55:00 | Computer Name = oliver-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 6115 Error - 25.07.2012 14:14:47 | Computer Name = oliver-PC | Source = System Restore | ID = 8210 Description = Error - 25.07.2012 15:56:13 | Computer Name = oliver-PC | Source = System Restore | ID = 8210 Description = Error - 25.07.2012 16:25:06 | Computer Name = oliver-PC | Source = System Restore | ID = 8210 Description = Error - 25.07.2012 16:43:26 | Computer Name = oliver-PC | Source = System Restore | ID = 8210 Description = Error - 25.07.2012 17:12:21 | Computer Name = oliver-PC | Source = System Restore | ID = 8210 Description = [ System Events ] Error - 26.07.2012 15:49:31 | Computer Name = oliver-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 26.07.2012 15:49:31 | Computer Name = oliver-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 26.07.2012 15:49:37 | Computer Name = oliver-PC | Source = DCOM | ID = 10005 Description = Error - 26.07.2012 15:49:38 | Computer Name = oliver-PC | Source = DCOM | ID = 10005 Description = Error - 26.07.2012 15:49:39 | Computer Name = oliver-PC | Source = DCOM | ID = 10005 Description = Error - 26.07.2012 15:49:39 | Computer Name = oliver-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 26.07.2012 15:49:39 | Computer Name = oliver-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 26.07.2012 15:49:39 | Computer Name = oliver-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 26.07.2012 15:59:29 | Computer Name = oliver-PC | Source = DCOM | ID = 10005 Description = Error - 26.07.2012 15:59:29 | Computer Name = oliver-PC | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.574.0 Update Source: %%859 Update Stage: %%852 Source Path: Default URL Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode < End of report > |
|
27.07.2012, 22:52
| #2 |
| /// Malware-holic   | Win 7 Desktop Overlay "this programm cannot display the webpage" hi
__________________poste alle Malwarebytes logs, mit dem programm wurde bereits etwas gelöscht.
__________________ |
|
27.07.2012, 22:57
| #3 |
| | Win 7 Desktop Overlay "this programm cannot display the webpage" sorry, wollte eigentlich e diesen log posten
__________________Malwarebytes Anti-Malware (Test) 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.07.26.14 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 oliver :: OLIVER-PC [Administrator] Schutz: Deaktiviert 26.07.2012 21:22:28 mbam-log-2012-07-26 (21-22-28).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 460044 Laufzeit: 15 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\oliver\0.42150099534689467.exe (Trojan.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
01.08.2012, 13:41
| #4 |
| | Win 7 Desktop Overlay "this programm cannot display the webpage" hallo? das problem besteht weiterhin, bitte hilfe! |
|
02.08.2012, 17:08
| #5 | |
| /// Malware-holic | Win 7 Desktop Overlay "this programm cannot display the webpage" sorry Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2012, 18:10
| #6 |
| | Win 7 Desktop Overlay "this programm cannot display the webpage" hallo danke erstmal für die hilfe war auf kurzurlaub, deswegen hats bisschen gedauert leider hängt sich combofix immer an derselben stelle auf und zwar ca bei der hälfte wenn er beim output folder ist wurde im abgesicherten modus als admin vom desktop gestarten, alle anderen programme inkl virenscanner usw waren aus |
|
08.08.2012, 18:45
| #7 |
| /// Malware-holic | Win 7 Desktop Overlay "this programm cannot display the webpage" hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.08.2012, 12:09
| #8 |
| | Win 7 Desktop Overlay "this programm cannot display the webpage" hallo hab das so gemacht wie beschrieben... lediglich Usernamen hab ich rausgenommen. hier der log: 13:04:40.0297 0872 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 13:04:40.0859 0872 ============================================================ 13:04:40.0859 0872 Current date / time: 2012/08/28 13:04:40.0859 13:04:40.0859 0872 SystemInfo: 13:04:40.0859 0872 13:04:40.0859 0872 OS Version: 6.1.7601 ServicePack: 1.0 13:04:40.0859 0872 Product type: Workstation 13:04:40.0859 0872 ComputerName: OLIVER-PC 13:04:40.0859 0872 UserName: 13:04:40.0859 0872 Windows directory: C:\Windows 13:04:40.0859 0872 System windows directory: C:\Windows 13:04:40.0859 0872 Running under WOW64 13:04:40.0859 0872 Processor architecture: Intel x64 13:04:40.0859 0872 Number of processors: 4 13:04:40.0859 0872 Page size: 0x1000 13:04:40.0859 0872 Boot type: Normal boot 13:04:40.0859 0872 ============================================================ 13:04:41.0764 0872 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:04:41.0764 0872 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:04:41.0779 0872 ============================================================ 13:04:41.0779 0872 \Device\Harddisk1\DR1: 13:04:41.0779 0872 MBR partitions: 13:04:41.0779 0872 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:04:41.0779 0872 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800 13:04:41.0779 0872 \Device\Harddisk0\DR0: 13:04:41.0779 0872 MBR partitions: 13:04:41.0779 0872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800 13:04:41.0779 0872 ============================================================ 13:04:41.0779 0872 C: <-> \Device\Harddisk1\DR1\Partition2 13:04:41.0795 0872 D: <-> \Device\Harddisk0\DR0\Partition1 13:04:41.0795 0872 ============================================================ 13:04:41.0795 0872 Initialize success 13:04:41.0795 0872 ============================================================ 13:05:03.0639 5036 ============================================================ 13:05:03.0639 5036 Scan started 13:05:03.0639 5036 Mode: Manual; SigCheck; TDLFS; 13:05:03.0639 5036 ============================================================ 13:05:03.0829 5036 ================ Scan system memory ======================== 13:05:03.0829 5036 System memory - ok 13:05:03.0839 5036 ================ Scan services ============================= 13:05:03.0899 5036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:05:04.0009 5036 1394ohci - ok 13:05:04.0019 5036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:05:04.0039 5036 ACPI - ok 13:05:04.0049 5036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:05:04.0089 5036 AcpiPmi - ok 13:05:04.0129 5036 [ F19C98AD81D2C0E1BBFD8153D2C80EE8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:05:04.0159 5036 AdobeFlashPlayerUpdateSvc - ok 13:05:04.0179 5036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 13:05:04.0209 5036 adp94xx - ok 13:05:04.0219 5036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 13:05:04.0249 5036 adpahci - ok 13:05:04.0259 5036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 13:05:04.0279 5036 adpu320 - ok 13:05:04.0289 5036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:05:04.0369 5036 AeLookupSvc - ok 13:05:04.0379 5036 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:05:04.0409 5036 AFD - ok 13:05:04.0419 5036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:05:04.0439 5036 agp440 - ok 13:05:04.0449 5036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:05:04.0479 5036 ALG - ok 13:05:04.0479 5036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:05:04.0499 5036 aliide - ok 13:05:04.0509 5036 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 13:05:04.0549 5036 AMD External Events Utility - ok 13:05:04.0559 5036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 13:05:04.0579 5036 amdide - ok 13:05:04.0579 5036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 13:05:04.0619 5036 AmdK8 - ok 13:05:04.0749 5036 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 13:05:04.0969 5036 amdkmdag - ok 13:05:04.0999 5036 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 13:05:05.0039 5036 amdkmdap - ok 13:05:05.0049 5036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 13:05:05.0089 5036 AmdPPM - ok 13:05:05.0099 5036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:05:05.0139 5036 amdsata - ok 13:05:05.0149 5036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 13:05:05.0189 5036 amdsbs - ok 13:05:05.0199 5036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:05:05.0219 5036 amdxata - ok 13:05:05.0229 5036 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 13:05:05.0249 5036 AntiVirSchedulerService - ok 13:05:05.0259 5036 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 13:05:05.0289 5036 AntiVirService - ok 13:05:05.0299 5036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 13:05:05.0389 5036 AppID - ok 13:05:05.0399 5036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:05:05.0459 5036 AppIDSvc - ok 13:05:05.0459 5036 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 13:05:05.0519 5036 Appinfo - ok 13:05:05.0529 5036 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:05:05.0549 5036 Apple Mobile Device - ok 13:05:05.0559 5036 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 13:05:05.0599 5036 AppMgmt - ok 13:05:05.0609 5036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 13:05:05.0629 5036 arc - ok 13:05:05.0639 5036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 13:05:05.0669 5036 arcsas - ok 13:05:05.0689 5036 aspnet_state - ok 13:05:05.0699 5036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:05:05.0759 5036 AsyncMac - ok 13:05:05.0769 5036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 13:05:05.0779 5036 atapi - ok 13:05:05.0799 5036 [ 4AEF9EC86818375495FB78CA58DF4E18 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys 13:05:05.0829 5036 atksgt ( UnsignedFile.Multi.Generic ) - warning 13:05:05.0829 5036 atksgt - detected UnsignedFile.Multi.Generic (1) 13:05:05.0849 5036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:05:05.0919 5036 AudioEndpointBuilder - ok 13:05:05.0939 5036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:05:05.0989 5036 AudioSrv - ok 13:05:05.0999 5036 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 13:05:10.0841 5036 avgntflt - ok 13:05:10.0851 5036 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 13:05:10.0881 5036 avipbb - ok 13:05:10.0881 5036 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 13:05:10.0911 5036 avkmgr - ok 13:05:10.0921 5036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:05:10.0961 5036 AxInstSV - ok 13:05:10.0971 5036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 13:05:11.0011 5036 b06bdrv - ok 13:05:11.0021 5036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:05:11.0061 5036 b57nd60a - ok 13:05:11.0071 5036 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 13:05:11.0101 5036 BBSvc - ok 13:05:11.0111 5036 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 13:05:11.0141 5036 BBUpdate - ok 13:05:11.0151 5036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:05:11.0181 5036 BDESVC - ok 13:05:11.0191 5036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:05:11.0241 5036 Beep - ok 13:05:11.0261 5036 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 13:05:11.0321 5036 BFE - ok 13:05:11.0341 5036 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 13:05:11.0441 5036 BITS - ok 13:05:11.0451 5036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:05:11.0481 5036 blbdrive - ok 13:05:11.0501 5036 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:05:11.0521 5036 Bonjour Service - ok 13:05:11.0531 5036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:05:11.0561 5036 bowser - ok 13:05:11.0571 5036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:05:11.0611 5036 BrFiltLo - ok 13:05:11.0621 5036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:05:11.0671 5036 BrFiltUp - ok 13:05:11.0681 5036 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll 13:05:11.0761 5036 Browser - ok 13:05:11.0771 5036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:05:11.0811 5036 Brserid - ok 13:05:11.0831 5036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:05:11.0881 5036 BrSerWdm - ok 13:05:11.0891 5036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:05:11.0931 5036 BrUsbMdm - ok 13:05:11.0941 5036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:05:11.0971 5036 BrUsbSer - ok 13:05:11.0981 5036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 13:05:12.0011 5036 BTHMODEM - ok 13:05:12.0031 5036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:05:12.0081 5036 bthserv - ok 13:05:12.0091 5036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:05:12.0141 5036 cdfs - ok 13:05:12.0151 5036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:05:12.0181 5036 cdrom - ok 13:05:12.0191 5036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 13:05:12.0241 5036 CertPropSvc - ok 13:05:12.0241 5036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 13:05:12.0271 5036 circlass - ok 13:05:12.0281 5036 cjlwqxtn - ok 13:05:12.0301 5036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:05:12.0331 5036 CLFS - ok 13:05:12.0331 5036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:05:12.0361 5036 clr_optimization_v2.0.50727_32 - ok 13:05:12.0361 5036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:05:12.0391 5036 clr_optimization_v2.0.50727_64 - ok 13:05:12.0411 5036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:05:12.0431 5036 clr_optimization_v4.0.30319_32 - ok 13:05:12.0441 5036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:05:12.0461 5036 clr_optimization_v4.0.30319_64 - ok 13:05:12.0471 5036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:05:12.0491 5036 CmBatt - ok 13:05:12.0501 5036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:05:12.0531 5036 cmdide - ok 13:05:12.0541 5036 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 13:05:12.0591 5036 CNG - ok 13:05:12.0601 5036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:05:12.0631 5036 Compbatt - ok 13:05:12.0641 5036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 13:05:12.0681 5036 CompositeBus - ok 13:05:12.0691 5036 COMSysApp - ok 13:05:12.0701 5036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 13:05:12.0731 5036 crcdisk - ok 13:05:12.0741 5036 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:05:12.0791 5036 CryptSvc - ok 13:05:12.0801 5036 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 13:05:12.0851 5036 CSC - ok 13:05:12.0871 5036 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 13:05:12.0911 5036 CscService - ok 13:05:12.0931 5036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:05:13.0001 5036 DcomLaunch - ok 13:05:13.0011 5036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:05:13.0091 5036 defragsvc - ok 13:05:13.0101 5036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:05:13.0161 5036 DfsC - ok 13:05:13.0171 5036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 13:05:13.0251 5036 Dhcp - ok 13:05:13.0251 5036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:05:13.0301 5036 discache - ok 13:05:13.0321 5036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 13:05:13.0351 5036 Disk - ok 13:05:13.0361 5036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:05:13.0401 5036 Dnscache - ok 13:05:13.0421 5036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:05:13.0481 5036 dot3svc - ok 13:05:13.0491 5036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 13:05:13.0551 5036 DPS - ok 13:05:13.0561 5036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:05:13.0591 5036 drmkaud - ok 13:05:13.0601 5036 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 13:05:13.0621 5036 dtsoftbus01 - ok 13:05:13.0661 5036 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:05:13.0701 5036 DXGKrnl - ok 13:05:13.0711 5036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:05:13.0771 5036 EapHost - ok 13:05:13.0861 5036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 13:05:13.0951 5036 ebdrv - ok 13:05:13.0961 5036 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 13:05:13.0991 5036 EFS - ok 13:05:14.0011 5036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:05:14.0061 5036 ehRecvr - ok 13:05:14.0071 5036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:05:14.0121 5036 ehSched - ok 13:05:14.0131 5036 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 13:05:14.0151 5036 ElbyCDIO - ok 13:05:14.0171 5036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 13:05:14.0201 5036 elxstor - ok 13:05:14.0211 5036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:05:14.0241 5036 ErrDev - ok 13:05:14.0261 5036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:05:14.0331 5036 EventSystem - ok 13:05:14.0341 5036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:05:14.0401 5036 exfat - ok 13:05:14.0411 5036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:05:14.0472 5036 fastfat - ok 13:05:14.0492 5036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 13:05:14.0542 5036 Fax - ok 13:05:14.0552 5036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 13:05:14.0582 5036 fdc - ok 13:05:14.0592 5036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:05:14.0652 5036 fdPHost - ok 13:05:14.0662 5036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:05:14.0742 5036 FDResPub - ok 13:05:14.0752 5036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:05:14.0782 5036 FileInfo - ok 13:05:14.0782 5036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:05:14.0832 5036 Filetrace - ok 13:05:14.0842 5036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 13:05:14.0862 5036 flpydisk - ok 13:05:15.0102 5036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:05:15.0132 5036 FltMgr - ok 13:05:15.0152 5036 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 13:05:15.0192 5036 FontCache - ok 13:05:15.0202 5036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:05:15.0222 5036 FontCache3.0.0.0 - ok 13:05:15.0232 5036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:05:15.0252 5036 FsDepends - ok 13:05:15.0262 5036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:05:15.0282 5036 Fs_Rec - ok 13:05:15.0292 5036 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:05:15.0312 5036 fvevol - ok 13:05:15.0322 5036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 13:05:15.0342 5036 gagp30kx - ok 13:05:15.0342 5036 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:05:15.0362 5036 GEARAspiWDM - ok 13:05:15.0382 5036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 13:05:15.0442 5036 gpsvc - ok 13:05:15.0452 5036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:05:15.0472 5036 gupdate - ok 13:05:15.0472 5036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:05:15.0492 5036 gupdatem - ok 13:05:15.0502 5036 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 13:05:15.0522 5036 gusvc - ok 13:05:15.0532 5036 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys 13:05:15.0552 5036 hcmon - ok 13:05:15.0562 5036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:05:15.0582 5036 hcw85cir - ok 13:05:15.0592 5036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:05:15.0632 5036 HdAudAddService - ok 13:05:15.0642 5036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 13:05:15.0672 5036 HDAudBus - ok 13:05:15.0682 5036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 13:05:15.0712 5036 HidBatt - ok 13:05:15.0712 5036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 13:05:15.0742 5036 HidBth - ok 13:05:15.0752 5036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 13:05:15.0782 5036 HidIr - ok 13:05:15.0792 5036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 13:05:15.0842 5036 hidserv - ok 13:05:15.0852 5036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:05:15.0872 5036 HidUsb - ok 13:05:15.0882 5036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:05:15.0942 5036 hkmsvc - ok 13:05:15.0952 5036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:05:15.0982 5036 HomeGroupListener - ok 13:05:15.0992 5036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:05:16.0012 5036 HomeGroupProvider - ok 13:05:16.0022 5036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:05:16.0042 5036 HpSAMD - ok 13:05:16.0052 5036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:05:16.0102 5036 HTTP - ok 13:05:16.0112 5036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:05:16.0132 5036 hwpolicy - ok 13:05:16.0132 5036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:05:16.0162 5036 i8042prt - ok 13:05:16.0172 5036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:05:16.0202 5036 iaStorV - ok 13:05:16.0222 5036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:05:16.0252 5036 idsvc - ok 13:05:16.0252 5036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 13:05:16.0272 5036 iirsp - ok 13:05:16.0292 5036 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 13:05:16.0352 5036 IKEEXT - ok 13:05:16.0372 5036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 13:05:16.0382 5036 intelide - ok 13:05:16.0392 5036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:05:16.0422 5036 intelppm - ok 13:05:16.0422 5036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:05:16.0672 5036 IPBusEnum - ok 13:05:16.0682 5036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:05:16.0722 5036 IpFilterDriver - ok 13:05:16.0732 5036 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:05:16.0782 5036 iphlpsvc - ok 13:05:16.0792 5036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:05:16.0822 5036 IPMIDRV - ok 13:05:16.0832 5036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:05:16.0872 5036 IPNAT - ok 13:05:16.0892 5036 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:05:16.0922 5036 iPod Service - ok 13:05:16.0932 5036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:05:16.0952 5036 IRENUM - ok 13:05:16.0962 5036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:05:16.0982 5036 isapnp - ok 13:05:16.0992 5036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:05:17.0012 5036 iScsiPrt - ok 13:05:17.0012 5036 [ BF65E6D039AE37C988D5B2B680E7D718 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 13:05:17.0032 5036 ISWKL - ok 13:05:17.0042 5036 [ 99148599FE4D0A5CD7C7EB74ED5A63E4 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe 13:05:17.0072 5036 IswSvc - ok 13:05:17.0082 5036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:05:17.0092 5036 kbdclass - ok 13:05:17.0102 5036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 13:05:17.0122 5036 kbdhid - ok 13:05:17.0132 5036 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 13:05:17.0152 5036 KeyIso - ok 13:05:17.0162 5036 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:05:17.0172 5036 KSecDD - ok 13:05:17.0182 5036 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:05:17.0202 5036 KSecPkg - ok 13:05:17.0212 5036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:05:17.0252 5036 ksthunk - ok 13:05:17.0262 5036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:05:17.0312 5036 KtmRm - ok 13:05:17.0322 5036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 13:05:17.0372 5036 LanmanServer - ok 13:05:17.0372 5036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:05:17.0422 5036 LanmanWorkstation - ok 13:05:17.0432 5036 [ B658B7076B1ACAA5876524595630F183 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys 13:05:17.0443 5036 lirsgt ( UnsignedFile.Multi.Generic ) - warning 13:05:17.0443 5036 lirsgt - detected UnsignedFile.Multi.Generic (1) 13:05:17.0453 5036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:05:17.0493 5036 lltdio - ok 13:05:17.0503 5036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:05:17.0553 5036 lltdsvc - ok 13:05:17.0563 5036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:05:17.0603 5036 lmhosts - ok 13:05:17.0613 5036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 13:05:17.0633 5036 LSI_FC - ok 13:05:17.0643 5036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 13:05:17.0663 5036 LSI_SAS - ok 13:05:17.0673 5036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:05:17.0693 5036 LSI_SAS2 - ok 13:05:17.0703 5036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:05:17.0723 5036 LSI_SCSI - ok 13:05:17.0733 5036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:05:17.0773 5036 luafv - ok 13:05:17.0783 5036 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 13:05:17.0803 5036 MBAMProtector - ok 13:05:17.0813 5036 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:05:17.0833 5036 MBAMService - ok 13:05:17.0843 5036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:05:17.0863 5036 Mcx2Svc - ok 13:05:17.0873 5036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 13:05:17.0893 5036 megasas - ok 13:05:17.0903 5036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 13:05:17.0923 5036 MegaSR - ok 13:05:17.0933 5036 Microsoft SharePoint Workspace Audit Service - ok 13:05:17.0943 5036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:05:17.0983 5036 MMCSS - ok 13:05:17.0993 5036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:05:18.0033 5036 Modem - ok 13:05:18.0043 5036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:05:18.0063 5036 monitor - ok 13:05:18.0073 5036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:05:18.0093 5036 mouclass - ok 13:05:18.0093 5036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:05:18.0123 5036 mouhid - ok 13:05:18.0123 5036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:05:18.0143 5036 mountmgr - ok 13:05:18.0153 5036 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:05:18.0163 5036 MozillaMaintenance - ok 13:05:18.0173 5036 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 13:05:18.0193 5036 MpFilter - ok 13:05:18.0203 5036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:05:18.0223 5036 mpio - ok 13:05:18.0223 5036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:05:18.0273 5036 mpsdrv - ok 13:05:18.0283 5036 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:05:18.0343 5036 MpsSvc - ok 13:05:18.0353 5036 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:05:18.0383 5036 MRxDAV - ok 13:05:18.0393 5036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:05:18.0413 5036 mrxsmb - ok 13:05:18.0423 5036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:05:18.0453 5036 mrxsmb10 - ok 13:05:18.0463 5036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:05:18.0483 5036 mrxsmb20 - ok 13:05:18.0483 5036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:05:18.0503 5036 msahci - ok 13:05:18.0513 5036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:05:18.0533 5036 msdsm - ok 13:05:18.0533 5036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:05:18.0563 5036 MSDTC - ok 13:05:18.0573 5036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:05:18.0623 5036 Msfs - ok 13:05:18.0633 5036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:05:18.0673 5036 mshidkmdf - ok 13:05:18.0683 5036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:05:18.0693 5036 msisadrv - ok 13:05:18.0703 5036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:05:18.0753 5036 MSiSCSI - ok 13:05:18.0753 5036 msiserver - ok 13:05:18.0763 5036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:05:18.0813 5036 MSKSSRV - ok 13:05:18.0823 5036 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 13:05:18.0833 5036 MsMpSvc - ok 13:05:18.0843 5036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:05:18.0883 5036 MSPCLOCK - ok 13:05:18.0893 5036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:05:18.0933 5036 MSPQM - ok 13:05:18.0943 5036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:05:18.0963 5036 MsRPC - ok 13:05:18.0983 5036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 13:05:18.0993 5036 mssmbios - ok 13:05:19.0003 5036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:05:19.0039 5036 MSTEE - ok 13:05:19.0054 5036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 13:05:19.0070 5036 MTConfig - ok 13:05:19.0085 5036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:05:19.0101 5036 Mup - ok 13:05:19.0101 5036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 13:05:19.0163 5036 napagent - ok 13:05:19.0163 5036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:05:19.0195 5036 NativeWifiP - ok 13:05:19.0210 5036 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 13:05:19.0241 5036 NDIS - ok 13:05:19.0257 5036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:05:19.0304 5036 NdisCap - ok 13:05:19.0304 5036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:05:19.0351 5036 NdisTapi - ok 13:05:19.0366 5036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:05:19.0429 5036 Ndisuio - ok 13:05:19.0444 5036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:05:19.0491 5036 NdisWan - ok 13:05:19.0507 5036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:05:19.0553 5036 NDProxy - ok 13:05:19.0569 5036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:05:19.0616 5036 NetBIOS - ok 13:05:19.0631 5036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:05:19.0678 5036 NetBT - ok 13:05:19.0678 5036 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 13:05:19.0709 5036 Netlogon - ok 13:05:19.0709 5036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:05:19.0772 5036 Netman - ok 13:05:19.0772 5036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:05:19.0787 5036 NetMsmqActivator - ok 13:05:19.0803 5036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:05:19.0819 5036 NetPipeActivator - ok 13:05:19.0819 5036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:05:19.0881 5036 netprofm - ok 13:05:19.0881 5036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:05:19.0897 5036 NetTcpActivator - ok 13:05:19.0912 5036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:05:19.0928 5036 NetTcpPortSharing - ok 13:05:19.0928 5036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 13:05:19.0943 5036 nfrd960 - ok 13:05:19.0959 5036 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 13:05:19.0975 5036 NisDrv - ok 13:05:19.0975 5036 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 13:05:20.0006 5036 NisSrv - ok 13:05:20.0006 5036 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:05:20.0053 5036 NlaSvc - ok 13:05:20.0068 5036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:05:20.0115 5036 Npfs - ok 13:05:20.0115 5036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:05:20.0162 5036 nsi - ok 13:05:20.0177 5036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:05:20.0224 5036 nsiproxy - ok 13:05:20.0240 5036 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:05:20.0302 5036 Ntfs - ok 13:05:20.0302 5036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:05:20.0349 5036 Null - ok 13:05:20.0365 5036 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 13:05:20.0380 5036 NVENETFD - ok 13:05:20.0552 5036 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:05:20.0833 5036 nvlddmkm - ok 13:05:20.0864 5036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:05:20.0879 5036 nvraid - ok 13:05:20.0879 5036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:05:20.0911 5036 nvstor - ok 13:05:20.0911 5036 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe 13:05:20.0926 5036 nvsvc - ok 13:05:20.0942 5036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:05:20.0957 5036 nv_agp - ok 13:05:20.0957 5036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:05:20.0989 5036 ohci1394 - ok 13:05:20.0989 5036 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:05:21.0004 5036 ose - ok 13:05:21.0067 5036 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:05:21.0191 5036 osppsvc - ok 13:05:21.0207 5036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:05:21.0238 5036 p2pimsvc - ok 13:05:21.0238 5036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:05:21.0269 5036 p2psvc - ok 13:05:21.0285 5036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 13:05:21.0301 5036 Parport - ok 13:05:21.0316 5036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:05:21.0332 5036 partmgr - ok 13:05:21.0332 5036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:05:21.0363 5036 PcaSvc - ok 13:05:21.0379 5036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 13:05:21.0394 5036 pci - ok 13:05:21.0394 5036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 13:05:21.0410 5036 pciide - ok 13:05:21.0425 5036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 13:05:21.0441 5036 pcmcia - ok 13:05:21.0441 5036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:05:21.0472 5036 pcw - ok 13:05:21.0488 5036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:05:21.0535 5036 PEAUTH - ok 13:05:21.0550 5036 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 13:05:21.0597 5036 PeerDistSvc - ok 13:05:21.0628 5036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:05:21.0644 5036 PerfHost - ok 13:05:21.0706 5036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 13:05:21.0925 5036 pla - ok 13:05:21.0940 5036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:05:21.0971 5036 PlugPlay - ok 13:05:21.0971 5036 PnkBstrA - ok 13:05:21.0971 5036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:05:22.0003 5036 PNRPAutoReg - ok 13:05:22.0003 5036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:05:22.0034 5036 PNRPsvc - ok 13:05:22.0049 5036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:05:22.0096 5036 PolicyAgent - ok 13:05:22.0112 5036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:05:22.0159 5036 Power - ok 13:05:22.0159 5036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:05:22.0205 5036 PptpMiniport - ok 13:05:22.0205 5036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 13:05:22.0237 5036 Processor - ok 13:05:22.0237 5036 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 13:05:22.0268 5036 ProfSvc - ok 13:05:22.0268 5036 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:05:22.0299 5036 ProtectedStorage - ok 13:05:22.0299 5036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:05:22.0346 5036 Psched - ok 13:05:22.0346 5036 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 13:05:22.0361 5036 PxHlpa64 - ok 13:05:22.0393 5036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 13:05:22.0439 5036 ql2300 - ok 13:05:22.0439 5036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 13:05:22.0455 5036 ql40xx - ok 13:05:22.0471 5036 qrhjrvoi - ok 13:05:22.0471 5036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:05:22.0502 5036 QWAVE - ok 13:05:22.0517 5036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:05:22.0533 5036 QWAVEdrv - ok 13:05:22.0549 5036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:05:22.0595 5036 RasAcd - ok 13:05:22.0595 5036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:05:22.0642 5036 RasAgileVpn - ok 13:05:22.0642 5036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:05:22.0689 5036 RasAuto - ok 13:05:22.0705 5036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:05:22.0751 5036 Rasl2tp - ok 13:05:22.0751 5036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 13:05:22.0798 5036 RasMan - ok 13:05:22.0814 5036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:05:22.0861 5036 RasPppoe - ok 13:05:22.0861 5036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:05:22.0907 5036 RasSstp - ok 13:05:22.0923 5036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:05:22.0970 5036 rdbss - ok 13:05:22.0970 5036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 13:05:23.0001 5036 rdpbus - ok 13:05:23.0001 5036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:05:23.0048 5036 RDPCDD - ok 13:05:23.0063 5036 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 13:05:23.0079 5036 RDPDR - ok 13:05:23.0095 5036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:05:23.0141 5036 RDPENCDD - ok 13:05:23.0141 5036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:05:23.0188 5036 RDPREFMP - ok 13:05:23.0188 5036 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 13:05:23.0219 5036 RdpVideoMiniport - ok 13:05:23.0219 5036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:05:23.0251 5036 RDPWD - ok 13:05:23.0266 5036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:05:23.0282 5036 rdyboost - ok 13:05:23.0297 5036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:05:23.0329 5036 RemoteAccess - ok 13:05:23.0344 5036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:05:23.0391 5036 RemoteRegistry - ok 13:05:23.0391 5036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:05:23.0438 5036 RpcEptMapper - ok 13:05:23.0453 5036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:05:23.0469 5036 RpcLocator - ok 13:05:23.0485 5036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 13:05:23.0531 5036 RpcSs - ok 13:05:23.0531 5036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:05:23.0578 5036 rspndr - ok 13:05:23.0578 5036 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 13:05:23.0609 5036 s3cap - ok 13:05:23.0609 5036 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 13:05:23.0625 5036 SamSs - ok 13:05:23.0641 5036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:05:23.0656 5036 sbp2port - ok 13:05:23.0672 5036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:05:23.0719 5036 SCardSvr - ok 13:05:23.0734 5036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:05:23.0765 5036 scfilter - ok 13:05:23.0797 5036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 13:05:23.0859 5036 Schedule - ok 13:05:23.0859 5036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:05:23.0906 5036 SCPolicySvc - ok 13:05:23.0906 5036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:05:23.0937 5036 SDRSVC - ok 13:05:23.0953 5036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:05:23.0993 5036 secdrv - ok 13:05:23.0993 5036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 13:05:24.0038 5036 seclogon - ok 13:05:24.0038 5036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 13:05:24.0085 5036 SENS - ok 13:05:24.0101 5036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:05:24.0116 5036 SensrSvc - ok 13:05:24.0116 5036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 13:05:24.0147 5036 Serenum - ok 13:05:24.0147 5036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 13:05:24.0179 5036 Serial - ok 13:05:24.0179 5036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 13:05:24.0194 5036 sermouse - ok 13:05:24.0210 5036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:05:24.0257 5036 SessionEnv - ok 13:05:24.0272 5036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:05:24.0288 5036 sffdisk - ok 13:05:24.0288 5036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:05:24.0319 5036 sffp_mmc - ok 13:05:24.0319 5036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:05:24.0350 5036 sffp_sd - ok 13:05:24.0350 5036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 13:05:24.0381 5036 sfloppy - ok 13:05:24.0381 5036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:05:24.0444 5036 SharedAccess - ok 13:05:24.0444 5036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:05:24.0491 5036 ShellHWDetection - ok 13:05:24.0506 5036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:05:24.0522 5036 SiSRaid2 - ok 13:05:24.0522 5036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 13:05:24.0537 5036 SiSRaid4 - ok 13:05:24.0553 5036 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:05:24.0569 5036 SkypeUpdate - ok 13:05:24.0569 5036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:05:24.0615 5036 Smb - ok 13:05:24.0631 5036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:05:24.0647 5036 SNMPTRAP - ok 13:05:24.0662 5036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:05:24.0678 5036 spldr - ok 13:05:24.0678 5036 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 13:05:24.0740 5036 Spooler - ok 13:05:24.0787 5036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 13:05:24.0896 5036 sppsvc - ok 13:05:24.0896 5036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:05:24.0943 5036 sppuinotify - ok 13:05:24.0959 5036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 13:05:24.0990 5036 srv - ok 13:05:25.0005 5036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:05:25.0021 5036 srv2 - ok 13:05:25.0037 5036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:05:25.0052 5036 srvnet - ok 13:05:25.0068 5036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:05:25.0099 5036 SSDPSRV - ok 13:05:25.0115 5036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:05:25.0161 5036 SstpSvc - ok 13:05:25.0161 5036 Steam Client Service - ok 13:05:25.0177 5036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 13:05:25.0193 5036 stexstor - ok 13:05:25.0208 5036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 13:05:25.0239 5036 stisvc - ok 13:05:25.0239 5036 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 13:05:25.0255 5036 storflt - ok 13:05:25.0271 5036 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 13:05:25.0286 5036 storvsc - ok 13:05:25.0286 5036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 13:05:25.0302 5036 swenum - ok 13:05:25.0317 5036 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 13:05:25.0333 5036 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 13:05:25.0333 5036 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 13:05:25.0349 5036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:05:25.0395 5036 swprv - ok 13:05:25.0411 5036 Synth3dVsc - ok 13:05:25.0442 5036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 13:05:25.0505 5036 SysMain - ok 13:05:25.0505 5036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:05:25.0536 5036 TabletInputService - ok 13:05:25.0629 5036 [ B9E475AB1AABB21F278EA74965F918B9 ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe 13:05:25.0770 5036 TabletServiceWacom - ok 13:05:25.0801 5036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:05:25.0848 5036 TapiSrv - ok 13:05:25.0848 5036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:05:25.0895 5036 TBS - ok 13:05:25.0926 5036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:05:25.0988 5036 Tcpip - ok 13:05:26.0019 5036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:05:26.0066 5036 TCPIP6 - ok 13:05:26.0082 5036 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:05:26.0129 5036 tcpipreg - ok 13:05:26.0129 5036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:05:26.0160 5036 TDPIPE - ok 13:05:26.0160 5036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:05:26.0191 5036 TDTCP - ok 13:05:26.0207 5036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:05:26.0253 5036 tdx - ok 13:05:26.0300 5036 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 13:05:26.0378 5036 TeamViewer7 - ok 13:05:26.0378 5036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 13:05:26.0409 5036 TermDD - ok 13:05:26.0425 5036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 13:05:26.0487 5036 TermService - ok 13:05:26.0487 5036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:05:26.0519 5036 Themes - ok 13:05:26.0534 5036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:05:26.0565 5036 THREADORDER - ok 13:05:26.0581 5036 [ B8F4A8AFFAAE521A20E8D2AF3F487124 ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe 13:05:26.0612 5036 TouchServiceWacom - ok 13:05:26.0612 5036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:05:26.0659 5036 TrkWks - ok 13:05:26.0675 5036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:05:26.0706 5036 TrustedInstaller - ok 13:05:26.0721 5036 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:05:26.0768 5036 tssecsrv - ok 13:05:26.0768 5036 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:05:26.0799 5036 TsUsbFlt - ok 13:05:26.0799 5036 tsusbhub - ok 13:05:26.0815 5036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:05:26.0862 5036 tunnel - ok 13:05:26.0862 5036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 13:05:26.0877 5036 uagp35 - ok 13:05:26.0893 5036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:05:26.0940 5036 udfs - ok 13:05:27.0049 5036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:05:27.0080 5036 UI0Detect - ok 13:05:27.0080 5036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:05:27.0096 5036 uliagpkx - ok 13:05:27.0111 5036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 13:05:27.0127 5036 umbus - ok 13:05:27.0127 5036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 13:05:27.0158 5036 UmPass - ok 13:05:27.0158 5036 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 13:05:27.0189 5036 UmRdpService - ok 13:05:27.0205 5036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:05:27.0252 5036 upnphost - ok 13:05:27.0252 5036 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 13:05:27.0283 5036 USBAAPL64 - ok 13:05:27.0283 5036 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 13:05:27.0314 5036 usbaudio - ok 13:05:27.0314 5036 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:05:27.0345 5036 usbccgp - ok 13:05:27.0345 5036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:05:27.0377 5036 usbcir - ok 13:05:27.0377 5036 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:05:27.0392 5036 usbehci - ok 13:05:27.0408 5036 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:05:27.0439 5036 usbhub - ok 13:05:27.0439 5036 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 13:05:27.0470 5036 usbohci - ok 13:05:27.0470 5036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:05:27.0486 5036 usbprint - ok 13:05:27.0501 5036 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:05:27.0533 5036 usbscan - ok 13:05:27.0533 5036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:05:27.0548 5036 USBSTOR - ok 13:05:27.0564 5036 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 13:05:27.0579 5036 usbuhci - ok 13:05:27.0579 5036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:05:27.0626 5036 UxSms - ok 13:05:27.0642 5036 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 13:05:27.0657 5036 VaultSvc - ok 13:05:27.0657 5036 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys 13:05:27.0689 5036 VClone - ok 13:05:27.0689 5036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:05:27.0704 5036 vdrvroot - ok 13:05:27.0720 5036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 13:05:27.0767 5036 vds - ok 13:05:27.0767 5036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:05:27.0798 5036 vga - ok 13:05:27.0798 5036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:05:27.0845 5036 VgaSave - ok 13:05:27.0845 5036 VGPU - ok 13:05:27.0860 5036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:05:27.0876 5036 vhdmp - ok 13:05:27.0891 5036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:05:27.0907 5036 viaide - ok 13:05:27.0907 5036 [ 16073F2BC424558EBD277A15188D329E ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe 13:05:27.0923 5036 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning 13:05:27.0923 5036 VMAuthdService - detected UnsignedFile.Multi.Generic (1) 13:05:27.0938 5036 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 13:05:27.0954 5036 vmbus - ok 13:05:27.0954 5036 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 13:05:27.0969 5036 VMBusHID - ok 13:05:27.0985 5036 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys 13:05:28.0001 5036 vmci - ok 13:05:28.0001 5036 [ 3A717D3E29C107351347B478A9D0043F ] vmkbd C:\Windows\system32\drivers\VMkbd.sys 13:05:28.0016 5036 vmkbd - ok 13:05:28.0016 5036 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys 13:05:28.0032 5036 VMnetAdapter - ok 13:05:28.0032 5036 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys 13:05:28.0047 5036 VMnetBridge - ok 13:05:28.0063 5036 VMnetDHCP - ok 13:05:28.0063 5036 [ B6A3766C3E99FB1F6663C6B4B7C3F3A1 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys 13:05:28.0079 5036 VMnetuserif - ok 13:05:28.0094 5036 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe 13:05:28.0110 5036 VMUSBArbService - ok 13:05:28.0125 5036 VMware NAT Service - ok 13:05:28.0125 5036 [ E53CAD9B1FA901CA2046501EE88F9CEF ] vmx86 C:\Windows\system32\drivers\vmx86.sys 13:05:28.0141 5036 vmx86 - ok 13:05:28.0157 5036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:05:28.0172 5036 volmgr - ok 13:05:28.0188 5036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:05:28.0203 5036 volmgrx - ok 13:05:28.0219 5036 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:05:28.0235 5036 volsnap - ok 13:05:28.0250 5036 [ 239D8D72730226CD460BDC8CA0A23D43 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys 13:05:28.0266 5036 Vsdatant - ok 13:05:28.0266 5036 vsmon - ok 13:05:28.0281 5036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 13:05:28.0297 5036 vsmraid - ok 13:05:28.0328 5036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 13:05:28.0406 5036 VSS - ok 13:05:28.0406 5036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 13:05:28.0437 5036 vwifibus - ok 13:05:28.0437 5036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:05:28.0484 5036 W32Time - ok 13:05:28.0500 5036 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys 13:05:28.0515 5036 wacmoumonitor - ok 13:05:28.0531 5036 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys 13:05:28.0547 5036 wacommousefilter - ok 13:05:28.0547 5036 WacomPen - ok 13:05:28.0547 5036 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys 13:05:28.0562 5036 wacomvhid - ok 13:05:28.0578 5036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:05:28.0609 5036 WANARP - ok 13:05:28.0625 5036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:05:28.0656 5036 Wanarpv6 - ok 13:05:28.0687 5036 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:05:28.0718 5036 WatAdminSvc - ok 13:05:28.0749 5036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 13:05:28.0796 5036 wbengine - ok 13:05:28.0812 5036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:05:28.0843 5036 WbioSrvc - ok 13:05:28.0843 5036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:05:28.0874 5036 wcncsvc - ok 13:05:28.0890 5036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:05:28.0905 5036 WcsPlugInService - ok 13:05:28.0905 5036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 13:05:28.0921 5036 Wd - ok 13:05:28.0937 5036 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:05:28.0968 5036 Wdf01000 - ok 13:05:28.0983 5036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:05:28.0999 5036 WdiServiceHost - ok 13:05:29.0015 5036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:05:29.0030 5036 WdiSystemHost - ok 13:05:29.0046 5036 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:05:29.0077 5036 WebClient - ok 13:05:29.0077 5036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:05:29.0124 5036 Wecsvc - ok 13:05:29.0139 5036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:05:29.0186 5036 wercplsupport - ok 13:05:29.0186 5036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:05:29.0233 5036 WerSvc - ok 13:05:29.0249 5036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:05:29.0295 5036 WfpLwf - ok 13:05:29.0295 5036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:05:29.0311 5036 WIMMount - ok 13:05:29.0311 5036 WinDefend - ok 13:05:29.0327 5036 WinHttpAutoProxySvc - ok 13:05:29.0342 5036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:05:29.0373 5036 Winmgmt - ok 13:05:29.0405 5036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 13:05:29.0498 5036 WinRM - ok 13:05:29.0498 5036 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:05:29.0529 5036 WinUsb - ok 13:05:29.0545 5036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:05:29.0576 5036 Wlansvc - ok 13:05:29.0592 5036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 13:05:29.0607 5036 WmiAcpi - ok 13:05:29.0623 5036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:05:29.0639 5036 wmiApSrv - ok 13:05:29.0654 5036 WMPNetworkSvc - ok 13:05:29.0670 5036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:05:29.0685 5036 WPCSvc - ok 13:05:29.0701 5036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:05:29.0717 5036 WPDBusEnum - ok 13:05:29.0732 5036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:05:29.0763 5036 ws2ifsl - ok 13:05:29.0779 5036 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 13:05:29.0810 5036 wscsvc - ok 13:05:29.0810 5036 WSearch - ok 13:05:29.0841 5036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:05:29.0904 5036 wuauserv - ok 13:05:29.0919 5036 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:05:29.0966 5036 WudfPf - ok 13:05:29.0966 5036 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:05:30.0013 5036 WUDFRd - ok 13:05:30.0013 5036 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:05:30.0060 5036 wudfsvc - ok 13:05:30.0075 5036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 13:05:30.0107 5036 WwanSvc - ok 13:05:30.0107 5036 ================ Scan global =============================== 13:05:30.0122 5036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:05:30.0122 5036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 13:05:30.0138 5036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 13:05:30.0138 5036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:05:30.0153 5036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:05:30.0153 5036 [Global] - ok 13:05:30.0153 5036 ================ Scan MBR ================================== 13:05:30.0153 5036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 13:05:30.0278 5036 \Device\Harddisk1\DR1 - ok 13:05:30.0278 5036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 13:05:30.0387 5036 \Device\Harddisk0\DR0 - ok 13:05:30.0387 5036 ================ Scan VBR ================================== 13:05:30.0387 5036 [ 42DBFE903F280CC9ABEC3E5964AAB43E ] \Device\Harddisk1\DR1\Partition1 13:05:30.0387 5036 \Device\Harddisk1\DR1\Partition1 - ok 13:05:30.0387 5036 [ 8676F1297879680BDAA4FEE992015D4E ] \Device\Harddisk1\DR1\Partition2 13:05:30.0387 5036 \Device\Harddisk1\DR1\Partition2 - ok 13:05:30.0403 5036 [ DF6E466DEBC64151F863209E1592D3C8 ] \Device\Harddisk0\DR0\Partition1 13:05:30.0403 5036 \Device\Harddisk0\DR0\Partition1 - ok 13:05:30.0403 5036 ============================================================ 13:05:30.0403 5036 Scan finished 13:05:30.0403 5036 ============================================================ 13:05:30.0419 4864 Detected object count: 4 13:05:30.0419 4864 Actual detected object count: 4 13:05:46.0685 4864 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user 13:05:46.0685 4864 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:05:46.0685 4864 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user 13:05:46.0685 4864 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:05:46.0695 4864 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 13:05:46.0695 4864 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:05:46.0695 4864 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user 13:05:46.0695 4864 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip Danke fürs durchsehn und die Hilfe! Hoff der Kübel funzt bald wieder  |
|
30.08.2012, 13:45
| #9 |
| /// Malware-holic | Win 7 Desktop Overlay "this programm cannot display the webpage" lade den CCleaner standard: CCleaner Download - CCleaner 3.22.1800 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Win 7 Desktop Overlay "this programm cannot display the webpage" |
| 64 bit system, antivir, avira, bho, bingbar, black, bonjour, browser, call of duty, conduit, desktop, error, excel, firefox, flash player, google, google earth, helper, homepage, hängen, install.exe, langs, logfile, nicht möglich, officejet, pc normal, plug-in, programm, registry, rundll, scan, searchscopes, security, software, svchost.exe, system, tablet, taskmanager, usb, win7 64, win7 64 bit |
Linear-Darstellung
