| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen2 / Lapqeteazore.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.08.2012, 23:00
| #1 |
| |  TR/ATRAPS.Gen2 / Lapqeteazore.exe Nabend, hab seit heute Abend den scheinbar schon häufiger auffallenden Störenfried "TR/ATRAPS.Gen2 / Lapqeteazore.exe"... Anvira kann ihn offensichtlich nicht löschen, Zonealarm macht auch nicht viel. Hab nen Lappi mit Windows7, 64Bit, Intel I5... Wäre nett wenn ihr mir mit ner idiotensicheren Geduld erklärt was ich wann wo wie durchlaufen lassen muss. im worste case Fall habe ich nen Systemabbild auf ner externen Platte von vor 2 oder 3 Wochen... mfg Sura P.S. falls es wen interessiert, dieser Dreck erstellt ne Datei im persönlichen Ordner namens "lapqeteazore" ... |
|
02.08.2012, 23:16
| #2 |
  | TR/ATRAPS.Gen2 / Lapqeteazore.exe Hi,
__________________Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten... chris
__________________ |
|
02.08.2012, 23:34
| #3 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe so ganz nebenbei, ist es nachteilig die verschiedenen Programme parallel ausühren zu lassen oder nebenbei was zu zocken?
__________________Geändert von Suratarius (02.08.2012 um 23:42 Uhr) |
|
03.08.2012, 01:24
| #4 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe So auf gehts: Malwarebytes: Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.08.02.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Suratarius :: SURATARIU-PC [Administrator] 03.08.2012 00:25:11 mbam-log-2012-08-03 (00-25-11).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 411751 Laufzeit: 1 Stunde(n), 17 Minute(n), 54 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.08.2012 01:56:31 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Suratarius\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 48,97% Memory free 7,82 Gb Paging File | 5,08 Gb Available in Paging File | 64,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 555,07 Gb Total Space | 409,13 Gb Free Space | 73,71% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS Drive F: | 5,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: SURATARIU-PC | User Name: Suratarius | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Suratarius\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Suratarius\lapqeteazore.exe (Akasa) PRC - C:\Users\SURATA~1\AppData\Local\Temp\220509987.exe (Akasa) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\PHotkey\POSD.exe (Pegatron Corporation) PRC - C:\Program Files (x86)\PHotkey\PHotkey.exe (Pegatron Corporation) PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () PRC - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe () PRC - C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe (Schomäcker GmbH) PRC - C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-GUI\XPrint-Client-GUI.exe (Schomäcker GmbH) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e16482769fcdf856919e292a968f16c\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3b2b9f4ec1819e4b95792d92f56d26f9\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XXML6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XXXL6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSWN6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSSE6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XMIS6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XMNG6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSEC6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSQL6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSND6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XPKC6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XRMI6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XKRN6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XJCE6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XAWT6407.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\bin\jetvm\jvm.dll () MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\bin\java.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (CxAudMsg) -- C:\Windows\Sysnative\CxAudMsg64.exe (Conexant Systems Inc.) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (SharedAccess) -- C:\Windows\Sysnative\svchost.exe (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (GFNEXSrv) -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (XPrint-Client-Service) -- C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe (Schomäcker GmbH) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\Sysnative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\Sysnative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\Sysnative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (atksgt) -- C:\Windows\Sysnative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\Sysnative\drivers\lirsgt.sys () DRV:64bit: - (teamviewervpn) -- C:\Windows\Sysnative\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\Sysnative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (nvpciflt) -- C:\Windows\Sysnative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\Sysnative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\Sysnative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\Sysnative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\Sysnative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\Sysnative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (Vsdatant) -- C:\Windows\Sysnative\drivers\vsdatant.sys (Check Point Software Technologies LTD) DRV:64bit: - (NETwNs64) -- C:\Windows\Sysnative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (clwvd) -- C:\Windows\Sysnative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (amdsata) -- C:\Windows\Sysnative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\Sysnative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (igfx) -- C:\Windows\Sysnative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\Sysnative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\Sysnative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\Sysnative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\Sysnative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\Sysnative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (fspad_xp64) -- C:\Windows\Sysnative\drivers\fspad_xp64.sys (Sentelic Corporation) DRV:64bit: - (fspad_wlh64) -- C:\Windows\Sysnative\drivers\fspad_wlh64.sys (Sentelic Corporation) DRV:64bit: - (iaStor) -- C:\Windows\Sysnative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\Sysnative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (wsvd) -- C:\Windows\Sysnative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (L1C) -- C:\Windows\Sysnative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (RTL8192su) -- C:\Windows\Sysnative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (AmUStor) -- C:\Windows\Sysnative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (amdsbs) -- C:\Windows\Sysnative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\Sysnative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\Sysnative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (RTL8167) -- C:\Windows\Sysnative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (ebdrv) -- C:\Windows\Sysnative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\Sysnative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\Sysnative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\Sysnative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (PEGAGFN) -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys (PEGATRON) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle IE - HKCU\..\SearchScopes,DefaultScope = {851AD6DB-48BB-409D-B9B1-059F2AE7D42A} IE - HKCU\..\SearchScopes\{851AD6DB-48BB-409D-B9B1-059F2AE7D42A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDND_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Suratarius\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.07.10 18:06:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.07.10 17:49:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.23 21:10:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.24 01:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suratarius\AppData\Roaming\mozilla\Extensions [2012.05.15 04:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suratarius\AppData\Roaming\mozilla\Firefox\Profiles\5vy3v48n.default\extensions [2012.06.17 20:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.17 20:09:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.05.23 21:10:26 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\Sysnative\drivers\etc\hosts O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\Sysnative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\Sysnative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\Sysnative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [lapqeteazore] C:\Users\Suratarius\lapqeteazore.exe (Akasa) O4 - HKCU..\Run: [SkypePM] C:\Users\Suratarius\AppData\Local\Skype\SkypePM.exe File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BD665DE-B209-409B-9DDF-20B96566CB3D}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B37211CB-611B-4C00-8D9E-05460FD7487A}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\Sysnative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\Sysnative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.09.07 02:53:09 | 000,000,126 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{a576e6c9-d326-11e1-a4c4-3860772c224f}\Shell - "" = AutoRun O33 - MountPoints2\{a576e6c9-d326-11e1-a4c4-3860772c224f}\Shell\AutoRun\command - "" = F:\raf-dead_island.exe -- [2011.09.07 06:29:57 | 000,794,049 | R--- | M] (RAF Production ) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.03 00:25:36 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\#ISW.FS# [2012.08.03 00:25:24 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Suratarius\Desktop\OTL.exe [2012.08.03 00:22:56 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\Malwarebytes [2012.08.03 00:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.03 00:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.03 00:22:39 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.03 00:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.01 15:45:50 | 000,090,584 | ---- | C] (Akasa) -- C:\Users\Suratarius\lapqeteazore.exe [2012.07.28 16:03:47 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD [2012.07.28 16:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD [2012.07.28 16:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD [2012.07.23 19:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2012.07.23 19:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver [2012.07.23 19:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.07.23 19:12:56 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.23 19:12:53 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\DAEMON Tools Lite [2012.07.23 19:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.07.23 19:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.07.13 13:20:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.13 13:20:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.13 13:20:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.13 13:20:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.13 13:20:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.13 13:20:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.13 13:20:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.13 13:20:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.13 13:20:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.13 13:20:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.13 13:20:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.13 13:20:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.13 13:20:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.12 20:41:44 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\Application Data [2012.07.12 18:14:32 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Local\Macromedia [2012.07.12 09:40:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.12 09:40:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.12 09:39:54 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.12 09:34:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.12 09:34:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.05 11:14:11 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Users\Suratarius\Desktop\*.tmp files -> C:\Users\Suratarius\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== File not found -- C:\Windows\SysNative\ [2012.08.03 01:25:54 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.03 01:25:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.03 01:25:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.03 00:25:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Suratarius\Desktop\OTL.exe [2012.08.03 00:22:40 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.02 22:35:25 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2012.08.01 18:08:08 | 001,614,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.01 18:08:08 | 000,697,550 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.01 18:08:08 | 000,652,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.01 18:08:08 | 000,148,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.01 18:08:08 | 000,121,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.01 15:46:31 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe [2012.08.01 15:45:29 | 000,090,584 | ---- | M] (Akasa) -- C:\Users\Suratarius\lapqeteazore.exe [2012.07.30 02:38:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.30 02:38:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.30 02:30:28 | 3151,269,888 | -HS- | M] () -- C:\hiberfil.sys [2012.07.28 16:03:47 | 000,002,172 | ---- | M] () -- C:\Users\Suratarius\Desktop\Die Gilde Gold-Edition TL.lnk [2012.07.23 19:27:05 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\Dead Island PreOrder Edition.lnk [2012.07.23 19:12:56 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.13 13:35:38 | 000,428,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.10 17:51:44 | 000,415,933 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Users\Suratarius\Desktop\*.tmp files -> C:\Users\Suratarius\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== File not found -- C:\Windows\SysNative\ [2012.08.03 01:58:09 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\800000cb.@ [2012.08.03 00:22:40 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.01 15:50:45 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@ [2012.08.01 15:46:29 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@ [2012.07.28 16:03:47 | 000,002,172 | ---- | C] () -- C:\Users\Suratarius\Desktop\Die Gilde Gold-Edition TL.lnk [2012.07.23 19:27:05 | 000,001,214 | ---- | C] () -- C:\Users\Public\Desktop\Dead Island PreOrder Edition.lnk [2012.06.05 02:43:22 | 000,045,270 | ---- | C] () -- C:\Users\Suratarius\AppData\Roaming\room_v3.dat [2012.03.28 02:37:08 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2012.01.26 17:50:02 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.01.25 20:33:51 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.01.24 17:08:50 | 000,941,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys [2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ [2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ [2012.01.09 22:00:48 | 004,346,880 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2012.01.08 00:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2012.01.08 00:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-53.dll [2012.01.08 00:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-53.dll [2012.01.08 00:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2012.01.08 00:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll [2012.01.08 00:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll [2011.12.20 20:50:04 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.12.20 20:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2011.12.20 20:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2011.12.20 20:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2011.12.20 20:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2011.12.20 20:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2011.12.20 20:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2011.12.20 20:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2011.12.20 20:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2011.12.20 20:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.11.16 11:36:00 | 001,592,858 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011.07.15 12:16:31 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.15 12:16:29 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.15 12:16:28 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.03.03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2011.03.03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2011.03.03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2010.08.18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini < End of report > OTL Extra:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.08.2012 01:56:31 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Suratarius\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 48,97% Memory free
7,82 Gb Paging File | 5,08 Gb Available in Paging File | 64,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 555,07 Gb Total Space | 409,13 Gb Free Space | 73,71% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS
Drive F: | 5,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: SURATARIU-PC | User Name: Suratarius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B33371A-C04F-48D3-980C-285369ECD634}" = ZoneAlarm Firewall
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{528CA916-2209-4779-990A-11D749A49C4A}_is1" = Dead Island PreOrder Edition
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" = AGEIA PhysX v6.10.05
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die*Sims*Mittelalter
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4C255FE-BE15-4C06-AAD9-A08F2DBB2E39}" = ZoneAlarm Security
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"im" = Garena Plus
"InfernalGame" = Infernal
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nano" = Nano 1.1.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"ProInst" = Intel PROSet Wireless
"Steam App 10500" = Empire: Total War
"Steam App 73010" = Cities in Motion
"streamWriter_is1" = streamWriter
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.1
"WebcamMax" = WebcamMax
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.7.0
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.6 [64-Bit]
"WinLiveSuite" = Windows Live Essentials
"X-Print Client Uni Oldenburg_is1" = X-Print 4.0 Client
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2012 13:41:34 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: deadislandgame.exe, Version: 1.0.0.0,
Zeitstempel: 0x4e37e5fe Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
Zeitstempel: 0x4dace5b9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003af60 ID des fehlerhaften
Prozesses: 0x1688 Startzeit der fehlerhaften Anwendung: 0x01cd68fa63a6457d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Deep Silver\Dead Island\deadislandgame.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
a48b0ca8-d4ed-11e1-a4c4-3860772c224f
Error - 23.07.2012 13:48:21 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: deadislandgame.exe, Version: 1.0.0.0,
Zeitstempel: 0x4e37e5fe Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
Zeitstempel: 0x4dace5b9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003af60 ID des fehlerhaften
Prozesses: 0x1454 Startzeit der fehlerhaften Anwendung: 0x01cd68fb587a6ee8 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Deep Silver\Dead Island\deadislandgame.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
97a08f98-d4ee-11e1-a4c4-3860772c224f
Error - 24.07.2012 09:51:52 | Computer Name = Suratariu-PC | Source = Windows Backup | ID = 4103
Description =
Error - 26.07.2012 10:08:53 | Computer Name = Suratariu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet
werden.
Error - 27.07.2012 16:04:49 | Computer Name = Suratariu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet
werden.
Error - 28.07.2012 10:06:12 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GildeGold_TL.exe, Version: 0.0.0.0,
Zeitstempel: 0x3f7a87ac Name des fehlerhaften Moduls: GildeGold_TL.exe, Version:
0.0.0.0, Zeitstempel: 0x3f7a87ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001fee0
ID
des fehlerhaften Prozesses: 0xc6c Startzeit der fehlerhaften Anwendung: 0x01cd6cc9f3846023
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Berichtskennung:
62b14f8d-d8bd-11e1-9313-3860772c224f
Error - 28.07.2012 10:06:42 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GildeGold_TL.exe, Version: 0.0.0.0,
Zeitstempel: 0x3f7a87ac Name des fehlerhaften Moduls: GildeGold_TL.exe, Version:
0.0.0.0, Zeitstempel: 0x3f7a87ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002422d
ID
des fehlerhaften Prozesses: 0x1530 Startzeit der fehlerhaften Anwendung: 0x01cd6cca2c466810
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Berichtskennung:
74ebc7dc-d8bd-11e1-9313-3860772c224f
Error - 29.07.2012 20:28:32 | Computer Name = Suratariu-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 7.0.10.8 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a1c Startzeit:
01cd6dea1a4bcbf2 Endzeit: 0 Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID:
Error - 29.07.2012 20:29:24 | Computer Name = Suratariu-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 7.0.10.8 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1858 Startzeit:
01cd6dea48fba932 Endzeit: 0 Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID:
Error - 31.07.2012 09:00:03 | Computer Name = Suratariu-PC | Source = Windows Backup | ID = 4103
Description =
[ System Events ]
Error - 29.07.2012 11:29:39 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.131.805.0)
Error - 29.07.2012 20:30:51 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 29.07.2012 20:30:52 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 29.07.2012 20:30:58 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 30.07.2012 07:47:43 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 30.07.2012 07:47:48 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.131.805.0)
Error - 31.07.2012 07:24:08 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 31.07.2012 07:24:14 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.131.1058.0)
Error - 01.08.2012 09:45:43 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 01.08.2012 09:45:49 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.131.1058.0)
< End of report >
TDSSKiller: 02:13:29.0725 0452 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 02:13:29.0818 0452 ============================================================ 02:13:29.0818 0452 Current date / time: 2012/08/03 02:13:29.0818 02:13:29.0818 0452 SystemInfo: 02:13:29.0818 0452 02:13:29.0818 0452 OS Version: 6.1.7601 ServicePack: 1.0 02:13:29.0818 0452 Product type: Workstation 02:13:29.0818 0452 ComputerName: SURATARIU-PC 02:13:29.0818 0452 UserName: Suratarius 02:13:29.0818 0452 Windows directory: C:\Windows 02:13:29.0818 0452 System windows directory: C:\Windows 02:13:29.0818 0452 Running under WOW64 02:13:29.0818 0452 Processor architecture: Intel x64 02:13:29.0818 0452 Number of processors: 4 02:13:29.0818 0452 Page size: 0x1000 02:13:29.0818 0452 Boot type: Normal boot 02:13:29.0818 0452 ============================================================ 02:13:30.0520 0452 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 02:13:30.0536 0452 ============================================================ 02:13:30.0536 0452 \Device\Harddisk0\DR0: 02:13:30.0536 0452 MBR partitions: 02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x45625000 02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x45657800, BlocksNum 0x5000000 02:13:30.0536 0452 ============================================================ 02:13:30.0598 0452 C: <-> \Device\Harddisk0\DR0\Partition1 02:13:30.0661 0452 D: <-> \Device\Harddisk0\DR0\Partition2 02:13:30.0707 0452 ============================================================ 02:13:30.0707 0452 Initialize success 02:13:30.0707 0452 ============================================================ 02:14:18.0521 14716 ============================================================ 02:14:18.0521 14716 Scan started 02:14:18.0521 14716 Mode: Manual; SigCheck; TDLFS; 02:14:18.0521 14716 ============================================================ 02:14:20.0518 14716 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 02:14:20.0721 14716 1394ohci - ok 02:14:20.0768 14716 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 02:14:20.0799 14716 ACPI - ok 02:14:20.0830 14716 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 02:14:20.0924 14716 AcpiPmi - ok 02:14:21.0049 14716 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 02:14:21.0064 14716 AdobeARMservice - ok 02:14:21.0236 14716 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 02:14:21.0251 14716 AdobeFlashPlayerUpdateSvc - ok 02:14:21.0361 14716 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 02:14:21.0439 14716 adp94xx - ok 02:14:21.0517 14716 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 02:14:21.0548 14716 adpahci - ok 02:14:21.0595 14716 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 02:14:21.0610 14716 adpu320 - ok 02:14:21.0641 14716 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 02:14:21.0860 14716 AeLookupSvc - ok 02:14:21.0938 14716 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 02:14:22.0031 14716 AFD - ok 02:14:22.0078 14716 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 02:14:22.0109 14716 agp440 - ok 02:14:22.0156 14716 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 02:14:22.0234 14716 ALG - ok 02:14:22.0281 14716 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 02:14:22.0297 14716 aliide - ok 02:14:22.0312 14716 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 02:14:22.0328 14716 amdide - ok 02:14:22.0375 14716 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 02:14:22.0437 14716 AmdK8 - ok 02:14:22.0468 14716 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 02:14:22.0515 14716 AmdPPM - ok 02:14:22.0577 14716 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 02:14:22.0593 14716 amdsata - ok 02:14:22.0640 14716 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 02:14:22.0655 14716 amdsbs - ok 02:14:22.0687 14716 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 02:14:22.0702 14716 amdxata - ok 02:14:22.0733 14716 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS 02:14:22.0796 14716 AmUStor - ok 02:14:22.0921 14716 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 02:14:22.0967 14716 AntiVirSchedulerService - ok 02:14:23.0014 14716 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 02:14:23.0030 14716 AntiVirService - ok 02:14:23.0061 14716 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 02:14:23.0326 14716 AppID - ok 02:14:23.0357 14716 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 02:14:23.0404 14716 AppIDSvc - ok 02:14:23.0467 14716 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 02:14:23.0529 14716 Appinfo - ok 02:14:23.0591 14716 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 02:14:23.0591 14716 arc - ok 02:14:23.0623 14716 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 02:14:23.0638 14716 arcsas - ok 02:14:23.0701 14716 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 02:14:23.0716 14716 ASLDRService - ok 02:14:23.0825 14716 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 02:14:23.0841 14716 aspnet_state - ok 02:14:23.0872 14716 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 02:14:23.0935 14716 AsyncMac - ok 02:14:23.0981 14716 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 02:14:24.0013 14716 atapi - ok 02:14:24.0106 14716 atksgt (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys 02:14:24.0137 14716 atksgt ( UnsignedFile.Multi.Generic ) - warning 02:14:24.0137 14716 atksgt - detected UnsignedFile.Multi.Generic (1) 02:14:24.0231 14716 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 02:14:24.0356 14716 AudioEndpointBuilder - ok 02:14:24.0356 14716 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 02:14:24.0387 14716 AudioSrv - ok 02:14:24.0449 14716 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 02:14:24.0465 14716 avgntflt - ok 02:14:24.0496 14716 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 02:14:24.0512 14716 avipbb - ok 02:14:24.0543 14716 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 02:14:24.0543 14716 avkmgr - ok 02:14:24.0590 14716 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 02:14:24.0730 14716 AxInstSV - ok 02:14:24.0793 14716 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 02:14:24.0871 14716 b06bdrv - ok 02:14:24.0949 14716 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 02:14:24.0980 14716 b57nd60a - ok 02:14:25.0058 14716 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 02:14:25.0120 14716 BDESVC - ok 02:14:25.0136 14716 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 02:14:25.0198 14716 Beep - ok 02:14:25.0307 14716 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 02:14:25.0401 14716 BFE - ok 02:14:25.0510 14716 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 02:14:25.0588 14716 BITS - ok 02:14:25.0635 14716 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 02:14:25.0697 14716 blbdrive - ok 02:14:25.0744 14716 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 02:14:25.0822 14716 bowser - ok 02:14:25.0869 14716 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 02:14:25.0900 14716 BrFiltLo - ok 02:14:25.0947 14716 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 02:14:25.0994 14716 BrFiltUp - ok 02:14:26.0041 14716 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 02:14:26.0087 14716 BridgeMP - ok 02:14:26.0134 14716 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 02:14:26.0228 14716 Browser - ok 02:14:26.0290 14716 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 02:14:26.0384 14716 Brserid - ok 02:14:26.0415 14716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 02:14:26.0462 14716 BrSerWdm - ok 02:14:26.0524 14716 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 02:14:26.0555 14716 BrUsbMdm - ok 02:14:26.0602 14716 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 02:14:26.0633 14716 BrUsbSer - ok 02:14:26.0680 14716 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 02:14:26.0789 14716 BthEnum - ok 02:14:26.0836 14716 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 02:14:26.0883 14716 BTHMODEM - ok 02:14:26.0945 14716 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 02:14:27.0023 14716 BthPan - ok 02:14:27.0117 14716 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 02:14:27.0148 14716 BTHPORT - ok 02:14:27.0211 14716 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 02:14:27.0273 14716 bthserv - ok 02:14:27.0304 14716 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 02:14:27.0335 14716 BTHUSB - ok 02:14:27.0382 14716 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 02:14:27.0476 14716 cdfs - ok 02:14:27.0538 14716 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 02:14:27.0585 14716 cdrom - ok 02:14:27.0632 14716 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 02:14:27.0741 14716 CertPropSvc - ok 02:14:27.0788 14716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 02:14:27.0835 14716 circlass - ok 02:14:27.0897 14716 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 02:14:27.0928 14716 CLFS - ok 02:14:28.0022 14716 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 02:14:28.0037 14716 clr_optimization_v2.0.50727_32 - ok 02:14:28.0100 14716 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 02:14:28.0115 14716 clr_optimization_v2.0.50727_64 - ok 02:14:28.0193 14716 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 02:14:28.0225 14716 clr_optimization_v4.0.30319_32 - ok 02:14:28.0287 14716 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 02:14:28.0303 14716 clr_optimization_v4.0.30319_64 - ok 02:14:28.0334 14716 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 02:14:28.0349 14716 clwvd - ok 02:14:28.0396 14716 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 02:14:28.0459 14716 CmBatt - ok 02:14:28.0490 14716 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 02:14:28.0521 14716 cmdide - ok 02:14:28.0599 14716 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 02:14:28.0630 14716 CNG - ok 02:14:28.0786 14716 CnxtHdAudService (e0b53d1fef69106b76c06a0d783916e8) C:\Windows\system32\drivers\CHDRT64.sys 02:14:28.0833 14716 CnxtHdAudService - ok 02:14:28.0958 14716 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 02:14:28.0989 14716 Compbatt - ok 02:14:29.0036 14716 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 02:14:29.0083 14716 CompositeBus - ok 02:14:29.0114 14716 COMSysApp - ok 02:14:29.0207 14716 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 02:14:29.0239 14716 crcdisk - ok 02:14:29.0285 14716 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 02:14:29.0363 14716 CryptSvc - ok 02:14:29.0551 14716 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 02:14:29.0582 14716 cvhsvc - ok 02:14:29.0629 14716 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe 02:14:29.0629 14716 CxAudMsg - ok 02:14:29.0707 14716 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 02:14:29.0831 14716 DcomLaunch - ok 02:14:29.0878 14716 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 02:14:29.0956 14716 defragsvc - ok 02:14:30.0019 14716 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 02:14:30.0097 14716 DfsC - ok 02:14:30.0206 14716 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 02:14:30.0284 14716 Dhcp - ok 02:14:30.0315 14716 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 02:14:30.0362 14716 discache - ok 02:14:30.0424 14716 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 02:14:30.0424 14716 Disk - ok 02:14:30.0471 14716 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 02:14:30.0533 14716 Dnscache - ok 02:14:30.0565 14716 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 02:14:30.0643 14716 dot3svc - ok 02:14:30.0689 14716 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 02:14:30.0814 14716 DPS - ok 02:14:30.0845 14716 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 02:14:30.0877 14716 drmkaud - ok 02:14:30.0955 14716 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 02:14:30.0970 14716 dtsoftbus01 - ok 02:14:31.0064 14716 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 02:14:31.0111 14716 DXGKrnl - ok 02:14:31.0157 14716 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 02:14:31.0204 14716 EapHost - ok 02:14:31.0423 14716 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 02:14:31.0610 14716 ebdrv - ok 02:14:31.0703 14716 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 02:14:31.0797 14716 EFS - ok 02:14:31.0906 14716 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 02:14:32.0015 14716 ehRecvr - ok 02:14:32.0062 14716 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 02:14:32.0109 14716 ehSched - ok 02:14:32.0203 14716 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 02:14:32.0234 14716 elxstor - ok 02:14:32.0249 14716 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 02:14:32.0296 14716 ErrDev - ok 02:14:32.0374 14716 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 02:14:32.0452 14716 EventSystem - ok 02:14:32.0655 14716 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 02:14:32.0702 14716 EvtEng - ok 02:14:32.0858 14716 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 02:14:32.0920 14716 exfat - ok 02:14:32.0951 14716 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 02:14:33.0014 14716 fastfat - ok 02:14:33.0107 14716 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 02:14:33.0185 14716 Fax - ok 02:14:33.0201 14716 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 02:14:33.0248 14716 fdc - ok 02:14:33.0279 14716 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 02:14:33.0341 14716 fdPHost - ok 02:14:33.0373 14716 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 02:14:33.0435 14716 FDResPub - ok 02:14:33.0466 14716 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 02:14:33.0482 14716 FileInfo - ok 02:14:33.0497 14716 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 02:14:33.0544 14716 Filetrace - ok 02:14:33.0575 14716 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 02:14:33.0607 14716 flpydisk - ok 02:14:33.0653 14716 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 02:14:33.0669 14716 FltMgr - ok 02:14:33.0794 14716 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 02:14:33.0903 14716 FontCache - ok 02:14:33.0997 14716 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 02:14:34.0012 14716 FontCache3.0.0.0 - ok 02:14:34.0059 14716 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 02:14:34.0090 14716 FsDepends - ok 02:14:34.0137 14716 fspad_wlh64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\DRIVERS\fspad_wlh64.sys 02:14:34.0184 14716 fspad_wlh64 - ok 02:14:34.0215 14716 fspad_xp64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\drivers\fspad_xp64.sys 02:14:34.0246 14716 fspad_xp64 - ok 02:14:34.0277 14716 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 02:14:34.0277 14716 Fs_Rec - ok 02:14:34.0340 14716 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 02:14:34.0371 14716 fvevol - ok 02:14:34.0418 14716 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 02:14:34.0433 14716 gagp30kx - ok 02:14:34.0543 14716 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 02:14:34.0558 14716 GFNEXSrv - ok 02:14:34.0636 14716 GGSAFERDriver - ok 02:14:34.0730 14716 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 02:14:34.0808 14716 gpsvc - ok 02:14:34.0839 14716 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 02:14:34.0901 14716 hcw85cir - ok 02:14:35.0026 14716 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 02:14:35.0089 14716 HdAudAddService - ok 02:14:35.0213 14716 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 02:14:35.0245 14716 HDAudBus - ok 02:14:35.0291 14716 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 02:14:35.0338 14716 HidBatt - ok 02:14:35.0369 14716 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 02:14:35.0432 14716 HidBth - ok 02:14:35.0447 14716 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 02:14:35.0479 14716 HidIr - ok 02:14:35.0510 14716 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 02:14:35.0557 14716 hidserv - ok 02:14:35.0588 14716 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 02:14:35.0603 14716 HidUsb - ok 02:14:35.0635 14716 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 02:14:35.0681 14716 hkmsvc - ok 02:14:35.0744 14716 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 02:14:35.0806 14716 HomeGroupListener - ok 02:14:35.0853 14716 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 02:14:35.0900 14716 HomeGroupProvider - ok 02:14:35.0947 14716 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 02:14:35.0962 14716 HpSAMD - ok 02:14:36.0040 14716 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 02:14:36.0149 14716 HTTP - ok 02:14:36.0181 14716 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 02:14:36.0196 14716 hwpolicy - ok 02:14:36.0227 14716 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 02:14:36.0227 14716 i8042prt - ok 02:14:36.0305 14716 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 02:14:36.0321 14716 iaStor - ok 02:14:36.0446 14716 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 02:14:36.0508 14716 IAStorDataMgrSvc - ok 02:14:36.0586 14716 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 02:14:36.0633 14716 iaStorV - ok 02:14:36.0773 14716 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 02:14:36.0820 14716 idsvc - ok 02:14:37.0678 14716 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys 02:14:38.0068 14716 igfx - ok 02:14:38.0209 14716 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 02:14:38.0224 14716 iirsp - ok 02:14:38.0318 14716 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 02:14:38.0380 14716 IKEEXT - ok 02:14:38.0458 14716 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 02:14:38.0474 14716 IntcDAud - ok 02:14:38.0489 14716 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 02:14:38.0505 14716 intelide - ok 02:14:38.0552 14716 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 02:14:38.0567 14716 intelppm - ok 02:14:38.0614 14716 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 02:14:38.0692 14716 IPBusEnum - ok 02:14:38.0723 14716 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 02:14:38.0770 14716 IpFilterDriver - ok 02:14:38.0817 14716 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 02:14:38.0848 14716 IPMIDRV - ok 02:14:38.0895 14716 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 02:14:38.0942 14716 IPNAT - ok 02:14:38.0957 14716 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 02:14:39.0004 14716 IRENUM - ok 02:14:39.0035 14716 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 02:14:39.0051 14716 isapnp - ok 02:14:39.0098 14716 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 02:14:39.0113 14716 iScsiPrt - ok 02:14:39.0207 14716 ISWKL (1152f8beb568f2f72f1c5c32a1f4e529) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 02:14:39.0223 14716 ISWKL - ok 02:14:39.0347 14716 IswSvc (ef46ef3a790c42bba9b5afa2586448db) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe 02:14:39.0379 14716 IswSvc - ok 02:14:39.0425 14716 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 02:14:39.0425 14716 kbdclass - ok 02:14:39.0457 14716 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 02:14:39.0488 14716 kbdhid - ok 02:14:39.0535 14716 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 02:14:39.0535 14716 KeyIso - ok 02:14:39.0581 14716 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 02:14:39.0613 14716 KSecDD - ok 02:14:39.0628 14716 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 02:14:39.0644 14716 KSecPkg - ok 02:14:39.0691 14716 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 02:14:39.0753 14716 ksthunk - ok 02:14:39.0815 14716 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 02:14:39.0925 14716 KtmRm - ok 02:14:39.0971 14716 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys 02:14:39.0971 14716 L1C - ok 02:14:40.0049 14716 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 02:14:40.0143 14716 LanmanServer - ok 02:14:40.0174 14716 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 02:14:40.0237 14716 LanmanWorkstation - ok 02:14:40.0299 14716 lirsgt (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys 02:14:40.0346 14716 lirsgt ( UnsignedFile.Multi.Generic ) - warning 02:14:40.0346 14716 lirsgt - detected UnsignedFile.Multi.Generic (1) 02:14:40.0393 14716 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 02:14:40.0455 14716 lltdio - ok 02:14:40.0517 14716 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 02:14:40.0564 14716 lltdsvc - ok 02:14:40.0595 14716 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 02:14:40.0642 14716 lmhosts - ok 02:14:40.0689 14716 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 02:14:40.0720 14716 LSI_FC - ok 02:14:40.0751 14716 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 02:14:40.0751 14716 LSI_SAS - ok 02:14:40.0783 14716 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 02:14:40.0798 14716 LSI_SAS2 - ok 02:14:40.0829 14716 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 02:14:40.0829 14716 LSI_SCSI - ok 02:14:40.0861 14716 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 02:14:40.0923 14716 luafv - ok 02:14:40.0970 14716 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 02:14:41.0001 14716 Mcx2Svc - ok 02:14:41.0157 14716 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 02:14:41.0173 14716 MDM - ok 02:14:41.0375 14716 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 02:14:41.0407 14716 megasas - ok 02:14:41.0453 14716 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 02:14:41.0485 14716 MegaSR - ok 02:14:41.0516 14716 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 02:14:41.0563 14716 MMCSS - ok 02:14:41.0594 14716 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 02:14:41.0641 14716 Modem - ok 02:14:41.0687 14716 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 02:14:41.0734 14716 monitor - ok 02:14:41.0781 14716 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 02:14:41.0797 14716 mouclass - ok 02:14:41.0828 14716 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 02:14:41.0859 14716 mouhid - ok 02:14:41.0906 14716 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 02:14:41.0906 14716 mountmgr - ok 02:14:41.0968 14716 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 02:14:41.0999 14716 MozillaMaintenance - ok 02:14:42.0031 14716 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 02:14:42.0046 14716 mpio - ok 02:14:42.0077 14716 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 02:14:42.0124 14716 mpsdrv - ok 02:14:42.0140 14716 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 02:14:42.0171 14716 MRxDAV - ok 02:14:42.0249 14716 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 02:14:42.0358 14716 mrxsmb - ok 02:14:42.0405 14716 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 02:14:42.0483 14716 mrxsmb10 - ok 02:14:42.0514 14716 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 02:14:42.0561 14716 mrxsmb20 - ok 02:14:42.0608 14716 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 02:14:42.0623 14716 msahci - ok 02:14:42.0655 14716 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 02:14:42.0670 14716 msdsm - ok 02:14:42.0701 14716 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 02:14:42.0748 14716 MSDTC - ok 02:14:42.0779 14716 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 02:14:42.0857 14716 Msfs - ok 02:14:42.0904 14716 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 02:14:42.0951 14716 mshidkmdf - ok 02:14:42.0982 14716 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 02:14:42.0982 14716 msisadrv - ok 02:14:43.0045 14716 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 02:14:43.0138 14716 MSiSCSI - ok 02:14:43.0138 14716 msiserver - ok 02:14:43.0185 14716 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 02:14:43.0247 14716 MSKSSRV - ok 02:14:43.0263 14716 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 02:14:43.0310 14716 MSPCLOCK - ok 02:14:43.0341 14716 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 02:14:43.0388 14716 MSPQM - ok 02:14:43.0450 14716 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 02:14:43.0466 14716 MsRPC - ok 02:14:43.0481 14716 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 02:14:43.0497 14716 mssmbios - ok 02:14:43.0528 14716 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 02:14:43.0591 14716 MSTEE - ok 02:14:43.0637 14716 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 02:14:43.0669 14716 MTConfig - ok 02:14:43.0700 14716 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 02:14:43.0715 14716 Mup - ok 02:14:43.0825 14716 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 02:14:43.0840 14716 MyWiFiDHCPDNS - ok 02:14:43.0887 14716 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 02:14:43.0949 14716 napagent - ok 02:14:43.0996 14716 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 02:14:44.0027 14716 NativeWifiP - ok 02:14:44.0152 14716 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 02:14:44.0183 14716 NDIS - ok 02:14:44.0199 14716 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 02:14:44.0277 14716 NdisCap - ok 02:14:44.0324 14716 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 02:14:44.0371 14716 NdisTapi - ok 02:14:44.0402 14716 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 02:14:44.0449 14716 Ndisuio - ok 02:14:44.0480 14716 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 02:14:44.0542 14716 NdisWan - ok 02:14:44.0573 14716 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 02:14:44.0620 14716 NDProxy - ok 02:14:44.0667 14716 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 02:14:44.0729 14716 NetBIOS - ok 02:14:44.0776 14716 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 02:14:44.0854 14716 NetBT - ok 02:14:44.0901 14716 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 02:14:44.0917 14716 Netlogon - ok 02:14:44.0979 14716 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 02:14:45.0041 14716 Netman - ok 02:14:45.0197 14716 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:14:45.0260 14716 NetMsmqActivator - ok 02:14:45.0275 14716 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:14:45.0291 14716 NetPipeActivator - ok 02:14:45.0338 14716 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 02:14:45.0416 14716 netprofm - ok 02:14:45.0431 14716 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:14:45.0447 14716 NetTcpActivator - ok 02:14:45.0447 14716 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:14:45.0463 14716 NetTcpPortSharing - ok 02:14:46.0040 14716 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 02:14:46.0352 14716 NETwNs64 - ok 02:14:46.0477 14716 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 02:14:46.0508 14716 nfrd960 - ok 02:14:46.0570 14716 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 02:14:46.0648 14716 NlaSvc - ok 02:14:46.0679 14716 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 02:14:46.0711 14716 Npfs - ok 02:14:46.0742 14716 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 02:14:46.0789 14716 nsi - ok 02:14:46.0804 14716 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 02:14:46.0882 14716 nsiproxy - ok 02:14:47.0023 14716 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 02:14:47.0069 14716 Ntfs - ok 02:14:47.0225 14716 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 02:14:47.0303 14716 Null - ok 02:14:47.0366 14716 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 02:14:47.0428 14716 nusb3hub - ok 02:14:47.0475 14716 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 02:14:47.0553 14716 nusb3xhc - ok 02:14:48.0302 14716 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys 02:14:48.0645 14716 nvlddmkm - ok 02:14:48.0801 14716 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys 02:14:48.0817 14716 nvpciflt - ok 02:14:48.0863 14716 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 02:14:48.0895 14716 nvraid - ok 02:14:48.0910 14716 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 02:14:48.0926 14716 nvstor - ok 02:14:49.0082 14716 NVSvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe 02:14:49.0144 14716 NVSvc - ok 02:14:49.0409 14716 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 02:14:49.0472 14716 nvUpdatusService - ok 02:14:49.0581 14716 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 02:14:49.0612 14716 nv_agp - ok 02:14:49.0643 14716 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 02:14:49.0675 14716 ohci1394 - ok 02:14:49.0831 14716 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 02:14:49.0846 14716 ose - ok 02:14:50.0252 14716 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 02:14:50.0408 14716 osppsvc - ok 02:14:50.0564 14716 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 02:14:50.0626 14716 p2pimsvc - ok 02:14:50.0673 14716 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 02:14:50.0720 14716 p2psvc - ok 02:14:50.0798 14716 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 02:14:50.0860 14716 Parport - ok 02:14:50.0891 14716 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 02:14:50.0907 14716 partmgr - ok 02:14:50.0954 14716 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 02:14:51.0001 14716 PcaSvc - ok 02:14:51.0047 14716 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 02:14:51.0063 14716 pci - ok 02:14:51.0079 14716 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 02:14:51.0094 14716 pciide - ok 02:14:51.0141 14716 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 02:14:51.0157 14716 pcmcia - ok 02:14:51.0172 14716 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 02:14:51.0188 14716 pcw - ok 02:14:51.0250 14716 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 02:14:51.0313 14716 PEAUTH - ok 02:14:51.0422 14716 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys 02:14:51.0422 14716 PEGAGFN - ok 02:14:51.0531 14716 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 02:14:51.0593 14716 PerfHost - ok 02:14:51.0796 14716 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 02:14:51.0890 14716 pla - ok 02:14:51.0952 14716 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 02:14:52.0015 14716 PlugPlay - ok 02:14:52.0046 14716 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 02:14:52.0077 14716 PNRPAutoReg - ok 02:14:52.0124 14716 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 02:14:52.0155 14716 PNRPsvc - ok 02:14:52.0202 14716 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 02:14:52.0264 14716 PolicyAgent - ok 02:14:52.0311 14716 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 02:14:52.0389 14716 Power - ok 02:14:52.0467 14716 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 02:14:52.0529 14716 PptpMiniport - ok 02:14:52.0561 14716 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 02:14:52.0592 14716 Processor - ok 02:14:52.0639 14716 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 02:14:52.0670 14716 ProfSvc - ok 02:14:52.0685 14716 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 02:14:52.0701 14716 ProtectedStorage - ok 02:14:52.0748 14716 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 02:14:52.0810 14716 Psched - ok 02:14:52.0935 14716 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 02:14:52.0982 14716 ql2300 - ok 02:14:53.0122 14716 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 02:14:53.0169 14716 ql40xx - ok 02:14:53.0200 14716 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 02:14:53.0231 14716 QWAVE - ok 02:14:53.0263 14716 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 02:14:53.0294 14716 QWAVEdrv - ok 02:14:53.0325 14716 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 02:14:53.0372 14716 RasAcd - ok 02:14:53.0419 14716 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 02:14:53.0465 14716 RasAgileVpn - ok 02:14:53.0497 14716 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 02:14:53.0543 14716 RasAuto - ok 02:14:53.0590 14716 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 02:14:53.0653 14716 Rasl2tp - ok 02:14:53.0746 14716 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 02:14:53.0840 14716 RasMan - ok 02:14:53.0887 14716 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 02:14:53.0949 14716 RasPppoe - ok 02:14:53.0980 14716 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 02:14:54.0027 14716 RasSstp - ok 02:14:54.0074 14716 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 02:14:54.0121 14716 rdbss - ok 02:14:54.0152 14716 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 02:14:54.0183 14716 rdpbus - ok 02:14:54.0214 14716 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 02:14:54.0261 14716 RDPCDD - ok 02:14:54.0292 14716 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 02:14:54.0323 14716 RDPENCDD - ok 02:14:54.0355 14716 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 02:14:54.0386 14716 RDPREFMP - ok 02:14:54.0433 14716 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 02:14:54.0526 14716 RDPWD - ok 02:14:54.0589 14716 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 02:14:54.0604 14716 rdyboost - ok 02:14:54.0745 14716 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 02:14:54.0791 14716 RegSrvc - ok 02:14:54.0823 14716 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 02:14:54.0869 14716 RemoteAccess - ok 02:14:54.0932 14716 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 02:14:54.0994 14716 RemoteRegistry - ok 02:14:55.0119 14716 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 02:14:55.0166 14716 RFCOMM - ok 02:14:55.0197 14716 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 02:14:55.0291 14716 RpcEptMapper - ok 02:14:55.0322 14716 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 02:14:55.0353 14716 RpcLocator - ok 02:14:55.0431 14716 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 02:14:55.0478 14716 RpcSs - ok 02:14:55.0525 14716 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 02:14:55.0571 14716 rspndr - ok 02:14:55.0634 14716 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 02:14:55.0665 14716 RTL8167 - ok 02:14:55.0774 14716 RTL8192su (4629c5c4772d223b0ecd1ea8ba7a2a33) C:\Windows\system32\DRIVERS\RTL8192su.sys 02:14:55.0790 14716 RTL8192su - ok 02:14:55.0821 14716 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 02:14:55.0837 14716 SamSs - ok 02:14:55.0868 14716 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 02:14:55.0868 14716 sbp2port - ok 02:14:55.0915 14716 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 02:14:55.0977 14716 SCardSvr - ok 02:14:55.0993 14716 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 02:14:56.0039 14716 scfilter - ok 02:14:56.0149 14716 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 02:14:56.0211 14716 Schedule - ok 02:14:56.0227 14716 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 02:14:56.0258 14716 SCPolicySvc - ok 02:14:56.0289 14716 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 02:14:56.0336 14716 SDRSVC - ok 02:14:56.0398 14716 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 02:14:56.0461 14716 secdrv - ok 02:14:56.0492 14716 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 02:14:56.0523 14716 seclogon - ok 02:14:56.0554 14716 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 02:14:56.0601 14716 SENS - ok 02:14:56.0632 14716 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 02:14:56.0695 14716 SensrSvc - ok 02:14:56.0726 14716 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 02:14:56.0757 14716 Serenum - ok 02:14:56.0804 14716 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 02:14:56.0835 14716 Serial - ok 02:14:56.0882 14716 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 02:14:56.0913 14716 sermouse - ok 02:14:56.0944 14716 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 02:14:57.0007 14716 SessionEnv - ok 02:14:57.0038 14716 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 02:14:57.0069 14716 sffdisk - ok 02:14:57.0100 14716 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 02:14:57.0131 14716 sffp_mmc - ok 02:14:57.0147 14716 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 02:14:57.0163 14716 sffp_sd - ok 02:14:57.0194 14716 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 02:14:57.0225 14716 sfloppy - ok 02:14:57.0334 14716 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 02:14:57.0397 14716 Sftfs - ok 02:14:57.0553 14716 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 02:14:57.0584 14716 sftlist - ok 02:14:57.0646 14716 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 02:14:57.0662 14716 Sftplay - ok 02:14:57.0677 14716 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 02:14:57.0693 14716 Sftredir - ok 02:14:57.0724 14716 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 02:14:57.0724 14716 Sftvol - ok 02:14:57.0771 14716 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 02:14:57.0787 14716 sftvsa - ok 02:14:57.0849 14716 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 02:14:57.0896 14716 ShellHWDetection - ok 02:14:57.0958 14716 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 02:14:57.0974 14716 SiSRaid2 - ok 02:14:58.0005 14716 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 02:14:58.0021 14716 SiSRaid4 - ok 02:14:58.0301 14716 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 02:14:58.0348 14716 Skype C2C Service - ok 02:14:58.0473 14716 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe 02:14:58.0504 14716 SkypeUpdate - ok 02:14:58.0629 14716 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 02:14:58.0691 14716 Smb - ok 02:14:58.0723 14716 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 02:14:58.0754 14716 SNMPTRAP - ok 02:14:58.0785 14716 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 02:14:58.0801 14716 spldr - ok 02:14:58.0863 14716 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 02:14:58.0910 14716 Spooler - ok 02:14:59.0159 14716 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 02:14:59.0253 14716 sppsvc - ok 02:14:59.0378 14716 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 02:14:59.0440 14716 sppuinotify - ok 02:14:59.0534 14716 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 02:14:59.0612 14716 srv - ok 02:14:59.0659 14716 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 02:14:59.0674 14716 srv2 - ok 02:14:59.0721 14716 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 02:14:59.0752 14716 srvnet - ok 02:14:59.0799 14716 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 02:14:59.0861 14716 SSDPSRV - ok 02:14:59.0877 14716 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 02:14:59.0939 14716 SstpSvc - ok 02:15:00.0033 14716 Steam Client Service - ok 02:15:00.0142 14716 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 02:15:00.0158 14716 Stereo Service - ok 02:15:00.0189 14716 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 02:15:00.0189 14716 stexstor - ok 02:15:00.0267 14716 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 02:15:00.0314 14716 stisvc - ok 02:15:00.0345 14716 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 02:15:00.0345 14716 swenum - ok 02:15:00.0407 14716 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 02:15:00.0470 14716 swprv - ok 02:15:00.0641 14716 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 02:15:00.0735 14716 SysMain - ok 02:15:00.0860 14716 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 02:15:00.0907 14716 TabletInputService - ok 02:15:00.0938 14716 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 02:15:01.0016 14716 TapiSrv - ok 02:15:01.0047 14716 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 02:15:01.0094 14716 TBS - ok 02:15:01.0250 14716 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 02:15:01.0312 14716 Tcpip - ok 02:15:01.0593 14716 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 02:15:01.0640 14716 TCPIP6 - ok 02:15:01.0749 14716 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 02:15:01.0811 14716 tcpipreg - ok 02:15:01.0843 14716 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 02:15:01.0905 14716 TDPIPE - ok 02:15:01.0936 14716 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 02:15:01.0967 14716 TDTCP - ok 02:15:01.0999 14716 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 02:15:02.0077 14716 tdx - ok 02:15:02.0389 14716 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 02:15:02.0451 14716 TeamViewer7 - ok 02:15:02.0591 14716 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys 02:15:02.0623 14716 teamviewervpn - ok 02:15:02.0638 14716 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 02:15:02.0669 14716 TermDD - ok 02:15:02.0747 14716 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 02:15:02.0810 14716 TermService - ok 02:15:02.0841 14716 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 02:15:02.0857 14716 Themes - ok 02:15:02.0888 14716 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 02:15:02.0903 14716 THREADORDER - ok 02:15:02.0950 14716 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 02:15:02.0997 14716 TrkWks - ok 02:15:03.0075 14716 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 02:15:03.0153 14716 TrustedInstaller - ok 02:15:03.0184 14716 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 02:15:03.0247 14716 tssecsrv - ok 02:15:03.0293 14716 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 02:15:03.0340 14716 TsUsbFlt - ok 02:15:03.0356 14716 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 02:15:03.0387 14716 TsUsbGD - ok 02:15:03.0465 14716 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 02:15:03.0512 14716 tunnel - ok 02:15:03.0527 14716 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 02:15:03.0543 14716 uagp35 - ok 02:15:03.0590 14716 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 02:15:03.0637 14716 udfs - ok 02:15:03.0668 14716 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 02:15:03.0699 14716 UI0Detect - ok 02:15:03.0746 14716 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 02:15:03.0761 14716 uliagpkx - ok 02:15:03.0793 14716 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 02:15:03.0839 14716 umbus - ok 02:15:03.0871 14716 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 02:15:03.0917 14716 UmPass - ok 02:15:03.0980 14716 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 02:15:04.0042 14716 upnphost - ok 02:15:04.0105 14716 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 02:15:04.0120 14716 usbaudio - ok 02:15:04.0151 14716 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 02:15:04.0198 14716 usbccgp - ok 02:15:04.0229 14716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 02:15:04.0276 14716 usbcir - ok 02:15:04.0307 14716 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 02:15:04.0354 14716 usbehci - ok 02:15:04.0417 14716 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 02:15:04.0463 14716 usbhub - ok 02:15:04.0495 14716 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 02:15:04.0541 14716 usbohci - ok 02:15:04.0573 14716 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 02:15:04.0619 14716 usbprint - ok 02:15:04.0651 14716 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 02:15:04.0729 14716 USBSTOR - ok 02:15:04.0760 14716 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 02:15:04.0791 14716 usbuhci - ok 02:15:04.0853 14716 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 02:15:04.0916 14716 usbvideo - ok 02:15:04.0947 14716 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 02:15:04.0994 14716 UxSms - ok 02:15:05.0025 14716 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 02:15:05.0056 14716 VaultSvc - ok 02:15:05.0103 14716 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 02:15:05.0119 14716 vdrvroot - ok 02:15:05.0197 14716 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 02:15:05.0259 14716 vds - ok 02:15:05.0290 14716 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 02:15:05.0306 14716 vga - ok 02:15:05.0321 14716 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 02:15:05.0353 14716 VgaSave - ok 02:15:05.0384 14716 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 02:15:05.0399 14716 vhdmp - ok 02:15:05.0415 14716 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 02:15:05.0431 14716 viaide - ok 02:15:05.0462 14716 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 02:15:05.0462 14716 volmgr - ok 02:15:05.0524 14716 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 02:15:05.0555 14716 volmgrx - ok 02:15:05.0602 14716 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 02:15:05.0618 14716 volsnap - ok 02:15:05.0680 14716 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys 02:15:05.0711 14716 Vsdatant - ok 02:15:05.0805 14716 vsmon - ok 02:15:05.0852 14716 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 02:15:05.0867 14716 vsmraid - ok 02:15:06.0008 14716 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 02:15:06.0086 14716 VSS - ok 02:15:06.0211 14716 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 02:15:06.0273 14716 vwifibus - ok 02:15:06.0320 14716 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 02:15:06.0367 14716 vwififlt - ok 02:15:06.0398 14716 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 02:15:06.0429 14716 vwifimp - ok 02:15:06.0491 14716 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 02:15:06.0538 14716 W32Time - ok 02:15:06.0569 14716 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 02:15:06.0585 14716 WacomPen - ok 02:15:06.0616 14716 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 02:15:06.0663 14716 WANARP - ok 02:15:06.0679 14716 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 02:15:06.0710 14716 Wanarpv6 - ok 02:15:06.0850 14716 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 02:15:06.0897 14716 WatAdminSvc - ok 02:15:07.0022 14716 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 02:15:07.0100 14716 wbengine - ok 02:15:07.0209 14716 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 02:15:07.0271 14716 WbioSrvc - ok 02:15:07.0318 14716 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 02:15:07.0349 14716 wcncsvc - ok 02:15:07.0381 14716 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 02:15:07.0459 14716 WcsPlugInService - ok 02:15:07.0505 14716 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 02:15:07.0521 14716 Wd - ok 02:15:07.0583 14716 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 02:15:07.0615 14716 Wdf01000 - ok 02:15:07.0630 14716 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 02:15:07.0739 14716 WdiServiceHost - ok 02:15:07.0739 14716 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 02:15:07.0771 14716 WdiSystemHost - ok 02:15:07.0802 14716 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 02:15:07.0849 14716 WebClient - ok 02:15:07.0880 14716 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 02:15:07.0973 14716 Wecsvc - ok 02:15:08.0005 14716 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 02:15:08.0051 14716 wercplsupport - ok 02:15:08.0098 14716 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 02:15:08.0176 14716 WerSvc - ok 02:15:08.0239 14716 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 02:15:08.0317 14716 WfpLwf - ok 02:15:08.0332 14716 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 02:15:08.0348 14716 WIMMount - ok 02:15:08.0348 14716 WinHttpAutoProxySvc - ok 02:15:08.0426 14716 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 02:15:08.0519 14716 Winmgmt - ok 02:15:08.0675 14716 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 02:15:08.0753 14716 WinRM - ok 02:15:08.0925 14716 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 02:15:08.0987 14716 Wlansvc - ok 02:15:09.0097 14716 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 02:15:09.0128 14716 wlcrasvc - ok 02:15:09.0331 14716 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 02:15:09.0409 14716 wlidsvc - ok 02:15:09.0534 14716 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 02:15:09.0596 14716 WmiAcpi - ok 02:15:09.0690 14716 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 02:15:09.0736 14716 wmiApSrv - ok 02:15:09.0814 14716 WMPNetworkSvc - ok 02:15:09.0861 14716 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 02:15:09.0908 14716 WPCSvc - ok 02:15:09.0924 14716 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 02:15:09.0955 14716 WPDBusEnum - ok 02:15:09.0970 14716 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 02:15:10.0033 14716 ws2ifsl - ok 02:15:10.0033 14716 WSearch - ok 02:15:10.0095 14716 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys 02:15:10.0095 14716 wsvd - ok 02:15:10.0298 14716 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 02:15:10.0392 14716 wuauserv - ok 02:15:10.0516 14716 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 02:15:10.0610 14716 WudfPf - ok 02:15:10.0657 14716 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 02:15:10.0735 14716 WUDFRd - ok 02:15:10.0766 14716 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 02:15:10.0797 14716 wudfsvc - ok 02:15:10.0828 14716 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 02:15:10.0860 14716 WwanSvc - ok 02:15:11.0062 14716 XPrint-Client-Service (83326d0dd0615d03aeb42131c624e3f3) C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe 02:15:11.0094 14716 XPrint-Client-Service ( UnsignedFile.Multi.Generic ) - warning 02:15:11.0094 14716 XPrint-Client-Service - detected UnsignedFile.Multi.Generic (1) 02:15:11.0156 14716 MBR (0x1B8) (af7e2860d7c52a307fc27eecf18f08df) \Device\Harddisk0\DR0 02:15:13.0200 14716 \Device\Harddisk0\DR0 - ok 02:15:13.0215 14716 Boot (0x1200) (8af0380f1f1ceee2fec372c9e8961a00) \Device\Harddisk0\DR0\Partition0 02:15:13.0215 14716 \Device\Harddisk0\DR0\Partition0 - ok 02:15:13.0246 14716 Boot (0x1200) (e7dac6cebb8dd616e59820ae8b2948bb) \Device\Harddisk0\DR0\Partition1 02:15:13.0262 14716 \Device\Harddisk0\DR0\Partition1 - ok 02:15:13.0293 14716 Boot (0x1200) (26d7c8ff6c0fb1b0f43508d6a5f185e9) \Device\Harddisk0\DR0\Partition2 02:15:13.0293 14716 \Device\Harddisk0\DR0\Partition2 - ok 02:15:13.0293 14716 ============================================================ 02:15:13.0293 14716 Scan finished 02:15:13.0293 14716 ============================================================ 02:15:13.0293 15108 Detected object count: 3 02:15:13.0293 15108 Actual detected object count: 3 02:17:05.0239 15108 C:\Windows\system32\DRIVERS\atksgt.sys - copied to quarantine 02:17:05.0239 15108 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 02:17:05.0270 15108 C:\Windows\system32\DRIVERS\lirsgt.sys - copied to quarantine 02:17:05.0270 15108 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 02:17:05.0473 15108 C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe - copied to quarantine 02:17:05.0473 15108 XPrint-Client-Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine tdssKiller befunde erst mal in Quarantäne verschoben. Was kommt nun? |
|
03.08.2012, 08:08
| #5 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe Hi, das was der Killer gefunden hat, sind nicht signierte Dateien, das kommt sehr oft vor. Bitte an die Anweisungen halten, die hättest Du nicht verschieben lassen sollen (aber wenn der Rechner noch läuft ,o)... So, Du hast einen Rootkit und noch ein paar nette Sachen auf dem Rechner, ich hoffe OTL kommt damit zurecht... In den abgesicherten Modus booten (F8 beim Booten), dann das Script wie folgt ausführen: OTL:
 Code:
ATTFilter
:OTL
PRC - C:\Users\SURATA~1\AppData\Local\Temp\220509987.exe (Akasa)
O4 - HKCU..\Run: [lapqeteazore] C:\Users\Suratarius\lapqeteazore.exe (Akasa)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.08.03 00:25:36 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\#ISW.FS#
[2012.08.01 15:50:45 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@
[2012.08.01 15:46:29 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@
:Commands
[purity]
[emptytemp]
[Reboot]
Der Rechner sollte neu booten, wenn nicht, selber booten, dann (wieder im abgesicherten Modus) ComboFix: Combofix Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop. Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß! Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter. Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird. Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden... Erstelle und poste dann auch noch ein neues OTL-Log... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
04.08.2012, 01:03
| #6 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe Hiho, hier der OTL log: All processes killed ========== OTL ========== No active process named 220509987.exe was found! Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\lapqeteazore deleted successfully. C:\Users\Suratarius\lapqeteazore.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. C:\Users\Suratarius\AppData\Roaming\#ISW.FS# folder moved successfully. C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@ moved successfully. C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@ moved successfully. C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ moved successfully. C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56468 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Suratarius ->Temp folder emptied: 194286944 bytes ->Temporary Internet Files folder emptied: 570104133 bytes ->Java cache emptied: 139200 bytes ->FireFox cache emptied: 348216159 bytes ->Flash cache emptied: 137821 bytes User: UpdatusUser ->Temp folder emptied: 1119016 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56468 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 486930970 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes RecycleBin emptied: 28757891 bytes Total Files Cleaned = 1.554,00 mb OTL by OldTimer - Version 3.2.55.0 log created on 08042012_014622 Files\Folders moved on Reboot... File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=1QM9HK30XG2056CQHEZS[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\b8c480c89bb44beac6e7e9b29558468;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=18NBH49QJPNWA41EH581[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[10].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[9].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\584ad4a460a70ac5c94;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=09X34TAA0G717773TQCR;vegas=nav[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\712410d5bdf447dac4d4a7ad3e3ec14;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=18NBH49QJPNWA41EH581[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\9fbada38ff451f6c216;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=18NBH49QJPNWA41EH581;vegas=nav[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\07682bf0cb05b7a503d;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=1QM9HK30XG2056CQHEZS;vegas=nav[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=1QM9HK30XG2056CQHEZS[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=09X34TAA0G717773TQCR[1].js not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=09X34TAA0G717773TQCR[1].js not found! C:\Users\Suratarius\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\Suratarius\AppData\Local\Temp\~DF52989E33F6FF1E41.TMP not found! File\Folder C:\Users\Suratarius\AppData\Local\Temp\~WRD0001.doc not found! File\Folder C:\Users\Suratarius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS0000.tmp not found! PendingFileRenameOperations files... File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=1QM9HK30XG2056CQHEZS[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\b8c480c89bb44beac6e7e9b29558468;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=18NBH49QJPNWA41EH581[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[10].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[9].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\584ad4a460a70ac5c94;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=09X34TAA0G717773TQCR;vegas=nav[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\712410d5bdf447dac4d4a7ad3e3ec14;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=18NBH49QJPNWA41EH581[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\9fbada38ff451f6c216;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=18NBH49QJPNWA41EH581;vegas=nav[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\07682bf0cb05b7a503d;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=1QM9HK30XG2056CQHEZS;vegas=nav[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=1QM9HK30XG2056CQHEZS[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=09X34TAA0G717773TQCR[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=09X34TAA0G717773TQCR[1].js not found! File C:\Users\Suratarius\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! File C:\Users\Suratarius\AppData\Local\Temp\~DF52989E33F6FF1E41.TMP not found! File C:\Users\Suratarius\AppData\Local\Temp\~WRD0001.doc not found! File C:\Users\Suratarius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS0000.tmp not found! Registry entries deleted on Reboot... lief etwas anders als du es mir beschrieben hast (ich versuche mal möglichst kurz zu beschreiben was bei mir ablief): OTL nach Anweisung im Abgesicherten Modus ausgeführt (keine Möglichkeit den Log zu speichern da direkt die Nachricht des Neustarts kam). Neustart wieder im abgesicherten Modus. ComboFix gestartet. Hatte keine Möglichkeit die 1 auszuwählen, Programm hat direkt den Durchlauf gestartet. Während des Durchlaufs gab es mehrfach die Info dass auf bestimmte Datein nicht zugegriffen werden kann(Durchlauf dauerte nichtmal 3 Minuten). Nach dem Durchlauf kam die Info, dass ComboFix nur für Windows 2000/XP sei. Neustart des Rechner (normaler Modus), nach dem Start kam der oben gepostete log von OTL. Hab ich was falsch gemacht? Wie geht es weiter? Zusätzliche Frage: Wenn Zonealarm läut hab ich keine Verbindung mehr zum Internet, kann es daran liegen, dass ich die paar Datein in die Quarantäne verschoben habe? Lohnt es sich die Datein da wieder raus zu holen? Geändert von Suratarius (04.08.2012 um 01:13 Uhr) |
|
04.08.2012, 18:38
| #7 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe Hi, nein, CF ist auch für win7... Poste ein neues OTL-Log, es ist sehr ungewöhnlich, das CF einfach so startet... Lade Dir Farbar Service Scanner (http://download.bleepingcomputer.com/farbar/FSS.exe runter, starte ihn und wähle folgende Optionen aus:
Starte durch "Scan". Das Logfile (FSS.txt) wird in dem Arbeitsverzeichnis erstellt. Log hier posten chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
07.08.2012, 14:45
| #8 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe hiho, bin im Urlaub und habe leider doch kein Internet. Wenn es ok ist, geht es mit dem lappi ab Montag weiter. mfg Suratarius |
|
08.08.2012, 06:27
| #9 |
| | TR/ATRAPS.Gen2 / Lapqeteazore.exe Hi, Ok, Melde Dich dann wieder... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
| Themen zu TR/ATRAPS.Gen2 / Lapqeteazore.exe |
| 64bit, datei, dreck, erklärt, erstell, erstellt, externe, externen, heute, häufiger, intel, lapqeteazore, löschen, namens, nicht löschen, ordner, persönliche, platte, schei, sichere, sicheren, störenfried, tr/atraps.gen, tr/atraps.gen2, windows, woche, zonealarm |
Linear-Darstellung
