| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Artemis vir & troj und andere maleware die ich nicht loswerdeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.10.2012, 09:39
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Artemis vir & troj und andere maleware die ich nicht loswerde adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.10.2012, 15:45
| #17 |
 | Artemis vir & troj und andere maleware die ich nicht loswerdeCode:
ATTFilter # AdwCleaner v2.005 - Datei am 22/10/2012 um 16:35:30 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : cali - CALIPCI
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\cali\Pictures\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\searchplugins\web-search.xml
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\cali\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\Conduit
Ordner Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\ConduitCommon
Ordner Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\CT65619
Ordner Gelöscht : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\extensions\{3160baf9-cf68-48ec-9076-faed7ce49467}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://vshare.toolbarhome.com/?hp=df --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.1 (de)
Profilname : default
Datei : C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\prefs.js
C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\user.js ... Gelöscht !
Gelöscht : user_pref("CT2613550..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2613550.AppTrackingLastCheckTime", "Fri Apr 15 2011 09:41:18 GMT+0200");
Gelöscht : user_pref("CT2613550.CTID", "ct2613550");
Gelöscht : user_pref("CT2613550.CurrentServerDate", "9-8-2011");
Gelöscht : user_pref("CT2613550.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2613550.DialogsGetterLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2613550.EMailNotifierPollDate", "Fri Apr 15 2011 11:29:02 GMT+0200");
Gelöscht : user_pref("CT2613550.EnableClickToSearchBox", false);
Gelöscht : user_pref("CT2613550.EnableSearchHistory", false);
Gelöscht : user_pref("CT2613550.EnableSearchSuggest", false);
Gelöscht : user_pref("CT2613550.FeedPollDate7861255190875796966", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255191286404846", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255191690696803", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255191830767423", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255192204641884", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255192330261614", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255192609293799", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255192844976705", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193025486845", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193127848905", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193189289837", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193256322449", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193310202497", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193760634970", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255193813312257", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255194862513855", "Wed Jun 29 2011 15:38:40 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedPollDate7861255194875474195", "Wed Jun 29 2011 15:38:41 GMT+0200");
Gelöscht : user_pref("CT2613550.FeedTTL7861255190875796966", 5);
Gelöscht : user_pref("CT2613550.FeedTTL7861255191286404846", 2);
Gelöscht : user_pref("CT2613550.FeedTTL7861255191830767423", 30);
Gelöscht : user_pref("CT2613550.FeedTTL7861255192609293799", 30);
Gelöscht : user_pref("CT2613550.FeedTTL7861255192844976705", 5);
Gelöscht : user_pref("CT2613550.FeedTTL7861255193256322449", 5);
Gelöscht : user_pref("CT2613550.FeedTTL7861255193310202497", 2);
Gelöscht : user_pref("CT2613550.FirstServerDate", "15-4-2011");
Gelöscht : user_pref("CT2613550.FirstTime", true);
Gelöscht : user_pref("CT2613550.FirstTimeFF3", true);
Gelöscht : user_pref("CT2613550.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2613550.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2613550.Initialize", true);
Gelöscht : user_pref("CT2613550.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2613550.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2613550.InstalledDate", "Fri Apr 15 2011 09:41:07 GMT+0200");
Gelöscht : user_pref("CT2613550.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2613550.IsGrouping", false);
Gelöscht : user_pref("CT2613550.IsMulticommunity", false);
Gelöscht : user_pref("CT2613550.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2613550.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2613550.LanguagePackLastCheckTime", "Fri Apr 15 2011 09:41:08 GMT+0200");
Gelöscht : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2613550.LastLogin_3.3.3.2", "Thu Jun 23 2011 17:10:00 GMT+0200");
Gelöscht : user_pref("CT2613550.LastLogin_3.5.0.12", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.LatestVersion", "3.3.3.2");
Gelöscht : user_pref("CT2613550.Locale", "de-de");
Gelöscht : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2613550.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2613550.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2613550.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2613550.SearchBackToDefaultEngine", false);
Gelöscht : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Fri Apr 15 2011 09:41:08 GMT+0200");
Gelöscht : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2613550.ServiceMapLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.SettingsLastCheckTime", "Fri Apr 15 2011 09:41:07 GMT+0200");
Gelöscht : user_pref("CT2613550.SettingsLastUpdate", "1300822090");
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Fri Apr 15 2011 09:41:07 GMT+0200");
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Gelöscht : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2613550.Uninstall", true);
Gelöscht : user_pref("CT2613550.UserID", "UN30573075010480955");
Gelöscht : user_pref("CT2613550.ValidationData_Search", 2);
Gelöscht : user_pref("CT2613550.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2613550.WeatherNetwork", "");
Gelöscht : user_pref("CT2613550.WeatherPollDate", "Thu Jul 21 2011 13:41:25 GMT+0200");
Gelöscht : user_pref("CT2613550.WeatherUnit", "C");
Gelöscht : user_pref("CT2613550.alertChannelId", "1006347");
Gelöscht : user_pref("CT2613550.components.1000034", false);
Gelöscht : user_pref("CT2613550.components.1000234", false);
Gelöscht : user_pref("CT2613550.components.129171076489169448", false);
Gelöscht : user_pref("CT2613550.ct2613550.AppTrackingLastCheckTime", "Sun Jul 17 2011 06:18:18 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2613550.ct2613550.FeedLastCount3082739963941193807", 826);
Gelöscht : user_pref("CT2613550.ct2613550.LanguagePackLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.Locale", "de-de");
Gelöscht : user_pref("CT2613550.ct2613550.SearchInNewTabLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.SettingsLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.SettingsLastUpdate", "1311168858");
Gelöscht : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastCheck", "Tue Aug 09 2011 10:24:38 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2613550.ct2613550.components.129171076488856945", false);
Gelöscht : user_pref("CT2613550.ct2613550.components.129539182460150402", false);
Gelöscht : user_pref("CT2613550.ct2613550.components.129539182525463225", false);
Gelöscht : user_pref("CT2613550.ct2613550.globalFirstTimeInfoLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200[...]
Gelöscht : user_pref("CT2613550.ct2613550.toolbarAppMetaDataLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200"[...]
Gelöscht : user_pref("CT2613550.ct2613550.toolbarContextMenuLastCheckTime", "Tue Aug 09 2011 10:24:39 GMT+0200"[...]
Gelöscht : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Fri Apr 15 2011 09:41:08 GMT+0200");
Gelöscht : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2613550.initDone", true);
Gelöscht : user_pref("CT2613550.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2613550.myStuffEnabled", true);
Gelöscht : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Gelöscht : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2613550.testingCtid", "");
Gelöscht : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Fri Apr 15 2011 09:41:08 GMT+0200");
Gelöscht : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Fri Apr 15 2011 09:41:08 GMT+0200");
Gelöscht : user_pref("CT2613550.usageEnabled", false);
Gelöscht : user_pref("CT2613550.usagesFlag", 2);
Gelöscht : user_pref("CT65619..clientLogIsEnabled", false);
Gelöscht : user_pref("CT65619..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx[...]
Gelöscht : user_pref("CT65619..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Regi[...]
Gelöscht : user_pref("CT65619.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT65619.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT65619.AppTrackingLastCheckTime", "Fri Aug 17 2012 13:31:05 GMT+0200");
Gelöscht : user_pref("CT65619.CTID", "CT65619");
Gelöscht : user_pref("CT65619.CommunitiesChangesLastCheckTime", "0");
Gelöscht : user_pref("CT65619.CurrentServerDate", "22-10-2012");
Gelöscht : user_pref("CT65619.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT65619.DialogsGetterLastCheckTime", "Sat Oct 20 2012 17:31:28 GMT+0200");
Gelöscht : user_pref("CT65619.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT65619.EnableSearchHistory", false);
Gelöscht : user_pref("CT65619.EnableSearchSuggest", false);
Gelöscht : user_pref("CT65619.FirstServerDate", "25-3-2010");
Gelöscht : user_pref("CT65619.FirstTime", true);
Gelöscht : user_pref("CT65619.FirstTimeFF3", true);
Gelöscht : user_pref("CT65619.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT65619.GroupingInvalidateCache", false);
Gelöscht : user_pref("CT65619.GroupingLastCheckTime", "0");
Gelöscht : user_pref("CT65619.GroupingLastServerUpdateTime", "0");
Gelöscht : user_pref("CT65619.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT65619.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT65619.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT65619.HomePageProtectorEnabled", false);
Gelöscht : user_pref("CT65619.Initialize", true);
Gelöscht : user_pref("CT65619.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT65619.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT65619.InstalledDate", "Thu Mar 25 2010 15:44:58 GMT+0100");
Gelöscht : user_pref("CT65619.InvalidateCache", false);
Gelöscht : user_pref("CT65619.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT65619.IsGrouping", false);
Gelöscht : user_pref("CT65619.IsMulticommunity", false);
Gelöscht : user_pref("CT65619.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT65619.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT65619.LanguagePackLastCheckTime", "Sun Oct 21 2012 17:31:28 GMT+0200");
Gelöscht : user_pref("CT65619.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT65619.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx")[...]
Gelöscht : user_pref("CT65619.LastLogin_2.5.8.6", "Wed Aug 18 2010 18:00:52 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_2.7.2.0", "Mon Jan 17 2011 23:16:29 GMT+0100");
Gelöscht : user_pref("CT65619.LastLogin_3.10.0.1", "Thu May 03 2012 18:29:57 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.11.0.3", "Sun May 06 2012 15:02:58 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.12.2.3", "Fri Jul 13 2012 20:07:32 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.14.1.0", "Thu Aug 30 2012 01:39:16 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.15.1.0", "Mon Oct 22 2012 13:28:27 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.3.0.19", "Tue Mar 22 2011 18:42:32 GMT+0100");
Gelöscht : user_pref("CT65619.LastLogin_3.3.2.1", "Sat Apr 09 2011 21:28:37 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.3.3.2", "Thu Jun 23 2011 17:10:14 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.5.0.12", "Tue Aug 02 2011 22:29:28 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.6.0.10", "Fri Sep 30 2011 17:25:27 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.7.0.6", "Wed Oct 12 2011 06:22:10 GMT+0200");
Gelöscht : user_pref("CT65619.LastLogin_3.8.0.8", "Sat Dec 03 2011 18:15:23 GMT+0100");
Gelöscht : user_pref("CT65619.LastLogin_3.8.1.0", "Mon Jan 30 2012 22:26:35 GMT+0100");
Gelöscht : user_pref("CT65619.LastLogin_3.9.0.3", "Tue Feb 14 2012 07:25:51 GMT+0100");
Gelöscht : user_pref("CT65619.LatestVersion", "3.14.1.0");
Gelöscht : user_pref("CT65619.Locale", "en-US");
Gelöscht : user_pref("CT65619.LoginCache", 4);
Gelöscht : user_pref("CT65619.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT65619.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT65619.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT65619.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT65619.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT65619.RadioLastCheckTime", "0");
Gelöscht : user_pref("CT65619.RadioLastUpdateIPServer", "0");
Gelöscht : user_pref("CT65619.RadioLastUpdateServer", "0");
Gelöscht : user_pref("CT65619.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT65619.SearchBackToDefaultEngine", false);
Gelöscht : user_pref("CT65619.SearchBoxWidth", 142);
Gelöscht : user_pref("CT65619.SearchEngine", "Translate||hxxp://www.dict.cc/?s=UCM_SEARCH_TERM");
Gelöscht : user_pref("CT65619.SearchEngineBeforeUnload", "Google");
Gelöscht : user_pref("CT65619.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT65619.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619[...]
Gelöscht : user_pref("CT65619.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT65619.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT65619.SearchInNewTabLastCheckTime", "Sun Oct 21 2012 17:28:25 GMT+0200");
Gelöscht : user_pref("CT65619.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOO[...]
Gelöscht : user_pref("CT65619.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage[...]
Gelöscht : user_pref("CT65619.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT65619.SearchProtectorEnabled", false);
Gelöscht : user_pref("CT65619.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT65619.ServiceMapLastCheckTime", "Sun Oct 21 2012 17:31:28 GMT+0200");
Gelöscht : user_pref("CT65619.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT65619.SettingsLastCheckTime", "Mon Oct 22 2012 03:45:59 GMT+0200");
Gelöscht : user_pref("CT65619.SettingsLastUpdate", "1350383786");
Gelöscht : user_pref("CT65619.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT65619.ThirdPartyComponentsLastCheck", "Tue Oct 02 2012 16:54:26 GMT+0200");
Gelöscht : user_pref("CT65619.ThirdPartyComponentsLastUpdate", "1331805997");
Gelöscht : user_pref("CT65619.ToolbarDisabled", false);
Gelöscht : user_pref("CT65619.TrusteLinkUrl", "hxxp://trust.conduit.com/CT65619");
Gelöscht : user_pref("CT65619.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.[...]
Gelöscht : user_pref("CT65619.UserID", "UN38047064309374496");
Gelöscht : user_pref("CT65619.ValidationData_Search", 2);
Gelöscht : user_pref("CT65619.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT65619.WeatherNetwork", "");
Gelöscht : user_pref("CT65619.WeatherPollDate", "Mon Oct 22 2012 16:17:30 GMT+0200");
Gelöscht : user_pref("CT65619.WeatherUnit", "C");
Gelöscht : user_pref("CT65619.alertChannelId", "45127");
Gelöscht : user_pref("CT65619.clientLogIsEnabled", true);
Gelöscht : user_pref("CT65619.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/[...]
Gelöscht : user_pref("CT65619.components.1000034", false);
Gelöscht : user_pref("CT65619.components.1000082", false);
Gelöscht : user_pref("CT65619.components.1000234", true);
Gelöscht : user_pref("CT65619.components.128055585236813047", false);
Gelöscht : user_pref("CT65619.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.con[...]
Gelöscht : user_pref("CT65619.globalFirstTimeInfoLastCheckTime", "Thu Oct 18 2012 15:16:15 GMT+0200");
Gelöscht : user_pref("CT65619.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT65619.initDone", true);
Gelöscht : user_pref("CT65619.isAppTrackingManagerOn", false);
Gelöscht : user_pref("CT65619.myStuffEnabled", true);
Gelöscht : user_pref("CT65619.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT65619.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrig[...]
Gelöscht : user_pref("CT65619.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT65619.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Comp[...]
Gelöscht : user_pref("CT65619.oldAppsList", "128299243212250987,127759438892500272,111,127861388111562721,12805[...]
Gelöscht : user_pref("CT65619.revertSettingsEnabled", true);
Gelöscht : user_pref("CT65619.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT65619.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT65619.testingCtid", "");
Gelöscht : user_pref("CT65619.toolbarAppMetaDataLastCheckTime", "Sun Oct 21 2012 17:31:28 GMT+0200");
Gelöscht : user_pref("CT65619.toolbarContextMenuLastCheckTime", "Sat Oct 20 2012 17:31:28 GMT+0200");
Gelöscht : user_pref("CT65619.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Regis[...]
Gelöscht : user_pref("CT65619.usageEnabled", false);
Gelöscht : user_pref("CT65619.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2613550");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT65619/CT65619", "[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/45127/44604/DE", "\"0\"");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT65619", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2613550", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.7.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT65619", "[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT65619&octid=CT[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2613550/CT2613550[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT65619/CT65619", "[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2613550/CT2613550[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-US", "\"[...]
Gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{3160baf9-cf68-48ec-9076-faed7ce49467}");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dict.cc");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\cali\\AppData\\Roaming\\Mozilla\\Fi[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT65619");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{3160baf9-cf68-48ec-9076-faed7ce49467}");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dict.cc");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT65619,CT2613550");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT65619,CT2613550");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 23 2011 02:10:58 GMT+01[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 14:56:09 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 14:56:01 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{16648c25-9705-451a-b4f7-d031725fe8d6}");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 21 2011 02:12:08 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "c0d97671-e2d4-4237-9510-10c0d78dd10e");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.killedEngine", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Oct 21 2012 17:28:2[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Oct 21 2012 17:31:37 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 21 2012 17:31:29 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "a6f9de19-8c0d-4ca6-a522-ab55ba805e00");
Gelöscht : user_pref("CommunityToolbar.undefined", "");
Gelöscht : user_pref("browser.search.defaultenginename", "Web Search...");
Gelöscht : user_pref("extensions.vshare@toolbar.update.enabled", false);
Gelöscht : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q="[...]
Gelöscht : user_pref("vshare.install.date", "1298937600000");
Gelöscht : user_pref("vshare.install.dumpFileCount", 0);
Gelöscht : user_pref("vshare.install.dumpFileDisabled", false);
Gelöscht : user_pref("vshare.install.finished", "1.0.0");
Gelöscht : user_pref("vshare.install.guid", "{d47fed29-450c-4ea8-b112-3eb22027cd87}");
Gelöscht : user_pref("vshare.install.isHidden", true);
Gelöscht : user_pref("vshare.install.laststatreq", "1298937600000");
Gelöscht : user_pref("vshare.install.newtab", true);
Gelöscht : user_pref("vshare.install.newtabDisabledByUser", true);
Gelöscht : user_pref("vshare.install.overlayVersion", 1);
Gelöscht : user_pref("vshare.install.userHPSettings", "hxxp://www.google.de");
Gelöscht : user_pref("vshare.install.userSPSettings", "Web Search...");
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [36718 octets] - [21/10/2012 20:38:16]
AdwCleaner[S1].txt - [36499 octets] - [22/10/2012 16:35:30]
########## EOF - C:\AdwCleaner[S1].txt - [36560 octets] ##########
|
|
22.10.2012, 15:48
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerde Mach bitte einen (neuen) CustomScan mit OTL - das Log davon nach Möglichkeit hier in CODE-Tags posten.
__________________Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ |
|
22.10.2012, 16:19
| #19 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde Das ist ja eine neverending story .> schonmal vielen Dank Ich hab übrigens immernoch dieses "debugger" deaktiviert, von dieser einen Software. Dort stand ja man solle es erst wieder aktivieren, wenn jemand sagt, dass man es aktivieren soll :> Code:
ATTFilter OTL logfile created on: 22.10.2012 16:52:07 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\cali\Pictures\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 68,58% Memory free 7,00 Gb Paging File | 5,70 Gb Available in Paging File | 81,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 93,91 Gb Total Space | 20,91 Gb Free Space | 22,27% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 29,12 Gb Free Space | 3,13% Space Free | Partition Type: NTFS Drive E: | 92,38 Gb Total Space | 15,78 Gb Free Space | 17,08% Space Free | Partition Type: FAT32 Drive F: | 303,76 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: CALIPCI | User Name: cali | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.22 16:49:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cali\Pictures\Desktop\OTL.exe PRC - [2012.10.18 19:48:38 | 001,591,768 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe PRC - [2012.10.02 21:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.10.02 21:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2012.09.26 20:29:52 | 001,285,888 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe PRC - [2012.09.04 12:15:28 | 000,615,440 | ---- | M] () -- C:\Programme\EslWire\service\WireHelperSvc.exe PRC - [2012.07.03 12:04:45 | 000,055,544 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe PRC - [2012.05.15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Programme\Comodo\COMODO GeekBuddy\CLPSLS.exe PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe PRC - [2011.09.29 12:16:26 | 000,101,144 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\LCore.exe PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.07.12 14:39:24 | 000,053,248 | ---- | M] () -- C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe PRC - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2012.04.27 16:08:08 | 000,092,600 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll MOD - [2012.04.25 12:24:09 | 000,202,032 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll MOD - [2011.11.08 03:27:22 | 000,026,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll MOD - [2011.11.08 03:27:20 | 000,070,656 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll MOD - [2011.11.08 03:27:18 | 000,467,456 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll MOD - [2011.11.08 03:27:12 | 000,206,336 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll MOD - [2011.11.08 03:27:09 | 000,189,952 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll MOD - [2011.11.08 03:27:08 | 000,086,016 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll MOD - [2011.11.08 03:27:07 | 000,090,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll MOD - [2011.11.08 03:27:07 | 000,088,064 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll MOD - [2011.05.22 19:21:36 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010.10.20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Programme\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010.03.25 00:34:52 | 000,035,840 | ---- | M] () -- C:\Programme\DAEMON Tools Pro\cryptapi.dll MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2009.01.18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\AdobeXMP.dll MOD - [2007.11.16 16:02:18 | 000,479,232 | R--- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ccme_base.dll MOD - [2007.11.16 16:02:18 | 000,401,408 | R--- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\cryptocme2.dll MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.dll MOD - [2007.04.05 02:59:56 | 000,007,680 | ---- | M] () -- C:\Programme\DAEMON Tools Pro\Plugins\Images\bw5mount.dll ========== Services (SafeList) ========== SRV - [2012.10.16 20:14:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.09 16:29:45 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- D:\games\smite\HiPatchService.exe -- (HiPatchService) SRV - [2012.09.26 20:29:52 | 001,285,888 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV) SRV - [2012.09.11 11:16:32 | 000,059,152 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental) SRV - [2012.09.08 00:34:29 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.09.04 12:15:28 | 000,615,440 | ---- | M] () [Auto | Running] -- C:\Programme\EslWire\service\WireHelperSvc.exe -- (EslWireHelper) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.03 12:04:45 | 000,055,544 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV) SRV - [2012.05.15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.24 14:10:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.12 14:39:24 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2010.03.24 16:57:22 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.12.08 20:26:15 | 003,616,768 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009.10.30 16:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2009.10.30 16:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.12.14 12:46:28 | 000,047,624 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\GIGABYTE\GEST\GSvr.exe -- (GEST Service) SRV - [2007.02.05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) SRV - [2007.02.05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service) SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) ========== Driver Services (SafeList) ========== DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.09.04 12:15:22 | 000,836,496 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ESLWireACD.sys -- (ESLWireAC) DRV - [2012.08.29 18:24:08 | 000,161,312 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt) DRV - [2012.08.23 17:07:27 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox) DRV - [2012.08.12 13:34:54 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.07.12 17:12:20 | 000,132,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr) DRV - [2012.07.06 15:13:12 | 000,077,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf) DRV - [2012.07.02 15:21:35 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos) DRV - [2012.06.13 14:00:26 | 000,473,248 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf) DRV - [2012.06.13 14:00:22 | 000,617,984 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3) DRV - [2011.11.25 14:59:40 | 000,240,184 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv) DRV - [2011.11.14 20:16:27 | 000,090,704 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf) DRV - [2011.11.08 03:27:20 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2011.11.08 03:27:20 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2011.11.08 03:27:08 | 000,041,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011.04.28 14:20:26 | 001,228,864 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.11.05 02:29:35 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010.10.13 13:19:54 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ESLvnic.sys -- (ESLvnic1) DRV - [2010.09.16 12:39:16 | 001,505,280 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudaxp.sys -- (cmudaxp) DRV - [2010.05.29 07:58:30 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf) DRV - [2010.03.24 17:08:38 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010.03.13 13:58:52 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/03/24 15:11:53] [Kernel | Auto | Running] -- C:\Programme\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) DRV - [2009.11.10 13:55:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2009.11.10 13:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009.10.07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2009.05.12 16:53:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUsb.sys -- (FlashUSB) DRV - [2009.05.01 00:56:30 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) DRV - [2008.11.11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2008.11.11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2008.11.11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007.10.11 12:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2007.09.29 07:30:52 | 000,065,024 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2007.06.02 15:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\PeerGuardian2\pgfilter.sys -- (pgfilter) DRV - [2007.04.11 17:23:48 | 000,045,440 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UsbFltr.sys -- (TarFltr) DRV - [2005.03.09 21:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 2D 39 34 EC CA CA 01 [binary data] IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2144295801-1104322103-669315532-1008\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: {cc5cc7f7-8645-49b2-862f-f6e8116dfc44}:0.6.81 FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10 FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.9rc2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {cc5cc7f7-8645-49b2-862f-f6e8116dfc44}:0.6.81 FF - prefs.js..extensions.enabledItems: {3160baf9-cf68-48ec-9076-faed7ce49467}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3 FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll () FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\cali\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.18 18:37:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.18 18:37:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012.10.18 19:17:35 | 000,000,000 | ---D | M] [2010.03.24 02:53:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cali\AppData\Roaming\mozilla\Extensions [2012.10.22 16:35:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions [2012.09.15 21:28:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.04.10 18:29:39 | 000,000,000 | ---D | M] (Dict) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\{cc5cc7f7-8645-49b2-862f-f6e8116dfc44} [2012.10.16 06:06:10 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012.09.20 22:55:49 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\firefox@ghostery.com [2012.09.15 21:28:16 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\ich@maltegoetz.de [2012.02.10 16:30:02 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\cali\AppData\Roaming\mozilla\Firefox\Profiles\bpwct85r.default\extensions\piclens@cooliris.com [2011.09.02 18:54:26 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\extensions\youtube2mp3@mondayx.de.xpi [2012.10.21 17:28:14 | 000,529,958 | ---- | M] () (No name found) -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2010.04.02 20:15:12 | 000,000,687 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icq-search.xml [2010.09.09 22:48:02 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-4.xml [2010.09.16 21:48:40 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-5.xml [2010.10.21 12:16:54 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-6.xml [2010.10.28 13:47:58 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-7.xml [2010.11.06 02:09:41 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-8.xml [2011.03.02 22:27:57 | 000,000,950 | ---- | M] () -- C:\Users\cali\AppData\Roaming\mozilla\firefox\profiles\bpwct85r.default\searchplugins\icqplugin-9.xml [2012.10.16 20:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.16 20:14:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.10.16 20:14:47 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.02.14 11:35:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 11:45:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.02.14 11:35:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.02.14 11:35:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.14 11:35:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.14 11:35:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\cali\AppData\Local\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\cali\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\cali\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\cali\AppData\Roaming\Mozilla\plugins\npoctoshape.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\cali\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll CHR - Extension: YouTube = C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Psykopaint = C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\ CHR - Extension: Psykopaint = C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak CHR - Extension: Google Mail = C:\Users\cali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) O4 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2144295801-1104322103-669315532-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O7 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2144295801-1104322103-669315532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{871F438F-D35E-4976-9403-4F7C07FD2AE3}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.02.23 12:34:14 | 000,003,104 | R--- | M] () - D:\autoexec.cfg -- [ NTFS ] O32 - AutoRun File - [2011.09.01 09:43:05 | 000,533,824 | R--- | M] (MediaChance) - F:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2011.09.01 09:35:29 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2011.09.01 09:35:29 | 000,389,554 | R--- | M] () - F:\autorun.mbd -- [ UDF ] O33 - MountPoints2\{09c0362f-36dd-11df-8d79-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{09c0362f-36dd-11df-8d79-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Run.exe O33 - MountPoints2\{8811e49d-3757-11df-a7d6-002401320ac8}\Shell - "" = AutoRun O33 - MountPoints2\{8811e49d-3757-11df-a7d6-002401320ac8}\Shell\AutoRun\command - "" = G:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: bdinstaller - hkey= - key= - C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe (Bitdefender) MsConfig - StartUpReg: Tarantula - hkey= - key= - File not found MsConfig - StartUpReg: TrojanScanner - hkey= - key= - File not found MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: CLPSLS - C:\Programme\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO) SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: CLPSLS - C:\Programme\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: vsmon - Service SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A6F332B3-9277-5775-57C8-B83B0EB0A418} - Browser Customizations ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {D8E53E4D-A790-C27F-6EBD-1779E98F73CF} - Microsoft Windows Media Player 12.0 ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm () Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L) Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.) Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.22 16:49:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\cali\Pictures\Desktop\OTL.exe [2012.10.20 03:30:46 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Local\bdch [2012.10.20 03:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch [2012.10.20 01:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.18 23:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.10.18 23:46:39 | 002,322,184 | ---- | C] (ESET) -- C:\Users\cali\Pictures\Desktop\esetsmartinstaller_enu.exe [2012.10.18 19:48:48 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2012.10.18 19:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013 [2012.10.18 19:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2012.10.18 19:17:33 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys [2012.10.18 19:17:33 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys [2012.10.18 19:17:20 | 000,240,184 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys [2012.10.18 19:17:19 | 000,473,248 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys [2012.10.18 19:17:18 | 000,617,984 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys [2012.10.18 19:16:39 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\Bitdefender [2012.10.18 19:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2012.10.18 19:14:32 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys [2012.10.18 19:14:19 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys [2012.10.18 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2012.10.18 18:57:37 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.10.18 18:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.10.18 07:30:23 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.bfde.deleteme [2012.10.16 20:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.10.16 18:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.10.16 18:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.10.16 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\DriverCure [2012.10.16 17:45:31 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\SpeedyPC Software [2012.10.16 17:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software [2012.10.16 06:22:24 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.a966.deleteme [2012.10.16 06:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2012.10.16 06:06:38 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\QuickScan [2012.10.13 15:13:17 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\wg party [2012.10.11 17:32:56 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\hyper [2012.10.11 17:31:35 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\nookie [2012.10.10 23:34:28 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\AMPSoft [2012.10.10 17:54:59 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\leine hertz [2012.10.10 04:58:53 | 000,000,000 | ---D | C] -- C:\Users\cali\Desktop [2012.10.10 04:58:45 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer [2012.10.10 04:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer [2012.10.10 04:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\AMP Font Viewer [2012.10.10 01:36:46 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\Neuer Ordner [2012.10.09 06:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2012.10.09 06:31:07 | 000,000,000 | ---D | C] -- C:\Users\cali\Documents\Anti-Malware [2012.10.09 06:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2012.10.09 06:16:21 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Local\Comodo [2012.10.02 16:51:17 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\flyer_gfx_versuche [2012.09.29 22:35:50 | 000,000,000 | ---D | C] -- C:\Users\cali\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.09.24 21:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2012.09.24 21:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012.09.24 21:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2012.09.24 21:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow [2012.09.24 06:17:00 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\medialink-1 [2012.09.24 06:15:42 | 000,000,000 | ---D | C] -- C:\Users\cali\Pictures\Desktop\medialink [8 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.22 16:49:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cali\Pictures\Desktop\OTL.exe [2012.10.22 16:45:50 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.22 16:45:50 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.22 16:44:28 | 000,709,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.22 16:44:28 | 000,663,610 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.22 16:44:28 | 000,153,524 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.22 16:44:28 | 000,125,740 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.22 16:38:09 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.22 16:37:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.22 16:37:07 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys [2012.10.22 15:51:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.21 20:20:23 | 000,538,941 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\adwcleaner.exe [2012.10.20 01:19:10 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.18 23:47:34 | 002,322,184 | ---- | M] (ESET) -- C:\Users\cali\Pictures\Desktop\esetsmartinstaller_enu.exe [2012.10.18 20:55:08 | 000,009,617 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\config.cfg [2012.10.18 19:48:48 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2012.10.18 19:32:40 | 000,000,215 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\valve.rc [2012.10.18 19:18:55 | 000,505,557 | ---- | M] () -- C:\ProgramData\1350580437.bdinstall.bin [2012.10.18 19:18:42 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml [2012.10.18 19:18:08 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01 [2012.10.18 19:18:08 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr [2012.10.18 19:18:08 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01 [2012.10.18 19:17:52 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2012.10.18 19:17:52 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk [2012.10.18 19:17:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2012.10.18 18:49:05 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2012.10.18 18:49:05 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2012.10.18 07:30:19 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.bfde.deleteme [2012.10.17 20:12:25 | 000,329,638 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\autumn_by_imperioli-d4gibjl.jpg [2012.10.17 20:11:40 | 000,363,236 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\fafdcafec45f0c80becbdd5b02cb9faa-d2dvclx.jpg [2012.10.17 17:43:44 | 000,109,680 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\Brandon-Schaefer-SpaceBalls-550x733.jpg [2012.10.16 20:09:25 | 000,019,915 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\Gmer.zip [2012.10.16 20:04:31 | 000,041,966 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\OTL+Extras.zip [2012.10.16 19:12:48 | 000,302,592 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\d1riohdk.exe [2012.10.16 18:49:12 | 000,000,020 | ---- | M] () -- C:\Users\cali\defogger_reenable [2012.10.16 18:10:48 | 000,648,294 | ---- | M] () -- C:\Users\cali\Documents\cc_20121016_180919.reg [2012.10.16 18:04:02 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.16 06:22:20 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.a966.deleteme [2012.10.14 23:33:01 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk [2012.10.14 16:49:49 | 006,222,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.13 16:53:17 | 000,522,991 | ---- | M] () -- C:\VirtualDJ Local Database v6.xml [2012.10.12 23:08:10 | 000,059,737 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\wgparty.m3u [2012.10.11 23:40:37 | 000,403,309 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\duude.jpg [2012.10.11 23:40:21 | 000,403,309 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\dude.jpg [2012.10.11 00:24:53 | 002,134,065 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\CamelFrdsdsdsdankfurt.jpg [2012.10.10 23:42:04 | 000,096,107 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\851199.jpg [2012.10.10 21:18:46 | 000,059,801 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\pink moons.m3u [2012.10.10 20:46:54 | 000,581,208 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\outtake.mp3 [2012.10.10 20:24:03 | 135,003,632 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\2012_1110_23-00_pink_moon.mp3 [2012.10.09 22:15:20 | 000,126,159 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\cali_owl.png [2012.10.08 21:44:56 | 001,389,137 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\logo.rar [2012.10.08 19:20:36 | 004,776,519 | ---- | M] () -- C:\Users\cali\Pictures\Desktop\cafeglocksee.m3u [2012.10.03 00:20:00 | 000,012,865 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2012.09.29 16:15:41 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini [8 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.21 20:20:13 | 000,538,941 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\adwcleaner.exe [2012.10.20 01:19:10 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.18 20:57:22 | 000,009,617 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\config.cfg [2012.10.18 20:57:22 | 000,000,837 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\autoexec.cfg [2012.10.18 19:18:55 | 000,505,557 | ---- | C] () -- C:\ProgramData\1350580437.bdinstall.bin [2012.10.18 19:18:42 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml [2012.10.18 19:18:08 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01 [2012.10.18 19:17:52 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2012.10.18 19:17:52 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk [2012.10.18 19:17:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2012.10.18 19:16:27 | 035,188,281 | -H-- | C] () -- C:\bdr-im01.gz [2012.10.18 19:16:27 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01 [2012.10.18 19:16:27 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01 [2012.10.18 19:16:27 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr [2012.10.17 20:12:22 | 000,329,638 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\autumn_by_imperioli-d4gibjl.jpg [2012.10.17 20:11:35 | 000,363,236 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\fafdcafec45f0c80becbdd5b02cb9faa-d2dvclx.jpg [2012.10.17 17:43:39 | 000,109,680 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\Brandon-Schaefer-SpaceBalls-550x733.jpg [2012.10.16 20:09:25 | 000,019,915 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\Gmer.zip [2012.10.16 20:04:31 | 000,041,966 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\OTL+Extras.zip [2012.10.16 19:12:47 | 000,302,592 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\d1riohdk.exe [2012.10.16 18:48:53 | 000,000,020 | ---- | C] () -- C:\Users\cali\defogger_reenable [2012.10.16 18:09:24 | 000,648,294 | ---- | C] () -- C:\Users\cali\Documents\cc_20121016_180919.reg [2012.10.16 18:04:02 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.12 23:08:10 | 000,059,737 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\wgparty.m3u [2012.10.11 23:40:36 | 000,403,309 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\duude.jpg [2012.10.11 22:32:12 | 000,403,309 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\dude.jpg [2012.10.11 02:51:06 | 000,000,215 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\valve.rc [2012.10.11 02:50:50 | 000,003,924 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\autoexec111111.cfg.cfg [2012.10.11 02:50:31 | 000,000,103 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\autoexec2222222222222.cfg [2012.10.11 00:24:50 | 002,134,065 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\CamelFrdsdsdsdankfurt.jpg [2012.10.10 23:41:55 | 000,096,107 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\851199.jpg [2012.10.10 21:18:46 | 000,059,801 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\pink moons.m3u [2012.10.10 20:46:52 | 000,581,208 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\outtake.mp3 [2012.10.10 20:19:40 | 135,003,632 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\2012_1110_23-00_pink_moon.mp3 [2012.10.09 22:15:19 | 000,126,159 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\cali_owl.png [2012.10.08 21:44:55 | 001,389,137 | ---- | C] () -- C:\Users\cali\Pictures\Desktop\logo.rar [2012.10.04 20:44:30 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\ESL Wire.lnk [2012.09.24 21:04:43 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012.08.21 22:29:10 | 000,000,253 | ---- | C] () -- C:\Users\cali\AppData\Roaming\ANICONFIG_{871F438F-D35E-4976-9403-4F7C07FD2AE3}.ini [2012.08.21 21:36:46 | 000,000,253 | ---- | C] () -- C:\Users\cali\AppData\Roaming\ANICONFIG_{0AA8CA46-7BBF-4E47-8B8E-1F33935F7F3D}.ini [2012.08.21 20:11:02 | 000,000,253 | ---- | C] () -- C:\Users\cali\AppData\Roaming\ANICONFIG_{44F76163-2AA8-48C9-88DE-249DFCC1DED2}.ini [2012.08.21 20:02:47 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\anodlwf.sys [2012.08.21 20:02:46 | 000,014,119 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2012.07.24 13:50:37 | 000,265,120 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2012.04.08 18:51:13 | 000,000,132 | ---- | C] () -- C:\Users\cali\AppData\Roaming\Adobe IllExport Filter CS5 Prefs [2012.04.08 18:43:08 | 000,001,456 | ---- | C] () -- C:\Users\cali\AppData\Local\Adobe Save for Web 12.0 Prefs [2011.12.28 00:30:24 | 000,000,000 | ---- | C] () -- C:\Users\cali\AppData\Local\{C433B468-92C5-4996-A02F-C05E05AF3F68} [2011.10.16 22:23:17 | 000,000,680 | RHS- | C] () -- C:\Users\cali\ntuser.pol [2011.09.25 23:30:37 | 000,010,240 | ---- | C] () -- C:\Users\cali\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.08.06 20:44:21 | 000,000,092 | ---- | C] () -- C:\Users\cali\AppData\Local\fusioncache.dat [2011.07.26 15:56:47 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2011.07.12 16:43:39 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011.05.15 17:40:54 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2011.05.07 21:42:31 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011.05.07 21:42:31 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.04.13 16:07:35 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.04.13 16:06:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.02.15 21:52:34 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys [2011.02.09 18:36:55 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2010.12.22 13:55:38 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2010.11.22 21:30:33 | 000,008,192 | ---- | C] () -- C:\Windows\System32\CNMVS5u.DLL [2010.11.18 15:23:29 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2010.11.18 15:23:29 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2010.11.05 02:29:28 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys [2010.04.21 20:56:23 | 000,138,056 | ---- | C] () -- C:\Users\cali\AppData\Roaming\PnkBstrK.sys ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.08.13 18:16:36 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Ableton [2012.10.10 23:34:28 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\AMPSoft [2010.03.24 02:47:06 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ASUS [2012.01.22 01:42:14 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\BigHugeEngine [2012.10.18 19:16:39 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Bitdefender [2012.09.29 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.03.24 03:02:04 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\CheckPoint [2012.04.08 18:52:25 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2010.03.24 14:24:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DAEMON Tools Lite [2010.03.25 00:35:47 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DAEMON Tools Pro [2012.10.16 17:45:32 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DriverCure [2012.04.10 01:06:05 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Dropbox [2012.10.16 18:07:57 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\FileZilla [2011.01.31 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\GetRightToGo [2012.10.22 02:42:37 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ICQ [2011.01.22 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\IrfanView [2010.06.11 17:51:47 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\KORG [2010.03.24 14:32:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Leadertech [2010.11.18 15:40:12 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\LG Electronics [2012.09.03 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\MA Lighting Technologies [2010.12.29 20:52:40 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\mkvtoolnix [2012.10.12 18:46:20 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Mumble [2011.01.19 18:38:13 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Nicalis [2010.06.12 19:28:45 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Octoshape [2011.04.12 17:13:52 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\OfficeRecovery [2011.09.30 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Origin [2012.09.10 23:57:08 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Plane9 [2011.03.24 00:50:16 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Publish Providers [2010.10.25 18:50:11 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Quest3D [2012.10.18 17:49:44 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\QuickScan [2010.10.25 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Roaming [2012.09.20 01:52:20 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\RotMG.Production [2011.03.24 00:50:11 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Sony [2012.10.16 17:45:31 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\SpeedyPC Software [2012.03.19 23:17:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\SplitMediaLabs [2012.03.14 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Spotify [2012.02.07 18:49:02 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.09.04 01:41:21 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Steinberg [2011.08.04 23:07:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Stellarium [2012.10.18 05:51:24 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\TS3Client [2012.05.04 16:36:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ts3overlay [2010.03.24 16:57:13 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\TuneUp Software [2012.10.19 18:27:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\uTorrent [2010.05.27 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Warsow 0.5 [2011.07.09 15:25:56 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Warsow 0.6 [2011.11.19 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\WordToPDF ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.08.13 18:16:36 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Ableton [2012.04.08 18:52:12 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Adobe [2012.02.07 18:49:03 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Adobe Mini Bridge CS5.1 [2012.10.10 23:34:28 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\AMPSoft [2011.12.19 13:51:58 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Apple Computer [2010.03.24 02:47:06 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ASUS [2012.01.22 01:42:14 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\BigHugeEngine [2012.10.18 19:16:39 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Bitdefender [2012.09.29 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.03.24 03:02:04 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\CheckPoint [2012.04.08 18:52:25 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011.03.17 22:01:00 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\CyberLink [2010.03.24 14:24:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DAEMON Tools Lite [2010.03.25 00:35:47 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DAEMON Tools Pro [2010.05.01 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DivX [2010.09.17 16:54:04 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Download Manager [2012.10.16 17:45:32 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\DriverCure [2012.04.10 01:06:05 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Dropbox [2011.10.01 14:32:38 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\dvdcss [2012.10.16 18:07:57 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\FileZilla [2011.01.31 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\GetRightToGo [2012.10.22 02:42:37 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ICQ [2010.03.24 02:44:09 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Identities [2011.01.22 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\IrfanView [2010.06.11 17:51:47 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\KORG [2010.03.24 14:32:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Leadertech [2010.11.18 15:40:12 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\LG Electronics [2010.03.24 14:31:28 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Logishrd [2010.03.24 14:32:33 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Logitech [2012.09.03 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\MA Lighting Technologies [2010.03.24 03:30:20 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Macromedia [2012.03.27 17:36:28 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Malwarebytes [2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Media Center Programs [2012.10.21 01:02:00 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Media Player Classic [2012.07.13 22:03:09 | 000,000,000 | --SD | M] -- C:\Users\cali\AppData\Roaming\Microsoft [2010.12.29 20:52:40 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\mkvtoolnix [2010.11.10 12:24:54 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Mozilla [2012.10.12 18:46:20 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Mumble [2010.07.23 00:35:16 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Nero [2011.01.19 18:38:13 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Nicalis [2011.10.12 13:40:09 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\NVIDIA [2010.06.12 19:28:45 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Octoshape [2011.04.12 17:13:52 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\OfficeRecovery [2011.09.30 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Origin [2012.09.10 23:57:08 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Plane9 [2011.03.24 00:50:16 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Publish Providers [2010.10.25 18:50:11 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Quest3D [2012.10.18 17:49:44 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\QuickScan [2010.10.25 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Roaming [2012.09.20 01:52:20 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\RotMG.Production [2010.03.24 03:59:20 | 000,000,000 | RH-D | M] -- C:\Users\cali\AppData\Roaming\SecuROM [2012.10.22 16:51:13 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Skype [2011.07.01 21:32:33 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\skypePM [2011.03.24 00:50:11 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Sony [2010.04.25 15:42:19 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Sony Corporation [2012.10.16 17:45:31 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\SpeedyPC Software [2012.03.19 23:17:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\SplitMediaLabs [2012.03.14 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Spotify [2012.02.07 18:49:02 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.09.04 01:41:21 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Steinberg [2011.08.04 23:07:26 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Stellarium [2011.02.19 00:15:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\teamspeak2 [2012.10.18 05:51:24 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\TS3Client [2012.05.04 16:36:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\ts3overlay [2010.03.24 16:57:13 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\TuneUp Software [2012.10.19 18:27:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\uTorrent [2012.10.16 18:08:00 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Ventrilo [2012.10.20 02:56:16 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\vlc [2010.05.27 15:09:19 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Warsow 0.5 [2011.07.09 15:25:56 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Warsow 0.6 [2012.10.17 07:10:42 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\Winamp [2010.03.24 15:53:09 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\WinRAR [2011.11.19 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\cali\AppData\Roaming\WordToPDF < %APPDATA%\*.exe /s > [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\cali\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\cali\AppData\Roaming\Dropbox\bin\Uninstall.exe [2010.03.24 14:32:26 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\cali\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2010.06.10 21:36:25 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\cali\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe [2010.06.10 21:36:25 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\cali\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe [2010.06.10 21:36:25 | 000,008,854 | R--- | M] () -- C:\Users\cali\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe [2011.06.28 17:10:42 | 000,010,134 | R--- | M] () -- C:\Users\cali\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe [2012.02.06 14:07:28 | 000,425,984 | ---- | M] () -- C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe [2012.02.06 14:07:28 | 000,545,792 | ---- | M] () -- C:\Users\cali\AppData\Roaming\Mozilla\Firefox\Profiles\bpwct85r.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe [2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\cali\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2012.03.14 18:10:58 | 004,011,184 | ---- | M] (Spotify Ltd) -- C:\Users\cali\AppData\Roaming\Spotify\spotify.exe [2009.02.03 10:09:38 | 000,068,096 | ---- | M] (Igor Pavlov) -- C:\Users\cali\AppData\Roaming\uTorrent\7z.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2012.08.29 18:24:08 | 000,161,312 | ---- | M] (BitDefender LLC) Unable to obtain MD5 -- C:\Windows\system32\drivers\gzflt.sys < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < > [2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2011.06.28 15:49:11 | 000,001,090 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011.06.28 15:49:13 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job ========== Alternate Data Streams ========== @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:CB0AACC9 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8 @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:ADF211B1 < End of report > |
|
29.10.2012, 03:03
| #20 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde und wie schaut's aus? |
|
29.10.2012, 12:59
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerdeCode:
ATTFilter D:\see\uTorrent IP Filter Updater by GEARPY v.2
__________________ --> Artemis vir & troj und andere maleware die ich nicht loswerde |
|
29.10.2012, 14:30
| #22 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde so wie ich mir das mal erklären hab lassen filter das bestimmte ips raus hxxp://www.davidmoore.info/ipfilter-updater/ |
|
29.10.2012, 15:07
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerde So wirklich beantwortet das meine Frage aber nicht....
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2012, 20:55
| #24 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde Damit der ip filter immer auf dem neusten stand ist, denk ich? Haben denn die logs jetzt irgendwas ergeben? |
|
31.10.2012, 16:24
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerde Nochmal: Wofür brauchst du das?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2012, 19:30
| #26 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde Zum auf dem aktuellen Stand halten vom IP Filter. |
|
31.10.2012, 20:05
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerde Auch durch das x-malige Wiederholen von unvollständigen Infos werd ich dadurch nicht schlauer  Nochmal konkreter nachgefragt: Warum brauchst du das im Zusammenhang mit uTorrent?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2012, 20:09
| #28 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde Soweit ich das weiß 'is es halt dafür da gewisse Regierungssachen oder schädliche Eingriffe zu blockieren bzw zu filtern. Mehr kann ich dir dazu nich sagen,weil ich mehr auch nich weiß als das. |
|
31.10.2012, 20:50
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Artemis vir & troj und andere maleware die ich nicht loswerde 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.11.2012, 05:22
| #30 |
| | Artemis vir & troj und andere maleware die ich nicht loswerde TDSS-Log Code:
ATTFilter 04:26:35.0192 12196 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
04:26:36.0064 12196 ============================================================
04:26:36.0064 12196 Current date / time: 2012/11/06 04:26:36.0064
04:26:36.0064 12196 SystemInfo:
04:26:36.0064 12196
04:26:36.0064 12196 OS Version: 6.1.7601 ServicePack: 1.0
04:26:36.0064 12196 Product type: Workstation
04:26:36.0065 12196 ComputerName: CALIPCI
04:26:36.0065 12196 UserName: cali
04:26:36.0065 12196 Windows directory: C:\Windows
04:26:36.0065 12196 System windows directory: C:\Windows
04:26:36.0065 12196 Processor architecture: Intel x86
04:26:36.0065 12196 Number of processors: 4
04:26:36.0065 12196 Page size: 0x1000
04:26:36.0065 12196 Boot type: Normal boot
04:26:36.0065 12196 ============================================================
04:26:37.0946 12196 Drive \Device\Harddisk0\DR0 - Size: 0x2E93D2DE00 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:26:37.0958 12196 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:26:37.0962 12196 ============================================================
04:26:37.0962 12196 \Device\Harddisk0\DR0:
04:26:37.0962 12196 MBR partitions:
04:26:37.0962 12196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBBD13E4
04:26:37.0977 12196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0xBBD1462, BlocksNum 0xB8CC95F
04:26:37.0977 12196 \Device\Harddisk1\DR1:
04:26:37.0993 12196 MBR partitions:
04:26:38.0002 12196 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
04:26:38.0002 12196 ============================================================
04:26:38.0050 12196 C: <-> \Device\Harddisk0\DR0\Partition1
04:26:38.0082 12196 D: <-> \Device\Harddisk1\DR1\Partition1
04:26:38.0082 12196 E: <-> \Device\Harddisk0\DR0\Partition2
04:26:38.0197 12196 ============================================================
04:26:38.0198 12196 Initialize success
04:26:38.0198 12196 ============================================================
05:15:28.0400 6172 ============================================================
05:15:28.0400 6172 Scan started
05:15:28.0400 6172 Mode: Manual; SigCheck; TDLFS;
05:15:28.0400 6172 ============================================================
05:15:29.0579 6172 ================ Scan system memory ========================
05:15:29.0579 6172 System memory - ok
05:15:29.0579 6172 ================ Scan services =============================
05:15:29.0749 6172 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:15:29.0955 6172 1394ohci - ok
05:15:30.0109 6172 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA C:\Users\cali\Downloads\EmsisoftEmergencyKit\Run\a2ddax86.sys
05:15:30.0168 6172 A2DDA - ok
05:15:30.0208 6172 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:15:30.0228 6172 ACPI - ok
05:15:30.0251 6172 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:15:30.0343 6172 AcpiPmi - ok
05:15:30.0388 6172 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:15:30.0414 6172 adp94xx - ok
05:15:30.0433 6172 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:15:30.0455 6172 adpahci - ok
05:15:30.0468 6172 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:15:30.0486 6172 adpu320 - ok
05:15:30.0506 6172 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:15:30.0660 6172 AeLookupSvc - ok
05:15:30.0699 6172 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
05:15:30.0823 6172 AFD - ok
05:15:30.0858 6172 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
05:15:30.0874 6172 agp440 - ok
05:15:30.0908 6172 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
05:15:30.0924 6172 aic78xx - ok
05:15:30.0949 6172 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
05:15:31.0009 6172 ALG - ok
05:15:31.0048 6172 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
05:15:31.0064 6172 aliide - ok
05:15:31.0076 6172 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
05:15:31.0093 6172 amdagp - ok
05:15:31.0104 6172 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
05:15:31.0119 6172 amdide - ok
05:15:31.0158 6172 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:15:31.0200 6172 AmdK8 - ok
05:15:31.0244 6172 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
05:15:31.0301 6172 AmdLLD - ok
05:15:31.0314 6172 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:15:31.0340 6172 AmdPPM - ok
05:15:31.0359 6172 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:15:31.0376 6172 amdsata - ok
05:15:31.0405 6172 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:15:31.0424 6172 amdsbs - ok
05:15:31.0443 6172 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:15:31.0459 6172 amdxata - ok
05:15:31.0491 6172 [ 48E008CF2EDCF8FC91A9D3507865A51D ] anodlwf C:\Windows\system32\DRIVERS\anodlwf.sys
05:15:31.0538 6172 anodlwf - ok
05:15:31.0596 6172 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
05:15:31.0684 6172 AppHostSvc - ok
05:15:31.0721 6172 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
05:15:31.0856 6172 AppID - ok
05:15:31.0884 6172 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:15:31.0931 6172 AppIDSvc - ok
05:15:31.0973 6172 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
05:15:32.0044 6172 Appinfo - ok
05:15:32.0081 6172 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
05:15:32.0144 6172 AppMgmt - ok
05:15:32.0174 6172 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
05:15:32.0190 6172 arc - ok
05:15:32.0205 6172 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:15:32.0223 6172 arcsas - ok
05:15:32.0330 6172 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
05:15:32.0344 6172 aspnet_state - ok
05:15:32.0373 6172 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:15:32.0491 6172 AsyncMac - ok
05:15:32.0520 6172 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
05:15:32.0535 6172 atapi - ok
05:15:32.0585 6172 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:15:32.0626 6172 AudioEndpointBuilder - ok
05:15:32.0638 6172 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
05:15:32.0669 6172 Audiosrv - ok
05:15:32.0710 6172 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:15:32.0801 6172 AxInstSV - ok
05:15:32.0830 6172 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
05:15:32.0876 6172 b06bdrv - ok
05:15:32.0904 6172 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
05:15:32.0949 6172 b57nd60x - ok
05:15:32.0973 6172 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
05:15:33.0066 6172 BDESVC - ok
05:15:33.0075 6172 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
05:15:33.0105 6172 Beep - ok
05:15:33.0148 6172 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
05:15:33.0196 6172 BFE - ok
05:15:33.0391 6172 [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20121030.002\BHDrvx86.sys
05:15:33.0436 6172 BHDrvx86 - ok
05:15:33.0474 6172 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
05:15:33.0524 6172 BITS - ok
05:15:33.0543 6172 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:15:33.0575 6172 blbdrive - ok
05:15:33.0618 6172 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:15:33.0668 6172 bowser - ok
05:15:33.0683 6172 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:15:33.0719 6172 BrFiltLo - ok
05:15:33.0730 6172 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:15:33.0768 6172 BrFiltUp - ok
05:15:33.0808 6172 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
05:15:33.0905 6172 Browser - ok
05:15:33.0921 6172 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:15:33.0983 6172 Brserid - ok
05:15:33.0995 6172 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:15:34.0021 6172 BrSerWdm - ok
05:15:34.0034 6172 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:15:34.0060 6172 BrUsbMdm - ok
05:15:34.0070 6172 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:15:34.0113 6172 BrUsbSer - ok
05:15:34.0129 6172 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:15:34.0148 6172 BTHMODEM - ok
05:15:34.0179 6172 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
05:15:34.0238 6172 bthserv - ok
05:15:34.0304 6172 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402000.013\ccSetx86.sys
05:15:34.0319 6172 ccSet_N360 - ok
05:15:34.0348 6172 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:15:34.0413 6172 cdfs - ok
05:15:34.0469 6172 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
05:15:34.0500 6172 cdrom - ok
05:15:34.0532 6172 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
05:15:34.0609 6172 CertPropSvc - ok
05:15:34.0642 6172 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:15:34.0684 6172 circlass - ok
05:15:34.0708 6172 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
05:15:34.0728 6172 CLFS - ok
05:15:34.0865 6172 [ BB3FFA5E5FDC5892CE88D65AA3FEB47E ] CLPSLauncher C:\Program Files\Common Files\Comodo\launcher_service.exe
05:15:34.0883 6172 CLPSLauncher - ok
05:15:34.0945 6172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:15:34.0960 6172 clr_optimization_v2.0.50727_32 - ok
05:15:35.0022 6172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:15:35.0038 6172 clr_optimization_v4.0.30319_32 - ok
05:15:35.0054 6172 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:15:35.0103 6172 CmBatt - ok
05:15:35.0195 6172 [ 33BB8CAE8C960454F8D9031FA11003EB ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
05:15:35.0270 6172 cmdAgent - ok
05:15:35.0300 6172 [ 0698E3D45516E63B46C6A1C1B198C054 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
05:15:35.0333 6172 cmdGuard - ok
05:15:35.0349 6172 [ ECF6FFDEA7345A80AC524C491C02B866 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
05:15:35.0363 6172 cmdHlp - ok
05:15:35.0398 6172 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:15:35.0414 6172 cmdide - ok
05:15:35.0477 6172 [ E38282403B1D8D86B1B14549DFFAE978 ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys
05:15:35.0604 6172 cmudaxp ( UnsignedFile.Multi.Generic ) - warning
05:15:35.0604 6172 cmudaxp - detected UnsignedFile.Multi.Generic (1)
05:15:35.0643 6172 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
05:15:35.0688 6172 CNG - ok
05:15:35.0707 6172 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:15:35.0723 6172 Compbatt - ok
05:15:35.0744 6172 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:15:35.0797 6172 CompositeBus - ok
05:15:35.0805 6172 COMSysApp - ok
05:15:35.0822 6172 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:15:35.0838 6172 crcdisk - ok
05:15:35.0883 6172 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:15:35.0949 6172 CryptSvc - ok
05:15:35.0987 6172 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
05:15:36.0049 6172 CSC - ok
05:15:36.0088 6172 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
05:15:36.0124 6172 CscService - ok
05:15:36.0150 6172 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
05:15:36.0198 6172 DcomLaunch - ok
05:15:36.0222 6172 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
05:15:36.0268 6172 defragsvc - ok
05:15:36.0308 6172 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:15:36.0365 6172 DfsC - ok
05:15:36.0412 6172 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
05:15:36.0454 6172 Dhcp - ok
05:15:36.0478 6172 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
05:15:36.0513 6172 discache - ok
05:15:36.0547 6172 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:15:36.0563 6172 Disk - ok
05:15:36.0583 6172 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:15:36.0617 6172 Dnscache - ok
05:15:36.0653 6172 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
05:15:36.0694 6172 dot3svc - ok
05:15:36.0725 6172 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
05:15:36.0778 6172 DPS - ok
05:15:36.0858 6172 [ 28A88BB61B6B4A352729BA22BD2D2604 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
05:15:36.0929 6172 DragonUpdater - ok
05:15:36.0960 6172 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:15:36.0989 6172 drmkaud - ok
05:15:37.0024 6172 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:15:37.0057 6172 DXGKrnl - ok
05:15:37.0108 6172 [ C062A2B158ED9C643D24F8E33A607C9F ] D_Link_DWA-125_WPS C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe
05:15:37.0134 6172 D_Link_DWA-125_WPS ( UnsignedFile.Multi.Generic ) - warning
05:15:37.0134 6172 D_Link_DWA-125_WPS - detected UnsignedFile.Multi.Generic (1)
05:15:37.0169 6172 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
05:15:37.0215 6172 EapHost - ok
05:15:37.0309 6172 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
05:15:37.0414 6172 ebdrv - ok
05:15:37.0460 6172 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
05:15:37.0480 6172 eeCtrl - ok
05:15:37.0513 6172 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
05:15:37.0609 6172 EFS - ok
05:15:37.0663 6172 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:15:37.0748 6172 ehRecvr - ok
05:15:37.0769 6172 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
05:15:37.0830 6172 ehSched - ok
05:15:37.0868 6172 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:15:37.0894 6172 elxstor - ok
05:15:37.0924 6172 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:15:37.0938 6172 EraserUtilRebootDrv - ok
05:15:37.0970 6172 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:15:38.0002 6172 ErrDev - ok
05:15:38.0033 6172 [ 3F3126A8F73E92F8EB369D54977D9E15 ] ESLvnic1 C:\Windows\system32\DRIVERS\ESLvnic.sys
05:15:38.0049 6172 ESLvnic1 - ok
05:15:38.0113 6172 [ 176FB7ED196DC57F9D622E000D9EC1CD ] ESLWireAC C:\Windows\system32\drivers\ESLWireACD.sys
05:15:38.0159 6172 ESLWireAC - ok
05:15:38.0267 6172 [ 54187445E0A4DF6741DD382C5C38B848 ] EslWireHelper C:\Program Files\EslWire\service\WireHelperSvc.exe
05:15:38.0302 6172 EslWireHelper - ok
05:15:38.0333 6172 [ E5030E34DE21A6818E8586BFB7DD4B60 ] ET5Drv C:\Windows\system32\Drivers\ET5Drv.sys
05:15:38.0345 6172 ET5Drv - ok
05:15:38.0373 6172 [ 3AF0AE042AFE486B22644CD3FBEBF2E2 ] etdrv C:\Windows\etdrv.sys
05:15:38.0385 6172 etdrv - ok
05:15:38.0414 6172 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
05:15:38.0460 6172 EventSystem - ok
05:15:38.0499 6172 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
05:15:38.0543 6172 exfat - ok
05:15:38.0559 6172 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:15:38.0603 6172 fastfat - ok
05:15:38.0662 6172 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
05:15:38.0724 6172 Fax - ok
05:15:38.0738 6172 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:15:38.0768 6172 fdc - ok
05:15:38.0788 6172 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
05:15:38.0819 6172 fdPHost - ok
05:15:38.0833 6172 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
05:15:38.0863 6172 FDResPub - ok
05:15:38.0874 6172 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:15:38.0890 6172 FileInfo - ok
05:15:38.0905 6172 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:15:38.0947 6172 Filetrace - ok
05:15:39.0008 6172 [ E044B5C7CD5CEA728D13D30D431B13E0 ] FlashUSB C:\Windows\system32\DRIVERS\FlashUSB.sys
05:15:39.0054 6172 FlashUSB - ok
05:15:39.0098 6172 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
05:15:39.0125 6172 FLEXnet Licensing Service - ok
05:15:39.0145 6172 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:15:39.0175 6172 flpydisk - ok
05:15:39.0200 6172 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:15:39.0219 6172 FltMgr - ok
05:15:39.0272 6172 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
05:15:39.0347 6172 FontCache - ok
05:15:39.0402 6172 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
05:15:39.0415 6172 FontCache3.0.0.0 - ok
05:15:39.0433 6172 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:15:39.0449 6172 FsDepends - ok
05:15:39.0475 6172 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:15:39.0492 6172 Fs_Rec - ok
05:15:39.0538 6172 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:15:39.0560 6172 fvevol - ok
05:15:39.0580 6172 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:15:39.0598 6172 gagp30kx - ok
05:15:39.0630 6172 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\Windows\gdrv.sys
05:15:39.0643 6172 gdrv - ok
05:15:39.0708 6172 [ 9FB6B93950281CF67538873B32CB727E ] GeekBuddyRSP C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
05:15:39.0779 6172 GeekBuddyRSP ( UnsignedFile.Multi.Generic ) - warning
05:15:39.0779 6172 GeekBuddyRSP - detected UnsignedFile.Multi.Generic (1)
05:15:39.0838 6172 [ A73082BAB773171B34D656609C6D5854 ] GEST Service C:\Program Files\GIGABYTE\GEST\GSvr.exe
05:15:39.0852 6172 GEST Service - ok
05:15:39.0897 6172 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
05:15:39.0937 6172 gpsvc - ok
05:15:40.0077 6172 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
05:15:40.0093 6172 gupdate - ok
05:15:40.0099 6172 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
05:15:40.0113 6172 gupdatem - ok
05:15:40.0183 6172 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:15:40.0200 6172 gusvc - ok
05:15:40.0239 6172 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:15:40.0314 6172 hcw85cir - ok
05:15:40.0352 6172 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
05:15:40.0382 6172 HDAudBus - ok
05:15:40.0392 6172 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:15:40.0420 6172 HidBatt - ok
05:15:40.0435 6172 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:15:40.0454 6172 HidBth - ok
05:15:40.0475 6172 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:15:40.0502 6172 HidIr - ok
05:15:40.0522 6172 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
05:15:40.0552 6172 hidserv - ok
05:15:40.0620 6172 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
05:15:40.0649 6172 HidUsb - ok
05:15:40.0749 6172 [ C7F37B5BF7BBDE161E4256ED08E79108 ] HiPatchService D:\games\smite\HiPatchService.exe
05:15:40.0763 6172 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
05:15:40.0763 6172 HiPatchService - detected UnsignedFile.Multi.Generic (1)
05:15:40.0792 6172 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:15:40.0830 6172 hkmsvc - ok
05:15:40.0860 6172 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:15:40.0938 6172 HomeGroupListener - ok
05:15:40.0970 6172 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:15:41.0005 6172 HomeGroupProvider - ok
05:15:41.0050 6172 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:15:41.0068 6172 HpSAMD - ok
05:15:41.0113 6172 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:15:41.0162 6172 HTTP - ok
05:15:41.0192 6172 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:15:41.0207 6172 hwpolicy - ok
05:15:41.0242 6172 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:15:41.0268 6172 i8042prt - ok
05:15:41.0304 6172 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:15:41.0327 6172 iaStorV - ok
05:15:41.0392 6172 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:15:41.0414 6172 IDriverT ( UnsignedFile.Multi.Generic ) - warning
05:15:41.0414 6172 IDriverT - detected UnsignedFile.Multi.Generic (1)
05:15:41.0474 6172 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:15:41.0518 6172 idsvc - ok
05:15:41.0602 6172 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20121102.001\IDSvix86.sys
05:15:41.0623 6172 IDSVix86 - ok
05:15:41.0654 6172 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:15:41.0670 6172 iirsp - ok
05:15:41.0733 6172 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
05:15:41.0788 6172 IKEEXT - ok
05:15:41.0839 6172 [ D8A904B5F55C27277826BFA17271398B ] inspect C:\Windows\system32\DRIVERS\inspect.sys
05:15:41.0854 6172 inspect - ok
05:15:41.0865 6172 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
05:15:41.0880 6172 intelide - ok
05:15:41.0909 6172 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:15:41.0935 6172 intelppm - ok
05:15:41.0959 6172 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:15:41.0997 6172 IPBusEnum - ok
05:15:42.0014 6172 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:15:42.0054 6172 IpFilterDriver - ok
05:15:42.0108 6172 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:15:42.0154 6172 iphlpsvc - ok
05:15:42.0177 6172 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:15:42.0205 6172 IPMIDRV - ok
05:15:42.0233 6172 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:15:42.0285 6172 IPNAT - ok
05:15:42.0310 6172 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:15:42.0385 6172 IRENUM - ok
05:15:42.0418 6172 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:15:42.0434 6172 isapnp - ok
05:15:42.0455 6172 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:15:42.0475 6172 iScsiPrt - ok
05:15:42.0504 6172 [ AB95B2DDB49F6B6CF52625E56C1F1F71 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
05:15:42.0547 6172 JRAID - ok
05:15:42.0573 6172 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
05:15:42.0589 6172 kbdclass - ok
05:15:42.0623 6172 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
05:15:42.0657 6172 kbdhid - ok
05:15:42.0673 6172 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
05:15:42.0689 6172 KeyIso - ok
05:15:42.0715 6172 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:15:42.0733 6172 KSecDD - ok
05:15:42.0758 6172 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:15:42.0777 6172 KSecPkg - ok
05:15:42.0803 6172 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
05:15:42.0850 6172 KtmRm - ok
05:15:42.0879 6172 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
05:15:42.0928 6172 LanmanServer - ok
05:15:42.0953 6172 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:15:42.0997 6172 LanmanWorkstation - ok
05:15:43.0062 6172 Lavasoft Kernexplorer - ok
05:15:43.0107 6172 Lbd - ok
05:15:43.0305 6172 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
05:15:43.0388 6172 LBTServ - ok
05:15:43.0422 6172 [ 170E7093A77AD586F3A012A3DB651D94 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
05:15:43.0455 6172 LGBusEnum - ok
05:15:43.0543 6172 [ 8BC8FC5A6E1F818FD63C67218289C9ED ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
05:15:43.0557 6172 LGSHidFilt - ok
05:15:43.0579 6172 [ D2DD04D1C8DF65EECD1F2C7FB947D43E ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
05:15:43.0592 6172 LGVirHid - ok
05:15:43.0634 6172 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
05:15:43.0648 6172 LHidFilt - ok
05:15:43.0683 6172 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
05:15:43.0695 6172 libusb0 ( UnsignedFile.Multi.Generic ) - warning
05:15:43.0695 6172 libusb0 - detected UnsignedFile.Multi.Generic (1)
05:15:43.0729 6172 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:15:43.0777 6172 lltdio - ok
05:15:43.0809 6172 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:15:43.0855 6172 lltdsvc - ok
05:15:43.0868 6172 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
05:15:43.0905 6172 lmhosts - ok
05:15:43.0935 6172 [ B46E39B8AE439D7CE75A923E7F950040 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
05:15:43.0950 6172 LMouFilt - ok
05:15:43.0975 6172 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:15:43.0994 6172 LSI_FC - ok
05:15:44.0024 6172 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:15:44.0042 6172 LSI_SAS - ok
05:15:44.0062 6172 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:15:44.0079 6172 LSI_SAS2 - ok
05:15:44.0090 6172 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:15:44.0108 6172 LSI_SCSI - ok
05:15:44.0122 6172 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
05:15:44.0168 6172 luafv - ok
05:15:44.0197 6172 [ 9BBD8674C1D3811B851C8CF8A8E30E2C ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
05:15:44.0210 6172 LUsbFilt - ok
05:15:44.0310 6172 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:15:44.0344 6172 Mcx2Svc - ok
05:15:44.0355 6172 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:15:44.0373 6172 megasas - ok
05:15:44.0470 6172 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:15:44.0514 6172 MegaSR - ok
05:15:44.0715 6172 Microsoft SharePoint Workspace Audit Service - ok
05:15:44.0758 6172 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
05:15:44.0825 6172 MMCSS - ok
05:15:44.0850 6172 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
05:15:44.0914 6172 Modem - ok
05:15:44.0935 6172 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:15:44.0967 6172 monitor - ok
05:15:45.0025 6172 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
05:15:45.0042 6172 mouclass - ok
05:15:45.0060 6172 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:15:45.0078 6172 mouhid - ok
05:15:45.0113 6172 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:15:45.0130 6172 mountmgr - ok
05:15:45.0184 6172 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
05:15:45.0202 6172 MozillaMaintenance - ok
05:15:45.0238 6172 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
05:15:45.0263 6172 mpio - ok
05:15:45.0275 6172 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:15:45.0308 6172 mpsdrv - ok
05:15:45.0344 6172 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:15:45.0394 6172 MpsSvc - ok
05:15:45.0429 6172 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:15:45.0464 6172 MRxDAV - ok
05:15:45.0499 6172 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:15:45.0553 6172 mrxsmb - ok
05:15:45.0570 6172 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:15:45.0590 6172 mrxsmb10 - ok
05:15:45.0604 6172 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:15:45.0622 6172 mrxsmb20 - ok
05:15:45.0652 6172 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
05:15:45.0668 6172 msahci - ok
05:15:45.0720 6172 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
05:15:45.0727 6172 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
05:15:45.0727 6172 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
05:15:45.0743 6172 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:15:45.0760 6172 msdsm - ok
05:15:45.0784 6172 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
05:15:45.0818 6172 MSDTC - ok
05:15:45.0847 6172 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:15:45.0875 6172 Msfs - ok
05:15:45.0889 6172 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:15:45.0923 6172 mshidkmdf - ok
05:15:45.0954 6172 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:15:45.0969 6172 msisadrv - ok
05:15:45.0997 6172 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:15:46.0038 6172 MSiSCSI - ok
05:15:46.0042 6172 msiserver - ok
05:15:46.0075 6172 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:15:46.0105 6172 MSKSSRV - ok
05:15:46.0119 6172 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:15:46.0160 6172 MSPCLOCK - ok
05:15:46.0172 6172 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:15:46.0202 6172 MSPQM - ok
05:15:46.0219 6172 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:15:46.0238 6172 MsRPC - ok
05:15:46.0277 6172 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:15:46.0292 6172 mssmbios - ok
05:15:46.0392 6172 MSSQL$SOLARWINDS_ORION - ok
05:15:46.0440 6172 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
05:15:46.0465 6172 MSSQLServerADHelper - ok
05:15:46.0489 6172 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:15:46.0519 6172 MSTEE - ok
05:15:46.0532 6172 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:15:46.0554 6172 MTConfig - ok
05:15:46.0569 6172 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
05:15:46.0585 6172 Mup - ok
05:15:46.0650 6172 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
05:15:46.0665 6172 N360 - ok
05:15:46.0707 6172 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
05:15:46.0755 6172 napagent - ok
05:15:46.0790 6172 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:15:46.0825 6172 NativeWifiP - ok
05:15:46.0895 6172 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121105.003\NAVENG.SYS
05:15:46.0910 6172 NAVENG - ok
05:15:46.0973 6172 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121105.003\NAVEX15.SYS
05:15:47.0040 6172 NAVEX15 - ok
05:15:47.0079 6172 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
05:15:47.0115 6172 NDIS - ok
05:15:47.0154 6172 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:15:47.0184 6172 NdisCap - ok
05:15:47.0204 6172 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:15:47.0247 6172 NdisTapi - ok
05:15:47.0285 6172 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:15:47.0327 6172 Ndisuio - ok
05:15:47.0354 6172 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:15:47.0384 6172 NdisWan - ok
05:15:47.0418 6172 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:15:47.0454 6172 NDProxy - ok
05:15:47.0485 6172 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:15:47.0523 6172 NetBIOS - ok
05:15:47.0560 6172 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:15:47.0598 6172 NetBT - ok
05:15:47.0614 6172 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
05:15:47.0632 6172 Netlogon - ok
05:15:47.0674 6172 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
05:15:47.0719 6172 Netman - ok
05:15:47.0792 6172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
05:15:47.0808 6172 NetMsmqActivator - ok
05:15:47.0813 6172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
05:15:47.0827 6172 NetPipeActivator - ok
05:15:47.0849 6172 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
05:15:47.0907 6172 netprofm - ok
05:15:47.0979 6172 [ A00C7E982813B075D567436FB20F0504 ] netr28u C:\Windows\system32\DRIVERS\Dnetr28u.sys
05:15:48.0043 6172 netr28u - ok
05:15:48.0048 6172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
05:15:48.0063 6172 NetTcpActivator - ok
05:15:48.0068 6172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
05:15:48.0082 6172 NetTcpPortSharing - ok
05:15:48.0115 6172 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:15:48.0133 6172 nfrd960 - ok
05:15:48.0270 6172 [ F035AFD5C9F4EC4A7F9B503D3B5C609E ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
05:15:48.0377 6172 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
05:15:48.0377 6172 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
05:15:48.0413 6172 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:15:48.0455 6172 NlaSvc - ok
05:15:48.0484 6172 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
05:15:48.0498 6172 NPF - ok
05:15:48.0509 6172 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:15:48.0549 6172 Npfs - ok
05:15:48.0582 6172 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
05:15:48.0623 6172 nsi - ok
05:15:48.0647 6172 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:15:48.0683 6172 nsiproxy - ok
05:15:48.0738 6172 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:15:48.0797 6172 Ntfs - ok
05:15:48.0805 6172 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
05:15:48.0848 6172 Null - ok
05:15:49.0129 6172 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:15:49.0463 6172 nvlddmkm - ok
05:15:49.0530 6172 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:15:49.0548 6172 nvraid - ok
05:15:49.0570 6172 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:15:49.0589 6172 nvstor - ok
05:15:49.0642 6172 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
05:15:49.0670 6172 nvsvc - ok
05:15:49.0745 6172 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:15:49.0802 6172 nvUpdatusService - ok
05:15:49.0829 6172 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:15:49.0847 6172 nv_agp - ok
05:15:49.0875 6172 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:15:49.0902 6172 ohci1394 - ok
05:15:49.0960 6172 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:15:49.0977 6172 ose - ok
05:15:50.0134 6172 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
05:15:50.0290 6172 osppsvc - ok
05:15:50.0323 6172 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:15:50.0379 6172 p2pimsvc - ok
05:15:50.0400 6172 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
05:15:50.0434 6172 p2psvc - ok
05:15:50.0478 6172 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
05:15:50.0510 6172 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
05:15:50.0510 6172 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
05:15:50.0533 6172 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:15:50.0552 6172 Parport - ok
05:15:50.0592 6172 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:15:50.0608 6172 partmgr - ok
05:15:50.0618 6172 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
05:15:50.0635 6172 Parvdm - ok
05:15:50.0664 6172 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
05:15:50.0699 6172 PcaSvc - ok
05:15:50.0713 6172 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
05:15:50.0732 6172 pci - ok
05:15:50.0765 6172 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
05:15:50.0782 6172 pciide - ok
05:15:50.0802 6172 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:15:50.0822 6172 pcmcia - ok
05:15:50.0838 6172 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
05:15:50.0856 6172 pcw - ok
05:15:50.0889 6172 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:15:50.0943 6172 PEAUTH - ok
05:15:50.0988 6172 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
05:15:51.0077 6172 PeerDistSvc - ok
05:15:51.0129 6172 [ 2CF226173B467AB48F89D77E89936951 ] pgfilter C:\Program Files\PeerGuardian2\pgfilter.sys
05:15:51.0149 6172 pgfilter ( UnsignedFile.Multi.Generic ) - warning
05:15:51.0149 6172 pgfilter - detected UnsignedFile.Multi.Generic (1)
05:15:51.0208 6172 [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928 C:\Windows\system32\DRIVERS\LV561AV.SYS
05:15:51.0233 6172 PID_0928 - ok
05:15:51.0289 6172 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
05:15:51.0382 6172 pla - ok
05:15:51.0439 6172 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:15:51.0472 6172 PlugPlay - ok
05:15:51.0496 6172 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:15:51.0527 6172 PNRPAutoReg - ok
05:15:51.0549 6172 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:15:51.0569 6172 PNRPsvc - ok
05:15:51.0614 6172 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:15:51.0663 6172 PolicyAgent - ok
05:15:51.0692 6172 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
05:15:51.0737 6172 Power - ok
05:15:51.0772 6172 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:15:51.0813 6172 PptpMiniport - ok
05:15:51.0831 6172 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:15:51.0866 6172 Processor - ok
05:15:51.0913 6172 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
05:15:51.0959 6172 ProfSvc - ok
05:15:51.0973 6172 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
05:15:51.0991 6172 ProtectedStorage - ok
05:15:52.0011 6172 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:15:52.0042 6172 Psched - ok
05:15:52.0081 6172 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
05:15:52.0094 6172 PxHelp20 - ok
05:15:52.0144 6172 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:15:52.0206 6172 ql2300 - ok
05:15:52.0224 6172 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:15:52.0242 6172 ql40xx - ok
05:15:52.0268 6172 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
05:15:52.0293 6172 QWAVE - ok
05:15:52.0306 6172 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:15:52.0334 6172 QWAVEdrv - ok
05:15:52.0349 6172 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:15:52.0389 6172 RasAcd - ok
05:15:52.0417 6172 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:15:52.0454 6172 RasAgileVpn - ok
05:15:52.0471 6172 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
05:15:52.0502 6172 RasAuto - ok
05:15:52.0511 6172 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:15:52.0552 6172 Rasl2tp - ok
05:15:52.0602 6172 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
05:15:52.0637 6172 RasMan - ok
05:15:52.0648 6172 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:15:52.0699 6172 RasPppoe - ok
05:15:52.0727 6172 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:15:52.0767 6172 RasSstp - ok
05:15:52.0802 6172 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:15:52.0833 6172 rdbss - ok
05:15:52.0843 6172 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:15:52.0873 6172 rdpbus - ok
05:15:52.0898 6172 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:15:52.0926 6172 RDPCDD - ok
05:15:52.0946 6172 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
05:15:53.0009 6172 RDPDR - ok
05:15:53.0033 6172 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:15:53.0068 6172 RDPENCDD - ok
05:15:53.0082 6172 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:15:53.0109 6172 RDPREFMP - ok
05:15:53.0143 6172 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
05:15:53.0197 6172 RdpVideoMiniport - ok
05:15:53.0228 6172 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:15:53.0276 6172 RDPWD - ok
05:15:53.0316 6172 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:15:53.0336 6172 rdyboost - ok
05:15:53.0359 6172 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
05:15:53.0389 6172 RemoteAccess - ok
05:15:53.0408 6172 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:15:53.0452 6172 RemoteRegistry - ok
05:15:53.0517 6172 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
05:15:53.0533 6172 rpcapd - ok
05:15:53.0574 6172 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:15:53.0618 6172 RpcEptMapper - ok
05:15:53.0647 6172 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
05:15:53.0666 6172 RpcLocator - ok
05:15:53.0698 6172 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
05:15:53.0731 6172 RpcSs - ok
05:15:53.0768 6172 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:15:53.0807 6172 rspndr - ok
05:15:53.0839 6172 [ 4E20765744BFBC16F6D6E5BD5598786B ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
05:15:53.0857 6172 RTL8023xp - ok
05:15:53.0883 6172 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
05:15:53.0951 6172 s3cap - ok
05:15:53.0959 6172 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
05:15:53.0977 6172 SamSs - ok
05:15:54.0016 6172 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:15:54.0046 6172 sbp2port - ok
05:15:54.0083 6172 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:15:54.0156 6172 SCardSvr - ok
05:15:54.0191 6172 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:15:54.0229 6172 scfilter - ok
05:15:54.0273 6172 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
05:15:54.0337 6172 Schedule - ok
05:15:54.0368 6172 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
05:15:54.0396 6172 SCPolicySvc - ok
05:15:54.0436 6172 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:15:54.0508 6172 SDRSVC - ok
05:15:54.0546 6172 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:15:54.0677 6172 secdrv - ok
05:15:54.0701 6172 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
05:15:54.0733 6172 seclogon - ok
05:15:54.0756 6172 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
05:15:54.0812 6172 SENS - ok
05:15:54.0837 6172 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:15:54.0887 6172 SensrSvc - ok
05:15:54.0916 6172 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:15:54.0933 6172 Serenum - ok
05:15:54.0953 6172 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:15:54.0971 6172 Serial - ok
05:15:54.0984 6172 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:15:55.0001 6172 sermouse - ok
05:15:55.0038 6172 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
05:15:55.0069 6172 SessionEnv - ok
05:15:55.0099 6172 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:15:55.0159 6172 sffdisk - ok
05:15:55.0173 6172 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:15:55.0199 6172 sffp_mmc - ok
05:15:55.0216 6172 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:15:55.0246 6172 sffp_sd - ok
05:15:55.0271 6172 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:15:55.0299 6172 sfloppy - ok
05:15:55.0328 6172 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:15:55.0373 6172 SharedAccess - ok
05:15:55.0404 6172 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:15:55.0441 6172 ShellHWDetection - ok
05:15:55.0456 6172 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
05:15:55.0473 6172 sisagp - ok
05:15:55.0514 6172 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:15:55.0532 6172 SiSRaid2 - ok
05:15:55.0551 6172 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:15:55.0568 6172 SiSRaid4 - ok
05:15:55.0622 6172 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
05:15:55.0637 6172 SkypeUpdate - ok
05:15:55.0672 6172 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:15:55.0713 6172 Smb - ok
05:15:55.0759 6172 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:15:55.0796 6172 SNMPTRAP - ok
05:15:55.0847 6172 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
05:15:55.0863 6172 SonicStage Back-End Service - ok
05:15:55.0889 6172 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
05:15:55.0906 6172 spldr - ok
05:15:55.0948 6172 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
05:15:56.0022 6172 Spooler - ok
05:15:56.0134 6172 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
05:15:56.0259 6172 sppsvc - ok
05:15:56.0288 6172 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:15:56.0318 6172 sppuinotify - ok
05:15:56.0367 6172 [ A80CD850D69D996C832BEA37E3A6AA1E ] sptd C:\Windows\System32\Drivers\sptd.sys
05:15:56.0418 6172 sptd - ok
05:15:56.0443 6172 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
05:15:56.0458 6172 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
05:15:56.0458 6172 SPTISRV - detected UnsignedFile.Multi.Generic (1)
05:15:56.0496 6172 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
05:15:56.0514 6172 SQLBrowser - ok
05:15:56.0582 6172 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\System32\Drivers\N360\1402000.013\SRTSP.SYS
05:15:56.0616 6172 SRTSP - ok
05:15:56.0638 6172 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402000.013\SRTSPX.SYS
05:15:56.0652 6172 SRTSPX - ok
05:15:56.0684 6172 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
05:15:56.0739 6172 srv - ok
05:15:56.0774 6172 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:15:56.0797 6172 srv2 - ok
05:15:56.0809 6172 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:15:56.0838 6172 srvnet - ok
05:15:56.0867 6172 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:15:56.0901 6172 SSDPSRV - ok
05:15:56.0918 6172 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
05:15:56.0932 6172 SSScsiSV - ok
05:15:56.0948 6172 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:15:56.0988 6172 SstpSvc - ok
05:15:57.0036 6172 Steam Client Service - ok
05:15:57.0052 6172 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:15:57.0068 6172 stexstor - ok
05:15:57.0131 6172 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
05:15:57.0179 6172 StiSvc - ok
05:15:57.0208 6172 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
05:15:57.0224 6172 storflt - ok
05:15:57.0257 6172 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
05:15:57.0274 6172 storvsc - ok
05:15:57.0301 6172 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
05:15:57.0317 6172 swenum - ok
05:15:57.0414 6172 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
05:15:57.0447 6172 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
05:15:57.0447 6172 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
05:15:57.0476 6172 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
05:15:57.0512 6172 swprv - ok
05:15:57.0556 6172 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402000.013\SYMDS.SYS
05:15:57.0577 6172 SymDS - ok
05:15:57.0626 6172 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402000.013\SYMEFA.SYS
05:15:57.0671 6172 SymEFA - ok
05:15:57.0693 6172 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
05:15:57.0709 6172 SymEvent - ok
05:15:57.0732 6172 [ 3DAAD401453F5A46CAE076F9D9D1458E ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
05:15:57.0746 6172 SymIM - ok
05:15:57.0768 6172 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402000.013\Ironx86.SYS
05:15:57.0784 6172 SymIRON - ok
05:15:57.0822 6172 [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS C:\Windows\System32\Drivers\N360\1402000.013\SYMNETS.SYS
05:15:57.0842 6172 SymNetS - ok
05:15:57.0887 6172 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
05:15:57.0952 6172 SysMain - ok
05:15:57.0978 6172 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:15:58.0016 6172 TabletInputService - ok
05:15:58.0046 6172 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
05:15:58.0079 6172 TapiSrv - ok
05:15:58.0103 6172 [ 3F92B6B36F2EF23DA1FA44874294785C ] TarFltr C:\Windows\system32\Drivers\UsbFltr.sys
05:15:58.0131 6172 TarFltr - ok
05:15:58.0161 6172 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
05:15:58.0192 6172 TBS - ok
05:15:58.0266 6172 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:15:58.0324 6172 Tcpip - ok
05:15:58.0373 6172 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:15:58.0406 6172 TCPIP6 - ok
05:15:58.0434 6172 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:15:58.0467 6172 tcpipreg - ok
05:15:58.0501 6172 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:15:58.0539 6172 TDPIPE - ok
05:15:58.0566 6172 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:15:58.0583 6172 TDTCP - ok
05:15:58.0616 6172 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:15:58.0644 6172 tdx - ok
05:15:58.0668 6172 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
05:15:58.0684 6172 TermDD - ok
05:15:58.0731 6172 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
05:15:58.0776 6172 TermService - ok
05:15:58.0802 6172 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
05:15:58.0833 6172 Themes - ok
05:15:58.0858 6172 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
05:15:58.0888 6172 THREADORDER - ok
05:15:58.0913 6172 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
05:15:58.0952 6172 TrkWks - ok
05:15:58.0997 6172 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:15:59.0042 6172 TrustedInstaller - ok
05:15:59.0068 6172 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:15:59.0108 6172 tssecsrv - ok
05:15:59.0127 6172 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:15:59.0178 6172 TsUsbFlt - ok
05:15:59.0242 6172 [ D30FB93BAEBE0E99C6A5566F0AD8079A ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
05:15:59.0264 6172 TuneUp.Defrag - ok
05:15:59.0307 6172 [ D7E93C6D484E4809D17290D17B120A0D ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
05:15:59.0352 6172 TuneUp.UtilitiesSvc - ok
05:15:59.0373 6172 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
05:15:59.0386 6172 TuneUpUtilitiesDrv - ok
05:15:59.0432 6172 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:15:59.0461 6172 tunnel - ok
05:15:59.0486 6172 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:15:59.0502 6172 uagp35 - ok
05:15:59.0536 6172 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:15:59.0579 6172 udfs - ok
05:15:59.0613 6172 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:15:59.0656 6172 UI0Detect - ok
05:15:59.0701 6172 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:15:59.0718 6172 uliagpkx - ok
05:15:59.0758 6172 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
05:15:59.0776 6172 umbus - ok
05:15:59.0802 6172 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:15:59.0831 6172 UmPass - ok
05:15:59.0863 6172 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
05:15:59.0884 6172 UmRdpService - ok
05:15:59.0919 6172 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
05:15:59.0964 6172 upnphost - ok
05:16:00.0009 6172 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
05:16:00.0068 6172 usbbus - ok
05:16:00.0091 6172 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
05:16:00.0143 6172 usbccgp - ok
05:16:00.0182 6172 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:16:00.0214 6172 usbcir - ok
05:16:00.0259 6172 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
05:16:00.0282 6172 UsbDiag - ok
05:16:00.0301 6172 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:16:00.0318 6172 usbehci - ok
05:16:00.0346 6172 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
05:16:00.0382 6172 usbhub - ok
05:16:00.0411 6172 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
05:16:00.0426 6172 USBModem - ok
05:16:00.0446 6172 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:16:00.0463 6172 usbohci - ok
05:16:00.0484 6172 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:16:00.0504 6172 usbprint - ok
05:16:00.0522 6172 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:16:00.0619 6172 USBSTOR - ok
05:16:00.0651 6172 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:16:00.0677 6172 usbuhci - ok
05:16:00.0721 6172 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
05:16:00.0751 6172 UxSms - ok
05:16:00.0782 6172 [ D4F835E82B92A6BC7BA999949F833022 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
05:16:00.0797 6172 UxTuneUp - ok
05:16:00.0806 6172 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
05:16:00.0822 6172 VaultSvc - ok
05:16:00.0859 6172 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:16:00.0876 6172 vdrvroot - ok
05:16:00.0912 6172 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
05:16:00.0951 6172 vds - ok
05:16:00.0982 6172 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:16:01.0002 6172 vga - ok
05:16:01.0014 6172 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
05:16:01.0043 6172 VgaSave - ok
05:16:01.0077 6172 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:16:01.0096 6172 vhdmp - ok
05:16:01.0117 6172 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
05:16:01.0134 6172 viaagp - ok
05:16:01.0144 6172 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
05:16:01.0163 6172 ViaC7 - ok
05:16:01.0188 6172 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
05:16:01.0204 6172 viaide - ok
05:16:01.0219 6172 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
05:16:01.0239 6172 vmbus - ok
05:16:01.0253 6172 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
05:16:01.0269 6172 VMBusHID - ok
05:16:01.0283 6172 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:16:01.0301 6172 volmgr - ok
05:16:01.0316 6172 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:16:01.0338 6172 volmgrx - ok
05:16:01.0356 6172 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:16:01.0376 6172 volsnap - ok
05:16:01.0401 6172 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:16:01.0421 6172 vsmraid - ok
05:16:01.0489 6172 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
05:16:01.0577 6172 VSS - ok
05:16:01.0598 6172 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
05:16:01.0626 6172 vwifibus - ok
05:16:01.0638 6172 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
05:16:01.0668 6172 vwififlt - ok
05:16:01.0703 6172 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
05:16:01.0731 6172 vwifimp - ok
05:16:01.0764 6172 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
05:16:01.0811 6172 W32Time - ok
05:16:01.0878 6172 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
05:16:01.0902 6172 W3SVC - ok
05:16:01.0919 6172 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:16:01.0946 6172 WacomPen - ok
05:16:01.0968 6172 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:16:02.0021 6172 WANARP - ok
05:16:02.0024 6172 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:16:02.0051 6172 Wanarpv6 - ok
05:16:02.0071 6172 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
05:16:02.0099 6172 WAS - ok
05:16:02.0158 6172 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
05:16:02.0248 6172 wbengine - ok
05:16:02.0279 6172 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:16:02.0317 6172 WbioSrvc - ok
05:16:02.0347 6172 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:16:02.0384 6172 wcncsvc - ok
05:16:02.0401 6172 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:16:02.0473 6172 WcsPlugInService - ok
05:16:02.0491 6172 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:16:02.0507 6172 Wd - ok
05:16:02.0529 6172 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:16:02.0556 6172 Wdf01000 - ok
05:16:02.0563 6172 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:16:02.0627 6172 WdiServiceHost - ok
05:16:02.0631 6172 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:16:02.0652 6172 WdiSystemHost - ok
05:16:02.0687 6172 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
05:16:02.0726 6172 WebClient - ok
05:16:02.0754 6172 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:16:02.0797 6172 Wecsvc - ok
05:16:02.0813 6172 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:16:02.0857 6172 wercplsupport - ok
05:16:02.0883 6172 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
05:16:02.0928 6172 WerSvc - ok
05:16:02.0969 6172 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:16:03.0014 6172 WfpLwf - ok
05:16:03.0029 6172 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:16:03.0068 6172 WIMMount - ok
05:16:03.0207 6172 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
05:16:03.0337 6172 WinDefend - ok
05:16:03.0343 6172 WinHttpAutoProxySvc - ok
05:16:03.0563 6172 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:16:03.0594 6172 Winmgmt - ok
05:16:03.0696 6172 WinRing0_1_2_0 - ok
05:16:03.0869 6172 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
05:16:03.0999 6172 WinRM - ok
05:16:04.0032 6172 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
05:16:04.0051 6172 WinUsb - ok
05:16:04.0086 6172 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
05:16:04.0144 6172 Wlansvc - ok
05:16:04.0257 6172 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:16:04.0327 6172 wlidsvc - ok
05:16:04.0356 6172 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:16:04.0384 6172 WmiAcpi - ok
05:16:04.0411 6172 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:16:04.0446 6172 wmiApSrv - ok
05:16:04.0514 6172 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
05:16:04.0611 6172 WMPNetworkSvc - ok
05:16:04.0628 6172 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:16:04.0689 6172 WPCSvc - ok
05:16:04.0722 6172 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:16:04.0757 6172 WPDBusEnum - ok
05:16:04.0782 6172 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:16:04.0826 6172 ws2ifsl - ok
05:16:04.0848 6172 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
05:16:04.0882 6172 wscsvc - ok
05:16:04.0886 6172 WSearch - ok
05:16:04.0962 6172 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
05:16:05.0051 6172 wuauserv - ok
05:16:05.0064 6172 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:16:05.0106 6172 WudfPf - ok
05:16:05.0162 6172 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:16:05.0202 6172 WUDFRd - ok
05:16:05.0241 6172 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:16:05.0271 6172 wudfsvc - ok
05:16:05.0293 6172 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
05:16:05.0324 6172 WwanSvc - ok
05:16:05.0398 6172 [ 74EC37B9EAF9FCA015B933A526825C7A ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
05:16:05.0414 6172 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
05:16:05.0431 6172 ================ Scan global ===============================
05:16:05.0468 6172 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
05:16:05.0498 6172 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
05:16:05.0509 6172 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
05:16:05.0534 6172 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
05:16:05.0564 6172 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
05:16:05.0572 6172 [Global] - ok
05:16:05.0572 6172 ================ Scan MBR ==================================
05:16:05.0582 6172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:16:06.0166 6172 \Device\Harddisk0\DR0 - ok
05:16:06.0189 6172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
05:16:06.0591 6172 \Device\Harddisk1\DR1 - ok
05:16:06.0592 6172 ================ Scan VBR ==================================
05:16:06.0594 6172 [ 4BE8BB919671FCB16D35302A325A6B14 ] \Device\Harddisk0\DR0\Partition1
05:16:06.0596 6172 \Device\Harddisk0\DR0\Partition1 - ok
05:16:06.0598 6172 [ 82344D455A7883EDC572A45222B73F16 ] \Device\Harddisk0\DR0\Partition2
05:16:06.0599 6172 \Device\Harddisk0\DR0\Partition2 - ok
05:16:06.0602 6172 [ 526AAAB79A1A7AF072DB38F4A68C8B3C ] \Device\Harddisk1\DR1\Partition1
05:16:06.0603 6172 \Device\Harddisk1\DR1\Partition1 - ok
05:16:06.0603 6172 ============================================================
05:16:06.0603 6172 Scan finished
05:16:06.0603 6172 ============================================================
05:16:06.0612 3124 Detected object count: 12
05:16:06.0612 3124 Actual detected object count: 12
05:17:05.0307 3124 cmudaxp ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0307 3124 cmudaxp ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0307 3124 D_Link_DWA-125_WPS ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0308 3124 D_Link_DWA-125_WPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0309 3124 GeekBuddyRSP ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0309 3124 GeekBuddyRSP ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0310 3124 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0310 3124 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0312 3124 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0312 3124 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0313 3124 libusb0 ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0313 3124 libusb0 ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0315 3124 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0315 3124 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0317 3124 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0317 3124 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0318 3124 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0318 3124 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0319 3124 pgfilter ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0319 3124 pgfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0320 3124 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0320 3124 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:17:05.0322 3124 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
05:17:05.0322 3124 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-04 10:27:04
-----------------------------
10:27:04.669 OS Version: Windows 6.1.7601 Service Pack 1
10:27:04.669 Number of processors: 4 586 0xF0B
10:27:04.671 ComputerName: CALIPCI UserName: cali
10:27:30.348 Initialize success
10:28:57.784 AVAST engine defs: 12110400
10:33:29.103 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
10:33:29.106 Disk 0 Vendor: ST3200822AS 3.01 Size: 190781MB BusType: 3
10:33:29.108 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
10:33:29.112 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ100E4 Size: 953868MB BusType: 3
10:33:29.128 Disk 0 MBR read successfully
10:33:29.131 Disk 0 MBR scan
10:33:29.137 Disk 0 Windows 7 default MBR code
10:33:29.141 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 96162 MB offset 63
10:33:29.147 Disk 0 Partition - 00 0F Extended LBA 94617 MB offset 196940835
10:33:29.167 Disk 0 Partition 2 00 0B FAT32 MSWIN4.1 94617 MB offset 196940898
10:33:29.176 Disk 0 scanning sectors +390716865
10:33:29.224 Disk 0 scanning C:\Windows\system32\drivers
10:33:40.369 Service scanning
10:34:10.838 Modules scanning
10:34:22.487 Disk 0 trace - called modules:
10:34:22.503 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
10:34:22.509 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c59030]
10:34:22.514 3 CLASSPNP.SYS[8cd8159e] -> nt!IofCallDriver -> [0x86673918]
10:34:22.521 5 ACPI.sys[83ab73d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x866cf030]
10:34:23.769 AVAST engine scan C:\Windows
10:34:26.624 AVAST engine scan C:\Windows\system32
10:37:37.742 AVAST engine scan C:\Windows\system32\drivers
10:37:52.332 AVAST engine scan C:\Users\cali
10:57:40.081 AVAST engine scan C:\ProgramData
11:02:29.922 Scan finished successfully
15:45:46.533 Disk 0 MBR has been saved successfully to "C:\Users\cali\Pictures\Desktop\MBR.dat"
15:45:46.540 The log file has been saved successfully to "C:\Users\cali\Pictures\Desktop\aswMBR.txt"
|
|
| Themen zu Artemis vir & troj und andere maleware die ich nicht loswerde |
| ad-aware, adaware, andere, bereinigt, dateien, erkennt, gelöscht, inter, interne, laufen, maleware, neustart, problem, rechner, sache, sachen, schritt, speed, stinger, tagen, troja, trojaner, viren, wissen |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
