| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: recycler/e621ca05.exe auf meiner SD-KarteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.12.2012, 19:19
| #1 |
 |  recycler/e621ca05.exe auf meiner SD-Karte Moin Leute, habe anscheinend irgendwie im Urlaub nen Trojaner auf die Speicherkarte meiner Kamera bekommen und komm nicht mehr an meine Fotos ran (Ordner werden als Verknüpfung angezeigt). Hab in nem anderen Thread gelesen wie man damit umgehen soll, aber da da auch stand dass man am besten nen eigenen Thread aufmachen soll, mach ich das einfach mal. Hab dummerweise, ohne mich zu informieren, erstmal wie wild drauf losgeklickt. Gehe deswegen davon aus, das sich der Kollege schon auf meinem PC breit gemacht hat. Werde wie hier beschrieben vorgehen, angefangen mit nem scan von Malwarebytes. Ich werde regelmäßig meinen Status posten, würde mich über ein bisschen Beratung freuen! Besten Dank schonmal im Voraus, Gruß Jörg hab oldtimer laufen lassen mit dem code der hier gepostet wurde,spuckt folgendes aus: OTL.txt Code:
ATTFilter OTL logfile created on: 12/5/2012 10:48:18 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jörg Panzer\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.97 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.79% Memory free 5.93 Gb Paging File | 4.81 Gb Available in Paging File | 81.16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 162.24 Gb Total Space | 124.95 Gb Free Space | 77.02% Space Free | Partition Type: NTFS Drive D: | 288.42 Gb Total Space | 96.03 Gb Free Space | 33.29% Space Free | Partition Type: NTFS Computer Name: FRIEDENSPANZER | User Name: Jörg Panzer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/12/05 14:15:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg Panzer\Downloads\OTL.exe PRC - [2012/11/19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012/11/19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012/08/11 14:55:51 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012/08/03 11:37:56 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2012/08/03 11:08:00 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe PRC - [2012/07/14 14:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe PRC - [2012/07/14 14:59:08 | 000,738,984 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe PRC - [2012/05/09 13:38:07 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012/05/09 13:38:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012/05/09 13:38:06 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2012/01/21 13:25:34 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\PDF24\pdf24.exe PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/06/08 04:15:42 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2010/04/20 13:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe PRC - [2009/09/12 13:26:50 | 000,834,560 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2009/09/07 11:42:04 | 000,093,184 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2009/09/02 08:56:00 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/09/02 08:55:32 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/08/23 05:47:34 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2009/08/13 20:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe PRC - [2009/08/06 08:46:06 | 002,242,048 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe PRC - [2008/01/16 08:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe ========== Modules (No Company Name) ========== MOD - [2012/12/01 11:31:21 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll MOD - [2012/12/01 11:31:04 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll MOD - [2012/12/01 11:29:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll MOD - [2012/12/01 10:24:08 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll MOD - [2012/12/01 10:23:41 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll MOD - [2012/12/01 10:23:36 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll MOD - [2012/12/01 10:23:34 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll MOD - [2012/12/01 10:23:27 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2010/11/13 01:02:22 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010/11/13 01:02:21 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/06/08 04:15:42 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2010/04/20 13:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe MOD - [2010/04/16 13:11:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll MOD - [2009/09/16 22:52:48 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2009/09/16 22:52:47 | 001,691,648 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3531.38598__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll MOD - [2009/09/16 22:52:47 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2009/09/16 22:52:47 | 000,364,544 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3531.38481__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:47 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2009/09/16 22:52:47 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:47 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3531.38538__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2009/09/16 22:52:47 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3531.38551__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3531.38490__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:47 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3531.38533__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3531.38571__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:47 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3531.38569__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2009/09/16 22:52:47 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3531.38490__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2009/09/16 22:52:46 | 001,011,712 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3531.38595__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,798,720 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3531.38526__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3531.38502__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3531.38546__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2009/09/16 22:52:46 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3531.38532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3531.38506__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2009/09/16 22:52:46 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:46 | 000,090,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2009/09/16 22:52:46 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2009/09/16 22:52:46 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3531.38505__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2009/09/16 22:52:45 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:45 | 000,360,448 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3531.38520__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:45 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2009/09/16 22:52:45 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2009/09/16 22:52:45 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2009/09/16 22:52:45 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3531.38531__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2009/09/16 22:52:44 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2009/09/16 22:52:44 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2009/09/16 22:52:44 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2009/09/16 22:52:44 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2009/09/16 22:52:44 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2009/09/16 22:52:44 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2009/09/16 22:52:44 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2009/09/16 22:52:44 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2009/09/16 22:52:43 | 000,135,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2009/09/16 22:52:43 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll MOD - [2009/09/16 22:52:43 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2009/09/16 22:52:43 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll MOD - [2009/09/16 22:52:43 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2009/09/16 22:52:43 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2009/09/16 22:52:43 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2009/09/16 22:52:43 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2009/09/16 22:52:43 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2009/09/16 22:52:43 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2009/09/16 22:52:42 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2009/09/16 22:52:42 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,651,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3531.38593__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2009/09/16 22:52:41 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3531.38575__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2009/09/16 22:52:41 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2009/09/16 22:52:41 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll MOD - [2009/09/16 22:52:41 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2009/09/16 22:52:41 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3531.38478__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2009/09/16 22:52:40 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3531.38565__90ba9c70f846762e\MOM.Implementation.dll MOD - [2009/09/16 22:52:40 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3531.38563__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2009/09/16 22:52:40 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2009/09/16 22:52:40 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2009/09/16 22:52:40 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2009/09/16 22:52:40 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2009/09/16 22:52:39 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3531.38559__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2009/09/16 22:52:39 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2009/09/16 22:52:39 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3531.38480__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2009/09/16 22:52:39 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3531.38479__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2009/09/16 22:52:39 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2009/09/16 22:52:39 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2009/09/16 22:52:37 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3531.38486__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2009/09/16 22:52:37 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2009/09/16 22:52:37 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009/09/16 22:52:37 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2009/09/16 22:52:37 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2009/09/16 22:52:37 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3531.38565__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009/09/16 22:52:36 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3531.38477__90ba9c70f846762e\APM.Server.dll MOD - [2009/09/16 22:52:36 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3531.38478__90ba9c70f846762e\AEM.Server.dll MOD - [2009/02/12 06:32:10 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2012/11/30 19:23:07 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/08/03 11:37:56 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012/07/29 16:51:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/14 14:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2012/05/09 13:38:07 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012/05/09 13:38:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/03/09 14:38:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009/09/02 08:55:32 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/08/13 20:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/06/15 10:10:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc) SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip) SRV - [2008/01/16 08:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Auto | Stopped] -- C:\windows\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - [2012/07/14 14:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2012/05/09 13:38:07 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/05/09 13:38:07 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/09/15 22:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/09/11 01:50:12 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009/09/02 09:31:04 | 005,173,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/06/23 05:25:32 | 000,538,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) DRV - [2009/06/15 10:10:00 | 000,313,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/03/18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes,DefaultScope = {514B861C-E23F-4251-96A8-B55B2A21A35F} IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{514B861C-E23F-4251-96A8-B55B2A21A35F}: "URL" = hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732&q={searchTerms}&r=545 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732" FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126 FF - prefs.js..extensions.enabledAddons: groovesharkUnlocker@overlord1337:1.3 FF - prefs.js..extensions.enabledAddons: adblockpopups@jessehakanen.net:0.5 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.3 FF - prefs.js..keyword.URL: "hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732&q={searchTerms}" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/18 22:01:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/08/27 17:44:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/29 16:51:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/21 16:06:35 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/29 16:51:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/21 16:06:35 | 000,000,000 | ---D | M] [2011/10/06 12:29:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\Extensions [2012/12/04 22:50:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\Firefox\Profiles\nbecm84s.default\extensions [2012/08/10 10:51:01 | 000,000,000 | ---D | M] (FT Evo) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\Firefox\Profiles\nbecm84s.default\extensions\{5c8c1470-d247-11e0-9572-0800200c9a66} [2012/08/25 11:20:30 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\Firefox\Profiles\nbecm84s.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2012/08/27 17:43:48 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\Firefox\Profiles\nbecm84s.default\extensions\ffxtlbr@zonealarm.com [2012/12/02 21:43:12 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\extensions\adblockpopups@jessehakanen.net.xpi [2012/07/05 22:05:48 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\extensions\elemhidehelper@adblockplus.org.xpi [2012/11/30 17:59:54 | 000,029,022 | ---- | M] () (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\extensions\groovesharkUnlocker@overlord1337.xpi [2012/12/04 22:50:26 | 000,531,070 | ---- | M] () (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012/11/30 17:11:53 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011/10/02 11:56:44 | 000,000,943 | ---- | M] () -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\searchplugins\conduit.xml [2012/08/27 17:43:10 | 000,001,497 | ---- | M] () -- C:\Users\Jörg Panzer\AppData\Roaming\mozilla\firefox\profiles\nbecm84s.default\searchplugins\zonealarm.xml [2012/02/07 21:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/02/07 21:44:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/10/18 22:01:18 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 File not found (No name found) -- C:\USERS\JöRG PANZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBECM84S.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI File not found (No name found) -- C:\USERS\JöRG PANZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBECM84S.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI File not found (No name found) -- C:\USERS\JöRG PANZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NBECM84S.DEFAULT\EXTENSIONS\GROOVESHARKUNLOCKER@OVERLORD1337.XPI [2012/07/29 16:51:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/06/11 11:15:05 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/06/11 11:15:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/06/11 11:15:05 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/06/11 11:15:05 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012/06/11 11:15:05 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/06/11 11:15:05 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [Samsung PanelMgr] C:\windows\Samsung\PanelMgr\ssmmgr.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6119D552-BD9C-45F9-81F1-6E15A8C76FDA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3A6A6E7-68F4-45E3-A662-4ACA9DE99FAE}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: vsmon - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/12/05 19:22:27 | 000,000,000 | ---D | C] -- C:\Users\Jörg Panzer\AppData\Roaming\Malwarebytes [2012/12/05 19:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/12/05 19:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/12/05 19:22:09 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2012/12/05 19:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/12/01 10:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/12/01 10:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi ========== Files - Modified Within 30 Days ========== [2012/12/05 22:48:18 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/05 22:48:18 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/05 22:40:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/12/05 22:40:45 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys [2012/12/05 22:00:04 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012/12/05 18:07:04 | 000,711,304 | ---- | M] () -- C:\windows\System32\perfh007.dat [2012/12/05 18:07:04 | 000,662,666 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/12/05 18:07:04 | 000,154,684 | ---- | M] () -- C:\windows\System32\perfc007.dat [2012/12/05 18:07:04 | 000,125,116 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/12/05 09:53:43 | 000,012,428 | ---- | M] () -- C:\Users\Jörg Panzer\Desktop\stundenplan master ws1213.pdf [2012/12/03 09:42:54 | 002,262,071 | ---- | M] () -- C:\Users\Jörg Panzer\Desktop\Pubquiz.JPG [2012/12/01 10:22:26 | 000,422,040 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012/12/05 09:53:43 | 000,012,428 | ---- | C] () -- C:\Users\Jörg Panzer\Desktop\stundenplan master ws1213.pdf [2012/12/03 09:42:53 | 002,262,071 | ---- | C] () -- C:\Users\Jörg Panzer\Desktop\Pubquiz.JPG [2012/03/12 12:46:24 | 000,484,656 | ---- | C] () -- C:\windows\ssndii.exe [2012/03/12 12:45:47 | 000,026,624 | ---- | C] () -- C:\windows\System32\sst3cl3.dll [2011/10/12 15:34:46 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2011/10/10 19:28:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/04/03 11:54:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011/12/20 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Canneverbe Limited [2012/08/27 18:02:41 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\CheckPoint [2012/12/02 22:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Dropbox [2012/07/09 16:10:28 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\IrfanView [2011/10/12 15:34:51 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\pdfforge ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/10/07 11:05:22 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Adobe [2012/02/16 10:52:27 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Apple Computer [2010/04/03 12:10:42 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\ATI [2011/10/13 19:07:26 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Avira [2011/12/20 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Canneverbe Limited [2012/08/27 18:02:41 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\CheckPoint [2012/01/19 21:25:59 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\DivX [2012/12/02 22:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Dropbox [2012/02/06 14:17:13 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\dvdcss [2011/11/21 15:56:31 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Google [2010/04/03 12:10:11 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Identities [2012/07/09 16:10:28 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\IrfanView [2011/10/07 11:05:22 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Macromedia [2012/12/05 19:22:27 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Malwarebytes [2011/11/03 12:40:19 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\MathWorks [2009/09/17 15:08:40 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Media Center Programs [2012/08/18 19:22:53 | 000,000,000 | --SD | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Microsoft [2011/10/06 12:29:57 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Mozilla [2011/10/12 15:34:51 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\pdfforge [2012/07/29 20:21:44 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\Skype [2012/02/07 21:30:02 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\skypePM [2012/04/13 12:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jörg Panzer\AppData\Roaming\vlc < %APPDATA%\*.exe /s > [2012/05/24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jörg Panzer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012/05/24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jörg Panzer\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe [2012/05/24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jörg Panzer\AppData\Roaming\Dropbox\bin\Uninstall.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007/01/23 16:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Program Files\MATLAB\R2009a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll < MD5 for: IASTOR.SYS > [2009/06/04 10:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2009/06/04 10:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2009/06/04 10:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys [2009/06/04 10:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys < MD5 for: IASTORV.SYS > [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [2008/07/01 14:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/09/02 08:56:26 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\windows\system32\ATIDEMGX.dll < End of report > Gruß, Jörg EDIT: meine links scheinen nich zu funktionieren, hier die url zu dem thread, an den ich mich bisher gehalten hab: hxxp://www.trojaner-board.de/111503-ordner-wechseldatentraeger-nur-noch-verknuepfungen.html |
|
06.12.2012, 14:17
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | recycler/e621ca05.exe auf meiner SD-Karte Hallo und
__________________ Zitat:
 Oder nocht nicht fertig? Poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
07.12.2012, 15:07
| #3 |
| | recycler/e621ca05.exe auf meiner SD-Karte Moin!
__________________hier das log von malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.05.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jörg Panzer :: FRIEDENSPANZER [Administrator] 05.12.2012 19:24:18 mbam-log-2012-12-05 (19-24-18).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 487627 Laufzeit: 2 Stunde(n), 52 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Program Files\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adbbpci20019.mexw32 (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adbbpci20023.mexw32 (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\encadapci1710.mexw32 (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) log vom scan der sd kart: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.05.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jörg Panzer :: FRIEDENSPANZER [Administrator] 07.12.2012 15:17:38 mbam-log-2012-12-07 (15-17-38).txt Art des Suchlaufs: Vollständiger Suchlauf (H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 195312 Laufzeit: 4 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
07.12.2012, 19:58
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-KarteZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.12.2012, 17:26
| #5 |
| | recycler/e621ca05.exe auf meiner SD-Karte Bin mir nich mehr sicher, entweder freeware aus dem internet oder ne CD von der Uni. Das hab ich aber schon fast seit nem halben Jahr auf dem PC. |
|
09.12.2012, 16:59
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-Karte Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> recycler/e621ca05.exe auf meiner SD-Karte |
|
10.12.2012, 13:40
| #7 |
| | recycler/e621ca05.exe auf meiner SD-Karte gmer log: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-12-10 11:27:01
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1
Running: ng7lm5hl.exe; Driver: C:\Users\JRGPAN~1\AppData\Local\Temp\axddykob.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-10 11:33:22
-----------------------------
11:33:22.352 OS Version: Windows 6.1.7601 Service Pack 1
11:33:22.352 Number of processors: 2 586 0x170A
11:33:22.352 ComputerName: FRIEDENSPANZER UserName: Jörg Panzer
11:33:22.976 Initialize success
11:38:06.664 AVAST engine defs: 12121000
11:38:26.507 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:38:26.522 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3
11:38:26.538 Disk 0 MBR read successfully
11:38:26.538 Disk 0 MBR scan
11:38:26.569 Disk 0 unknown MBR code
11:38:26.585 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
11:38:26.600 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
11:38:26.616 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 166131 MB offset 31664128
11:38:26.647 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 295347 MB offset 371900416
11:38:26.663 Disk 0 scanning sectors +976771072
11:38:26.741 Disk 0 scanning C:\windows\system32\drivers
11:38:44.119 Service scanning
11:39:17.738 Modules scanning
11:39:26.802 Disk 0 trace - called modules:
11:39:26.833 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
11:39:26.849 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86da5030]
11:39:26.849 3 CLASSPNP.SYS[8c26e59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85f54028]
11:39:27.629 AVAST engine scan C:\windows
11:39:31.107 AVAST engine scan C:\windows\system32
11:44:20.628 AVAST engine scan C:\windows\system32\drivers
11:44:40.144 AVAST engine scan C:\Users\Jörg Panzer
11:53:56.898 AVAST engine scan C:\ProgramData
11:54:59.064 Scan finished successfully
12:32:03.456 Disk 0 MBR has been saved successfully to "C:\Users\Jörg Panzer\Desktop\MBR.dat"
12:32:03.472 The log file has been saved successfully to "C:\Users\Jörg Panzer\Desktop\aswMBR log.txt"
vielen Dank für deine Anweisung, besten Gruß Jörg Geändert von cosinus (10.12.2012 um 14:18 Uhr) Grund: CODE-Tags... |
|
10.12.2012, 14:40
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-Karte Wieso schreibst du die CODE-Tags jetzt auf einmal falsch?! Ich hab es mal korrigiert Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.12.2012, 16:11
| #9 |
| | recycler/e621ca05.exe auf meiner SD-Karte Report vom TDSS-Killer: Code:
ATTFilter 16:03:33.0703 3404 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:03:34.0750 3404 ============================================================
16:03:34.0750 3404 Current date / time: 2012/12/10 16:03:34.0750
16:03:34.0750 3404 SystemInfo:
16:03:34.0750 3404
16:03:34.0750 3404 OS Version: 6.1.7601 ServicePack: 1.0
16:03:34.0750 3404 Product type: Workstation
16:03:34.0750 3404 ComputerName: FRIEDENSPANZER
16:03:34.0750 3404 UserName: Jörg Panzer
16:03:34.0750 3404 Windows directory: C:\windows
16:03:34.0750 3404 System windows directory: C:\windows
16:03:34.0750 3404 Processor architecture: Intel x86
16:03:34.0750 3404 Number of processors: 2
16:03:34.0750 3404 Page size: 0x1000
16:03:34.0760 3404 Boot type: Normal boot
16:03:34.0760 3404 ============================================================
16:03:35.0391 3404 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:03:35.0427 3404 Drive \Device\Harddisk1\DR1 - Size: 0x74F300000 (29.24 Gb), SectorSize: 0x200, Cylinders: 0xEE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:03:35.0428 3404 ============================================================
16:03:35.0428 3404 \Device\Harddisk0\DR0:
16:03:35.0428 3404 MBR partitions:
16:03:35.0428 3404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
16:03:35.0428 3404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x14479800
16:03:35.0428 3404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x162AC000, BlocksNum 0x240D9800
16:03:35.0428 3404 \Device\Harddisk1\DR1:
16:03:35.0429 3404 MBR partitions:
16:03:35.0429 3404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3A77800
16:03:35.0429 3404 ============================================================
16:03:35.0450 3404 C: <-> \Device\Harddisk0\DR0\Partition2
16:03:35.0490 3404 D: <-> \Device\Harddisk0\DR0\Partition3
16:03:35.0490 3404 ============================================================
16:03:35.0490 3404 Initialize success
16:03:35.0490 3404 ============================================================
16:05:24.0436 0460 ============================================================
16:05:24.0436 0460 Scan started
16:05:24.0436 0460 Mode: Manual; SigCheck; TDLFS;
16:05:24.0436 0460 ============================================================
16:05:24.0936 0460 ================ Scan system memory ========================
16:05:24.0936 0460 System memory - ok
16:05:24.0936 0460 ================ Scan services =============================
16:05:25.0138 0460 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:05:25.0232 0460 1394ohci - ok
16:05:25.0294 0460 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:05:25.0310 0460 ACPI - ok
16:05:25.0341 0460 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:05:25.0404 0460 AcpiPmi - ok
16:05:25.0497 0460 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:05:25.0528 0460 AdobeFlashPlayerUpdateSvc - ok
16:05:25.0575 0460 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:05:25.0622 0460 adp94xx - ok
16:05:25.0653 0460 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:05:25.0684 0460 adpahci - ok
16:05:25.0716 0460 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:05:25.0747 0460 adpu320 - ok
16:05:25.0794 0460 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:05:25.0856 0460 AeLookupSvc - ok
16:05:25.0903 0460 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:05:25.0965 0460 AFD - ok
16:05:26.0043 0460 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
16:05:26.0074 0460 AgereModemAudio - ok
16:05:26.0137 0460 [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
16:05:26.0199 0460 AgereSoftModem - ok
16:05:26.0246 0460 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:05:26.0262 0460 agp440 - ok
16:05:26.0308 0460 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:05:26.0340 0460 aic78xx - ok
16:05:26.0386 0460 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:05:26.0418 0460 ALG - ok
16:05:26.0449 0460 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:05:26.0464 0460 aliide - ok
16:05:26.0511 0460 [ 4CD8AA0DC5C3F1E5A8FF67EB7D85ABB4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:05:26.0558 0460 AMD External Events Utility - ok
16:05:26.0589 0460 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:05:26.0605 0460 amdagp - ok
16:05:26.0667 0460 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:05:26.0683 0460 amdide - ok
16:05:26.0730 0460 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:05:26.0761 0460 AmdK8 - ok
16:05:26.0761 0460 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:05:26.0808 0460 AmdPPM - ok
16:05:26.0870 0460 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\windows\system32\drivers\amdsata.sys
16:05:26.0901 0460 amdsata - ok
16:05:26.0917 0460 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:05:26.0948 0460 amdsbs - ok
16:05:26.0964 0460 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:05:26.0995 0460 amdxata - ok
16:05:27.0088 0460 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:05:27.0104 0460 AntiVirSchedulerService - ok
16:05:27.0135 0460 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:05:27.0166 0460 AntiVirService - ok
16:05:27.0213 0460 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:05:27.0276 0460 AppID - ok
16:05:27.0307 0460 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:05:27.0369 0460 AppIDSvc - ok
16:05:27.0432 0460 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:05:27.0494 0460 Appinfo - ok
16:05:27.0588 0460 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:05:27.0603 0460 Apple Mobile Device - ok
16:05:27.0634 0460 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:05:27.0650 0460 arc - ok
16:05:27.0681 0460 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:05:27.0697 0460 arcsas - ok
16:05:27.0790 0460 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:05:27.0806 0460 aspnet_state - ok
16:05:27.0837 0460 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:05:27.0900 0460 AsyncMac - ok
16:05:27.0946 0460 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:05:27.0978 0460 atapi - ok
16:05:28.0134 0460 [ 745C79700646C3F285CD09775618A04B ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:05:28.0336 0460 atikmdag - ok
16:05:28.0399 0460 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:05:28.0477 0460 AudioEndpointBuilder - ok
16:05:28.0477 0460 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:05:28.0539 0460 Audiosrv - ok
16:05:28.0617 0460 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
16:05:28.0633 0460 avgntflt - ok
16:05:28.0664 0460 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
16:05:28.0680 0460 avipbb - ok
16:05:28.0711 0460 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
16:05:28.0726 0460 avkmgr - ok
16:05:28.0773 0460 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:05:28.0836 0460 AxInstSV - ok
16:05:28.0867 0460 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:05:28.0929 0460 b06bdrv - ok
16:05:28.0960 0460 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:05:29.0007 0460 b57nd60x - ok
16:05:29.0085 0460 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
16:05:29.0116 0460 BcmSqlStartupSvc - ok
16:05:29.0179 0460 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:05:29.0226 0460 BDESVC - ok
16:05:29.0272 0460 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:05:29.0350 0460 Beep - ok
16:05:29.0413 0460 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:05:29.0491 0460 BFE - ok
16:05:29.0538 0460 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
16:05:29.0616 0460 BITS - ok
16:05:29.0631 0460 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:05:29.0678 0460 blbdrive - ok
16:05:29.0772 0460 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:05:29.0803 0460 Bonjour Service - ok
16:05:29.0834 0460 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:05:29.0865 0460 bowser - ok
16:05:29.0912 0460 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:05:29.0959 0460 BrFiltLo - ok
16:05:29.0974 0460 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:05:30.0021 0460 BrFiltUp - ok
16:05:30.0068 0460 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:05:30.0115 0460 Browser - ok
16:05:30.0130 0460 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:05:30.0177 0460 Brserid - ok
16:05:30.0208 0460 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:05:30.0255 0460 BrSerWdm - ok
16:05:30.0255 0460 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:05:30.0302 0460 BrUsbMdm - ok
16:05:30.0318 0460 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:05:30.0364 0460 BrUsbSer - ok
16:05:30.0427 0460 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:05:30.0474 0460 BthEnum - ok
16:05:30.0489 0460 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:05:30.0520 0460 BTHMODEM - ok
16:05:30.0567 0460 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:05:30.0598 0460 BthPan - ok
16:05:30.0630 0460 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:05:30.0676 0460 BTHPORT - ok
16:05:30.0708 0460 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:05:30.0786 0460 bthserv - ok
16:05:30.0817 0460 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:05:30.0848 0460 BTHUSB - ok
16:05:30.0864 0460 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:05:30.0942 0460 cdfs - ok
16:05:31.0004 0460 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
16:05:31.0066 0460 cdrom - ok
16:05:31.0113 0460 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:05:31.0176 0460 CertPropSvc - ok
16:05:31.0207 0460 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:05:31.0254 0460 circlass - ok
16:05:31.0300 0460 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:05:31.0316 0460 CLFS - ok
16:05:31.0363 0460 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:05:31.0378 0460 clr_optimization_v2.0.50727_32 - ok
16:05:31.0394 0460 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:05:31.0456 0460 CmBatt - ok
16:05:31.0488 0460 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:05:31.0503 0460 cmdide - ok
16:05:31.0566 0460 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
16:05:31.0612 0460 CNG - ok
16:05:31.0628 0460 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:05:31.0644 0460 Compbatt - ok
16:05:31.0706 0460 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:05:31.0737 0460 CompositeBus - ok
16:05:31.0753 0460 COMSysApp - ok
16:05:31.0784 0460 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:05:31.0815 0460 crcdisk - ok
16:05:31.0862 0460 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
16:05:31.0909 0460 CryptSvc - ok
16:05:31.0971 0460 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:05:32.0034 0460 DcomLaunch - ok
16:05:32.0065 0460 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:05:32.0143 0460 defragsvc - ok
16:05:32.0174 0460 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:05:32.0236 0460 DfsC - ok
16:05:32.0268 0460 DgiVecp - ok
16:05:32.0314 0460 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:05:32.0377 0460 Dhcp - ok
16:05:32.0408 0460 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:05:32.0470 0460 discache - ok
16:05:32.0517 0460 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:05:32.0533 0460 Disk - ok
16:05:32.0564 0460 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:05:32.0626 0460 Dnscache - ok
16:05:32.0673 0460 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:05:32.0736 0460 dot3svc - ok
16:05:32.0782 0460 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:05:32.0845 0460 DPS - ok
16:05:32.0892 0460 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:05:32.0938 0460 drmkaud - ok
16:05:33.0001 0460 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:05:33.0032 0460 DXGKrnl - ok
16:05:33.0079 0460 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:05:33.0141 0460 EapHost - ok
16:05:33.0235 0460 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:05:33.0344 0460 ebdrv - ok
16:05:33.0391 0460 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:05:33.0438 0460 EFS - ok
16:05:33.0516 0460 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:05:33.0578 0460 ehRecvr - ok
16:05:33.0609 0460 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:05:33.0640 0460 ehSched - ok
16:05:33.0703 0460 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:05:33.0734 0460 elxstor - ok
16:05:33.0750 0460 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:05:33.0781 0460 ErrDev - ok
16:05:33.0843 0460 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:05:33.0921 0460 EventSystem - ok
16:05:33.0937 0460 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:05:34.0015 0460 exfat - ok
16:05:34.0030 0460 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:05:34.0093 0460 fastfat - ok
16:05:34.0155 0460 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:05:34.0202 0460 Fax - ok
16:05:34.0218 0460 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:05:34.0249 0460 fdc - ok
16:05:34.0280 0460 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:05:34.0358 0460 fdPHost - ok
16:05:34.0374 0460 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:05:34.0436 0460 FDResPub - ok
16:05:34.0452 0460 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:05:34.0483 0460 FileInfo - ok
16:05:34.0498 0460 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:05:34.0561 0460 Filetrace - ok
16:05:34.0576 0460 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:05:34.0623 0460 flpydisk - ok
16:05:34.0654 0460 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:05:34.0686 0460 FltMgr - ok
16:05:34.0732 0460 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\windows\system32\FntCache.dll
16:05:34.0810 0460 FontCache - ok
16:05:34.0873 0460 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:05:34.0888 0460 FontCache3.0.0.0 - ok
16:05:34.0904 0460 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:05:34.0935 0460 FsDepends - ok
16:05:34.0966 0460 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
16:05:34.0982 0460 fssfltr - ok
16:05:35.0076 0460 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
16:05:35.0107 0460 fsssvc - ok
16:05:35.0138 0460 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:05:35.0169 0460 Fs_Rec - ok
16:05:35.0216 0460 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:05:35.0247 0460 fvevol - ok
16:05:35.0278 0460 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:05:35.0310 0460 gagp30kx - ok
16:05:35.0356 0460 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
16:05:35.0372 0460 GEARAspiWDM - ok
16:05:35.0434 0460 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:05:35.0497 0460 gpsvc - ok
16:05:35.0528 0460 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
16:05:35.0559 0460 hamachi - ok
16:05:35.0684 0460 [ A7EBBF64C7610B7C67D46AE620AADBA3 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
16:05:35.0746 0460 Hamachi2Svc - ok
16:05:35.0778 0460 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:05:35.0809 0460 hcw85cir - ok
16:05:35.0887 0460 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:05:35.0934 0460 HdAudAddService - ok
16:05:35.0965 0460 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:05:35.0996 0460 HDAudBus - ok
16:05:36.0012 0460 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:05:36.0058 0460 HidBatt - ok
16:05:36.0074 0460 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:05:36.0121 0460 HidBth - ok
16:05:36.0152 0460 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:05:36.0199 0460 HidIr - ok
16:05:36.0214 0460 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
16:05:36.0292 0460 hidserv - ok
16:05:36.0355 0460 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:05:36.0402 0460 HidUsb - ok
16:05:36.0464 0460 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:05:36.0526 0460 hkmsvc - ok
16:05:36.0573 0460 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:05:36.0620 0460 HomeGroupListener - ok
16:05:36.0667 0460 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:05:36.0714 0460 HomeGroupProvider - ok
16:05:36.0745 0460 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:05:36.0760 0460 HpSAMD - ok
16:05:36.0823 0460 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:05:36.0885 0460 HTTP - ok
16:05:36.0916 0460 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:05:36.0948 0460 hwpolicy - ok
16:05:36.0994 0460 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:05:37.0041 0460 i8042prt - ok
16:05:37.0088 0460 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:05:37.0104 0460 iaStor - ok
16:05:37.0150 0460 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:05:37.0182 0460 iaStorV - ok
16:05:37.0260 0460 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:05:37.0291 0460 idsvc - ok
16:05:37.0431 0460 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
16:05:37.0618 0460 igfx - ok
16:05:37.0650 0460 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:05:37.0681 0460 iirsp - ok
16:05:37.0743 0460 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:05:37.0806 0460 IKEEXT - ok
16:05:37.0915 0460 [ 5CEEF2CCCB4FE00D3FFBFEB12BCFA07F ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:05:38.0008 0460 IntcAzAudAddService - ok
16:05:38.0040 0460 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:05:38.0055 0460 intelide - ok
16:05:38.0102 0460 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:05:38.0133 0460 intelppm - ok
16:05:38.0164 0460 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:05:38.0211 0460 IPBusEnum - ok
16:05:38.0242 0460 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:05:38.0320 0460 IpFilterDriver - ok
16:05:38.0383 0460 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:05:38.0445 0460 iphlpsvc - ok
16:05:38.0476 0460 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:05:38.0523 0460 IPMIDRV - ok
16:05:38.0554 0460 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:05:38.0601 0460 IPNAT - ok
16:05:38.0679 0460 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:05:38.0726 0460 iPod Service - ok
16:05:38.0773 0460 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:05:38.0820 0460 IRENUM - ok
16:05:38.0851 0460 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:05:38.0866 0460 isapnp - ok
16:05:38.0898 0460 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:05:38.0929 0460 iScsiPrt - ok
16:05:38.0991 0460 [ A195C4FC49492928E8296B8C4AB00517 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:05:39.0022 0460 ISWKL - ok
16:05:39.0069 0460 [ E78EACA70B4E0C260E4B32972B7086AC ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
16:05:39.0100 0460 IswSvc - ok
16:05:39.0132 0460 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:05:39.0147 0460 kbdclass - ok
16:05:39.0194 0460 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:05:39.0225 0460 kbdhid - ok
16:05:39.0256 0460 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:05:39.0272 0460 KeyIso - ok
16:05:39.0319 0460 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:05:39.0334 0460 KSecDD - ok
16:05:39.0366 0460 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:05:39.0397 0460 KSecPkg - ok
16:05:39.0428 0460 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:05:39.0490 0460 KtmRm - ok
16:05:39.0537 0460 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
16:05:39.0600 0460 LanmanServer - ok
16:05:39.0631 0460 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:05:39.0693 0460 LanmanWorkstation - ok
16:05:39.0756 0460 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:05:39.0802 0460 lltdio - ok
16:05:39.0834 0460 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:05:39.0912 0460 lltdsvc - ok
16:05:39.0927 0460 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:05:39.0990 0460 lmhosts - ok
16:05:40.0021 0460 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:05:40.0052 0460 LSI_FC - ok
16:05:40.0068 0460 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:05:40.0083 0460 LSI_SAS - ok
16:05:40.0114 0460 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:05:40.0130 0460 LSI_SAS2 - ok
16:05:40.0146 0460 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:05:40.0177 0460 LSI_SCSI - ok
16:05:40.0208 0460 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:05:40.0270 0460 luafv - ok
16:05:40.0348 0460 McAfee SiteAdvisor Service - ok
16:05:40.0395 0460 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:05:40.0426 0460 Mcx2Svc - ok
16:05:40.0442 0460 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:05:40.0458 0460 megasas - ok
16:05:40.0504 0460 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:05:40.0536 0460 MegaSR - ok
16:05:40.0567 0460 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:05:40.0629 0460 MMCSS - ok
16:05:40.0645 0460 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:05:40.0692 0460 Modem - ok
16:05:40.0723 0460 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:05:40.0770 0460 monitor - ok
16:05:40.0816 0460 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:05:40.0848 0460 mouclass - ok
16:05:40.0910 0460 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:05:40.0941 0460 mouhid - ok
16:05:40.0988 0460 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:05:41.0004 0460 mountmgr - ok
16:05:41.0066 0460 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:05:41.0082 0460 MozillaMaintenance - ok
16:05:41.0128 0460 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:05:41.0160 0460 mpio - ok
16:05:41.0175 0460 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:05:41.0238 0460 mpsdrv - ok
16:05:41.0284 0460 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:05:41.0347 0460 MpsSvc - ok
16:05:41.0378 0460 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:05:41.0425 0460 MRxDAV - ok
16:05:41.0456 0460 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:05:41.0503 0460 mrxsmb - ok
16:05:41.0534 0460 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:05:41.0565 0460 mrxsmb10 - ok
16:05:41.0581 0460 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:05:41.0628 0460 mrxsmb20 - ok
16:05:41.0659 0460 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:05:41.0690 0460 msahci - ok
16:05:41.0706 0460 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:05:41.0737 0460 msdsm - ok
16:05:41.0752 0460 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:05:41.0799 0460 MSDTC - ok
16:05:41.0830 0460 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:05:41.0908 0460 Msfs - ok
16:05:41.0924 0460 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:05:42.0002 0460 mshidkmdf - ok
16:05:42.0002 0460 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:05:42.0033 0460 msisadrv - ok
16:05:42.0064 0460 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:05:42.0127 0460 MSiSCSI - ok
16:05:42.0142 0460 msiserver - ok
16:05:42.0174 0460 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:05:42.0236 0460 MSKSSRV - ok
16:05:42.0252 0460 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:05:42.0314 0460 MSPCLOCK - ok
16:05:42.0330 0460 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:05:42.0408 0460 MSPQM - ok
16:05:42.0439 0460 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:05:42.0470 0460 MsRPC - ok
16:05:42.0501 0460 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:05:42.0532 0460 mssmbios - ok
16:05:42.0579 0460 MSSQL$MSSMLBIZ - ok
16:05:42.0626 0460 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
16:05:42.0642 0460 MSSQLServerADHelper - ok
16:05:42.0657 0460 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:05:42.0720 0460 MSTEE - ok
16:05:42.0735 0460 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:05:42.0766 0460 MTConfig - ok
16:05:42.0782 0460 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:05:42.0813 0460 Mup - ok
16:05:42.0844 0460 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:05:42.0922 0460 napagent - ok
16:05:42.0969 0460 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:05:43.0000 0460 NativeWifiP - ok
16:05:43.0078 0460 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
16:05:43.0125 0460 NDIS - ok
16:05:43.0125 0460 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:05:43.0188 0460 NdisCap - ok
16:05:43.0234 0460 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:05:43.0298 0460 NdisTapi - ok
16:05:43.0345 0460 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:05:43.0407 0460 Ndisuio - ok
16:05:43.0454 0460 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:05:43.0501 0460 NdisWan - ok
16:05:43.0547 0460 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:05:43.0610 0460 NDProxy - ok
16:05:43.0672 0460 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:05:43.0735 0460 NetBIOS - ok
16:05:43.0766 0460 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:05:43.0844 0460 NetBT - ok
16:05:43.0859 0460 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:05:43.0891 0460 Netlogon - ok
16:05:43.0937 0460 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:05:44.0015 0460 Netman - ok
16:05:44.0031 0460 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:05:44.0109 0460 netprofm - ok
16:05:44.0125 0460 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:05:44.0140 0460 NetTcpPortSharing - ok
16:05:44.0187 0460 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:05:44.0203 0460 nfrd960 - ok
16:05:44.0249 0460 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
16:05:44.0313 0460 NlaSvc - ok
16:05:44.0375 0460 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:05:44.0422 0460 Npfs - ok
16:05:44.0453 0460 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:05:44.0516 0460 nsi - ok
16:05:44.0531 0460 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:05:44.0594 0460 nsiproxy - ok
16:05:44.0672 0460 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:05:44.0734 0460 Ntfs - ok
16:05:44.0750 0460 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:05:44.0828 0460 Null - ok
16:05:44.0859 0460 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:05:44.0890 0460 nvraid - ok
16:05:44.0906 0460 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:05:44.0937 0460 nvstor - ok
16:05:44.0968 0460 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:05:44.0999 0460 nv_agp - ok
16:05:45.0062 0460 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
16:05:45.0077 0460 OberonGameConsoleService - ok
16:05:45.0186 0460 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:05:45.0218 0460 odserv - ok
16:05:45.0249 0460 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:05:45.0280 0460 ohci1394 - ok
16:05:45.0311 0460 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:05:45.0342 0460 ose - ok
16:05:45.0374 0460 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:05:45.0420 0460 p2pimsvc - ok
16:05:45.0436 0460 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:05:45.0498 0460 p2psvc - ok
16:05:45.0530 0460 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:05:45.0545 0460 Parport - ok
16:05:45.0592 0460 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:05:45.0608 0460 partmgr - ok
16:05:45.0623 0460 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:05:45.0670 0460 Parvdm - ok
16:05:45.0701 0460 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:05:45.0732 0460 PcaSvc - ok
16:05:45.0764 0460 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:05:45.0795 0460 pci - ok
16:05:45.0810 0460 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:05:45.0826 0460 pciide - ok
16:05:45.0842 0460 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:05:45.0873 0460 pcmcia - ok
16:05:45.0888 0460 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:05:45.0904 0460 pcw - ok
16:05:45.0951 0460 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:05:46.0013 0460 PEAUTH - ok
16:05:46.0107 0460 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:05:46.0200 0460 pla - ok
16:05:46.0232 0460 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:05:46.0325 0460 PlugPlay - ok
16:05:46.0356 0460 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:05:46.0388 0460 PNRPAutoReg - ok
16:05:46.0419 0460 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:05:46.0450 0460 PNRPsvc - ok
16:05:46.0497 0460 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:05:46.0559 0460 PolicyAgent - ok
16:05:46.0606 0460 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:05:46.0653 0460 Power - ok
16:05:46.0715 0460 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:05:46.0778 0460 PptpMiniport - ok
16:05:46.0793 0460 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:05:46.0824 0460 Processor - ok
16:05:46.0856 0460 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\windows\system32\profsvc.dll
16:05:46.0918 0460 ProfSvc - ok
16:05:46.0934 0460 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:05:46.0949 0460 ProtectedStorage - ok
16:05:46.0996 0460 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:05:47.0043 0460 Psched - ok
16:05:47.0105 0460 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:05:47.0168 0460 ql2300 - ok
16:05:47.0183 0460 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:05:47.0199 0460 ql40xx - ok
16:05:47.0246 0460 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:05:47.0292 0460 QWAVE - ok
16:05:47.0324 0460 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:05:47.0355 0460 QWAVEdrv - ok
16:05:47.0370 0460 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:05:47.0433 0460 RasAcd - ok
16:05:47.0464 0460 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:05:47.0526 0460 RasAgileVpn - ok
16:05:47.0558 0460 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:05:47.0620 0460 RasAuto - ok
16:05:47.0651 0460 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:05:47.0714 0460 Rasl2tp - ok
16:05:47.0760 0460 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:05:47.0823 0460 RasMan - ok
16:05:47.0854 0460 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:05:47.0916 0460 RasPppoe - ok
16:05:47.0963 0460 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:05:48.0026 0460 RasSstp - ok
16:05:48.0072 0460 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:05:48.0135 0460 rdbss - ok
16:05:48.0150 0460 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:05:48.0182 0460 rdpbus - ok
16:05:48.0213 0460 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:05:48.0260 0460 RDPCDD - ok
16:05:48.0291 0460 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:05:48.0353 0460 RDPENCDD - ok
16:05:48.0369 0460 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:05:48.0431 0460 RDPREFMP - ok
16:05:48.0478 0460 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:05:48.0509 0460 RDPWD - ok
16:05:48.0587 0460 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:05:48.0603 0460 rdyboost - ok
16:05:48.0665 0460 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:05:48.0728 0460 RemoteAccess - ok
16:05:48.0759 0460 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:05:48.0821 0460 RemoteRegistry - ok
16:05:48.0868 0460 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SYSTEM32\Rezip.exe
16:05:48.0899 0460 Rezip ( UnsignedFile.Multi.Generic ) - warning
16:05:48.0899 0460 Rezip - detected UnsignedFile.Multi.Generic (1)
16:05:48.0946 0460 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:05:48.0993 0460 RFCOMM - ok
16:05:49.0024 0460 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:05:49.0102 0460 RpcEptMapper - ok
16:05:49.0133 0460 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:05:49.0180 0460 RpcLocator - ok
16:05:49.0211 0460 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
16:05:49.0258 0460 RpcSs - ok
16:05:49.0305 0460 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:05:49.0367 0460 rspndr - ok
16:05:49.0398 0460 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:05:49.0430 0460 RTL8167 - ok
16:05:49.0492 0460 [ A54DBEDF7CA55245AFD5B358BA5CA1B2 ] rtl819xp C:\windows\system32\DRIVERS\rtl819xp.sys
16:05:49.0554 0460 rtl819xp - ok
16:05:49.0617 0460 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
16:05:49.0648 0460 SABI - ok
16:05:49.0679 0460 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:05:49.0695 0460 SamSs - ok
16:05:49.0742 0460 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:05:49.0773 0460 sbp2port - ok
16:05:49.0804 0460 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:05:49.0866 0460 SCardSvr - ok
16:05:49.0882 0460 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:05:49.0929 0460 scfilter - ok
16:05:49.0976 0460 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:05:50.0054 0460 Schedule - ok
16:05:50.0085 0460 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:05:50.0132 0460 SCPolicySvc - ok
16:05:50.0163 0460 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:05:50.0210 0460 SDRSVC - ok
16:05:50.0256 0460 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:05:50.0303 0460 secdrv - ok
16:05:50.0319 0460 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:05:50.0397 0460 seclogon - ok
16:05:50.0412 0460 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
16:05:50.0459 0460 SENS - ok
16:05:50.0490 0460 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:05:50.0522 0460 SensrSvc - ok
16:05:50.0553 0460 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:05:50.0600 0460 Serenum - ok
16:05:50.0615 0460 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:05:50.0662 0460 Serial - ok
16:05:50.0678 0460 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:05:50.0709 0460 sermouse - ok
16:05:50.0771 0460 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:05:50.0834 0460 SessionEnv - ok
16:05:50.0880 0460 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:05:50.0912 0460 sffdisk - ok
16:05:50.0912 0460 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:05:50.0974 0460 sffp_mmc - ok
16:05:50.0990 0460 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:05:51.0036 0460 sffp_sd - ok
16:05:51.0068 0460 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:05:51.0114 0460 sfloppy - ok
16:05:51.0161 0460 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:05:51.0224 0460 SharedAccess - ok
16:05:51.0286 0460 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:05:51.0348 0460 ShellHWDetection - ok
16:05:51.0364 0460 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:05:51.0395 0460 sisagp - ok
16:05:51.0426 0460 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:05:51.0442 0460 SiSRaid2 - ok
16:05:51.0473 0460 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:05:51.0489 0460 SiSRaid4 - ok
16:05:51.0504 0460 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:05:51.0551 0460 Smb - ok
16:05:51.0598 0460 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:05:51.0645 0460 SNMPTRAP - ok
16:05:51.0660 0460 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:05:51.0692 0460 spldr - ok
16:05:51.0738 0460 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\windows\System32\spoolsv.exe
16:05:51.0785 0460 Spooler - ok
16:05:51.0910 0460 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:05:52.0019 0460 sppsvc - ok
16:05:52.0066 0460 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:05:52.0128 0460 sppuinotify - ok
16:05:52.0175 0460 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:05:52.0206 0460 SQLBrowser - ok
16:05:52.0238 0460 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:05:52.0269 0460 SQLWriter - ok
16:05:52.0300 0460 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:05:52.0347 0460 srv - ok
16:05:52.0378 0460 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:05:52.0409 0460 srv2 - ok
16:05:52.0440 0460 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:05:52.0487 0460 srvnet - ok
16:05:52.0518 0460 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:05:52.0596 0460 SSDPSRV - ok
16:05:52.0628 0460 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
16:05:52.0643 0460 ssmdrv - ok
16:05:52.0690 0460 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\windows\system32\Drivers\SSPORT.sys
16:05:52.0706 0460 SSPORT ( UnsignedFile.Multi.Generic ) - warning
16:05:52.0706 0460 SSPORT - detected UnsignedFile.Multi.Generic (1)
16:05:52.0737 0460 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:05:52.0799 0460 SstpSvc - ok
16:05:52.0830 0460 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:05:52.0846 0460 stexstor - ok
16:05:52.0908 0460 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:05:52.0971 0460 StiSvc - ok
16:05:53.0018 0460 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:05:53.0033 0460 swenum - ok
16:05:53.0064 0460 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:05:53.0127 0460 swprv - ok
16:05:53.0174 0460 [ 7A9025D8F7852B06D6D08ED536135E7E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:05:53.0189 0460 SynTP - ok
16:05:53.0252 0460 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:05:53.0314 0460 SysMain - ok
16:05:53.0361 0460 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:05:53.0408 0460 TabletInputService - ok
16:05:53.0454 0460 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:05:53.0532 0460 TapiSrv - ok
16:05:53.0564 0460 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:05:53.0642 0460 TBS - ok
16:05:53.0673 0460 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:05:53.0735 0460 Tcpip - ok
16:05:53.0782 0460 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:05:53.0829 0460 TCPIP6 - ok
16:05:53.0876 0460 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:05:53.0938 0460 tcpipreg - ok
16:05:53.0985 0460 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:05:54.0016 0460 TDPIPE - ok
16:05:54.0063 0460 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:05:54.0094 0460 TDTCP - ok
16:05:54.0125 0460 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:05:54.0172 0460 tdx - ok
16:05:54.0188 0460 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:05:54.0203 0460 TermDD - ok
16:05:54.0250 0460 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:05:54.0344 0460 TermService - ok
16:05:54.0375 0460 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:05:54.0422 0460 Themes - ok
16:05:54.0437 0460 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:05:54.0500 0460 THREADORDER - ok
16:05:54.0515 0460 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:05:54.0593 0460 TrkWks - ok
16:05:54.0640 0460 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:05:54.0702 0460 TrustedInstaller - ok
16:05:54.0734 0460 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:05:54.0796 0460 tssecsrv - ok
16:05:54.0843 0460 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:05:54.0874 0460 TsUsbFlt - ok
16:05:54.0921 0460 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:05:54.0983 0460 tunnel - ok
16:05:55.0014 0460 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:05:55.0046 0460 uagp35 - ok
16:05:55.0092 0460 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:05:55.0155 0460 udfs - ok
16:05:55.0186 0460 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:05:55.0233 0460 UI0Detect - ok
16:05:55.0280 0460 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:05:55.0311 0460 uliagpkx - ok
16:05:55.0342 0460 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:05:55.0358 0460 umbus - ok
16:05:55.0373 0460 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:05:55.0420 0460 UmPass - ok
16:05:55.0436 0460 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:05:55.0514 0460 upnphost - ok
16:05:55.0545 0460 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\windows\system32\drivers\usbccgp.sys
16:05:55.0576 0460 usbccgp - ok
16:05:55.0638 0460 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:05:55.0670 0460 usbcir - ok
16:05:55.0701 0460 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\windows\system32\drivers\usbehci.sys
16:05:55.0748 0460 usbehci - ok
16:05:55.0763 0460 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:05:55.0794 0460 usbhub - ok
16:05:55.0826 0460 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\windows\system32\drivers\usbohci.sys
16:05:55.0857 0460 usbohci - ok
16:05:55.0904 0460 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:05:55.0950 0460 usbprint - ok
16:05:55.0966 0460 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:05:55.0997 0460 USBSTOR - ok
16:05:56.0028 0460 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:05:56.0060 0460 usbuhci - ok
16:05:56.0106 0460 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:05:56.0153 0460 usbvideo - ok
16:05:56.0184 0460 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:05:56.0231 0460 UxSms - ok
16:05:56.0231 0460 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:05:56.0262 0460 VaultSvc - ok
16:05:56.0294 0460 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:05:56.0325 0460 vdrvroot - ok
16:05:56.0372 0460 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:05:56.0434 0460 vds - ok
16:05:56.0465 0460 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:05:56.0496 0460 vga - ok
16:05:56.0528 0460 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:05:56.0574 0460 VgaSave - ok
16:05:56.0621 0460 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:05:56.0652 0460 vhdmp - ok
16:05:56.0684 0460 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:05:56.0699 0460 viaagp - ok
16:05:56.0730 0460 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:05:56.0762 0460 ViaC7 - ok
16:05:56.0808 0460 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:05:56.0824 0460 viaide - ok
16:05:56.0855 0460 [ 88C52F322117F60B7A0C89D683E30F6A ] VMC326 C:\windows\system32\Drivers\VMC326.sys
16:05:56.0886 0460 VMC326 - ok
16:05:56.0902 0460 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:05:56.0918 0460 volmgr - ok
16:05:56.0949 0460 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:05:56.0980 0460 volmgrx - ok
16:05:56.0996 0460 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:05:57.0027 0460 volsnap - ok
16:05:57.0089 0460 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
16:05:57.0120 0460 Vsdatant - ok
16:05:57.0183 0460 vsmon - ok
16:05:57.0214 0460 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:05:57.0245 0460 vsmraid - ok
16:05:57.0308 0460 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:05:57.0386 0460 VSS - ok
16:05:57.0417 0460 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:05:57.0448 0460 vwifibus - ok
16:05:57.0479 0460 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:05:57.0526 0460 vwififlt - ok
16:05:57.0573 0460 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:05:57.0620 0460 vwifimp - ok
16:05:57.0651 0460 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:05:57.0713 0460 W32Time - ok
16:05:57.0744 0460 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:05:57.0791 0460 WacomPen - ok
16:05:57.0838 0460 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:05:57.0885 0460 WANARP - ok
16:05:57.0885 0460 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:05:57.0932 0460 Wanarpv6 - ok
16:05:58.0025 0460 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:05:58.0088 0460 WatAdminSvc - ok
16:05:58.0166 0460 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:05:58.0228 0460 wbengine - ok
16:05:58.0259 0460 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:05:58.0306 0460 WbioSrvc - ok
16:05:58.0337 0460 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:05:58.0368 0460 wcncsvc - ok
16:05:58.0384 0460 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:05:58.0446 0460 WcsPlugInService - ok
16:05:58.0478 0460 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:05:58.0509 0460 Wd - ok
16:05:58.0540 0460 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:05:58.0571 0460 Wdf01000 - ok
16:05:58.0587 0460 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:05:58.0618 0460 WdiServiceHost - ok
16:05:58.0618 0460 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:05:58.0649 0460 WdiSystemHost - ok
16:05:58.0696 0460 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:05:58.0743 0460 WebClient - ok
16:05:58.0774 0460 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:05:58.0836 0460 Wecsvc - ok
16:05:58.0836 0460 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:05:58.0914 0460 wercplsupport - ok
16:05:58.0946 0460 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:05:59.0008 0460 WerSvc - ok
16:05:59.0039 0460 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:05:59.0086 0460 WfpLwf - ok
16:05:59.0102 0460 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:05:59.0133 0460 WIMMount - ok
16:05:59.0195 0460 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:05:59.0242 0460 WinDefend - ok
16:05:59.0258 0460 WinHttpAutoProxySvc - ok
16:05:59.0336 0460 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:05:59.0398 0460 Winmgmt - ok
16:05:59.0460 0460 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:05:59.0538 0460 WinRM - ok
16:05:59.0616 0460 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:05:59.0648 0460 WinUsb - ok
16:05:59.0694 0460 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:05:59.0757 0460 Wlansvc - ok
16:05:59.0804 0460 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:05:59.0850 0460 WmiAcpi - ok
16:05:59.0897 0460 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:05:59.0928 0460 wmiApSrv - ok
16:06:00.0022 0460 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:06:00.0084 0460 WMPNetworkSvc - ok
16:06:00.0116 0460 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:06:00.0147 0460 WPCSvc - ok
16:06:00.0194 0460 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:06:00.0240 0460 WPDBusEnum - ok
16:06:00.0272 0460 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:06:00.0334 0460 ws2ifsl - ok
16:06:00.0365 0460 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
16:06:00.0412 0460 wscsvc - ok
16:06:00.0412 0460 WSearch - ok
16:06:00.0490 0460 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:06:00.0568 0460 wuauserv - ok
16:06:00.0615 0460 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:06:00.0677 0460 WudfPf - ok
16:06:00.0708 0460 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:06:00.0755 0460 WUDFRd - ok
16:06:00.0771 0460 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:06:00.0849 0460 wudfsvc - ok
16:06:00.0880 0460 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:06:00.0911 0460 WwanSvc - ok
16:06:00.0958 0460 [ F0CEEA6CC0E5BFEFC745B66DC5E9816B ] yksvc C:\windows\System32\yk62x86.dll
16:06:01.0020 0460 yksvc - ok
16:06:01.0052 0460 [ 3EB1576F77B60A6C79DD7742B67219B8 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
16:06:01.0114 0460 yukonw7 - ok
16:06:01.0161 0460 ================ Scan global ===============================
16:06:01.0208 0460 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:06:01.0239 0460 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:06:01.0254 0460 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:06:01.0286 0460 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:06:01.0332 0460 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:06:01.0332 0460 [Global] - ok
16:06:01.0332 0460 ================ Scan MBR ==================================
16:06:01.0348 0460 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
16:06:01.0832 0460 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:06:01.0832 0460 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:06:01.0847 0460 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:06:01.0972 0460 \Device\Harddisk1\DR1 - ok
16:06:01.0972 0460 ================ Scan VBR ==================================
16:06:01.0988 0460 [ B2AECF08A32B808926E5E4BA05876F6A ] \Device\Harddisk0\DR0\Partition1
16:06:01.0988 0460 \Device\Harddisk0\DR0\Partition1 - ok
16:06:02.0019 0460 [ C7AC0852FC076CADBDCFE7FCF59C70D8 ] \Device\Harddisk0\DR0\Partition2
16:06:02.0034 0460 \Device\Harddisk0\DR0\Partition2 - ok
16:06:02.0066 0460 [ 8518B25833FC024387E2F561918BC87C ] \Device\Harddisk0\DR0\Partition3
16:06:02.0066 0460 \Device\Harddisk0\DR0\Partition3 - ok
16:06:02.0081 0460 [ AC21E0F6BF8F9C2B7A2E93CCA45EF565 ] \Device\Harddisk1\DR1\Partition1
16:06:02.0081 0460 \Device\Harddisk1\DR1\Partition1 - ok
16:06:02.0081 0460 ============================================================
16:06:02.0081 0460 Scan finished
16:06:02.0081 0460 ============================================================
16:06:02.0097 1464 Detected object count: 3
16:06:02.0097 1464 Actual detected object count: 3
16:06:41.0456 1464 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
16:06:41.0456 1464 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:06:41.0456 1464 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
16:06:41.0456 1464 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:06:41.0456 1464 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:06:41.0456 1464 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
10.12.2012, 16:26
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-KarteCode:
ATTFilter \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.12.2012, 17:27
| #11 |
| | recycler/e621ca05.exe auf meiner SD-KarteCode:
ATTFilter 17:25:22.0994 4424 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:25:23.0009 4424 ============================================================
17:25:23.0009 4424 Current date / time: 2012/12/10 17:25:23.0009
17:25:23.0009 4424 SystemInfo:
17:25:23.0009 4424
17:25:23.0009 4424 OS Version: 6.1.7601 ServicePack: 1.0
17:25:23.0009 4424 Product type: Workstation
17:25:23.0009 4424 ComputerName: FRIEDENSPANZER
17:25:23.0009 4424 UserName: Jörg Panzer
17:25:23.0009 4424 Windows directory: C:\windows
17:25:23.0009 4424 System windows directory: C:\windows
17:25:23.0009 4424 Processor architecture: Intel x86
17:25:23.0009 4424 Number of processors: 2
17:25:23.0009 4424 Page size: 0x1000
17:25:23.0009 4424 Boot type: Normal boot
17:25:23.0009 4424 ============================================================
17:25:23.0384 4424 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:25:23.0384 4424 Drive \Device\Harddisk1\DR1 - Size: 0x74F300000 (29.24 Gb), SectorSize: 0x200, Cylinders: 0xEE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:25:23.0384 4424 ============================================================
17:25:23.0384 4424 \Device\Harddisk0\DR0:
17:25:23.0384 4424 MBR partitions:
17:25:23.0384 4424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
17:25:23.0384 4424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x14479800
17:25:23.0384 4424 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x162AC000, BlocksNum 0x240D9800
17:25:23.0384 4424 \Device\Harddisk1\DR1:
17:25:23.0384 4424 MBR partitions:
17:25:23.0384 4424 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3A77800
17:25:23.0384 4424 ============================================================
17:25:23.0399 4424 C: <-> \Device\Harddisk0\DR0\Partition2
17:25:23.0446 4424 D: <-> \Device\Harddisk0\DR0\Partition3
17:25:23.0446 4424 ============================================================
17:25:23.0446 4424 Initialize success
17:25:23.0446 4424 ============================================================
17:25:39.0623 6140 ============================================================
17:25:39.0623 6140 Scan started
17:25:39.0623 6140 Mode: Manual; SigCheck; TDLFS;
17:25:39.0623 6140 ============================================================
17:25:39.0857 6140 ================ Scan system memory ========================
17:25:39.0857 6140 System memory - ok
17:25:39.0857 6140 ================ Scan services =============================
17:25:40.0045 6140 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:25:40.0185 6140 1394ohci - ok
17:25:40.0247 6140 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:25:40.0279 6140 ACPI - ok
17:25:40.0310 6140 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:25:40.0341 6140 AcpiPmi - ok
17:25:40.0435 6140 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:25:40.0450 6140 AdobeFlashPlayerUpdateSvc - ok
17:25:40.0513 6140 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:25:40.0544 6140 adp94xx - ok
17:25:40.0591 6140 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:25:40.0622 6140 adpahci - ok
17:25:40.0637 6140 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:25:40.0669 6140 adpu320 - ok
17:25:40.0715 6140 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:25:40.0747 6140 AeLookupSvc - ok
17:25:40.0809 6140 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
17:25:40.0840 6140 AFD - ok
17:25:40.0903 6140 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
17:25:40.0934 6140 AgereModemAudio - ok
17:25:40.0981 6140 [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
17:25:41.0043 6140 AgereSoftModem - ok
17:25:41.0090 6140 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
17:25:41.0105 6140 agp440 - ok
17:25:41.0137 6140 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
17:25:41.0168 6140 aic78xx - ok
17:25:41.0215 6140 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
17:25:41.0261 6140 ALG - ok
17:25:41.0277 6140 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
17:25:41.0293 6140 aliide - ok
17:25:41.0339 6140 [ 4CD8AA0DC5C3F1E5A8FF67EB7D85ABB4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
17:25:41.0417 6140 AMD External Events Utility - ok
17:25:41.0433 6140 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
17:25:41.0464 6140 amdagp - ok
17:25:41.0511 6140 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
17:25:41.0527 6140 amdide - ok
17:25:41.0558 6140 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:25:41.0620 6140 AmdK8 - ok
17:25:41.0636 6140 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:25:41.0667 6140 AmdPPM - ok
17:25:41.0729 6140 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\windows\system32\drivers\amdsata.sys
17:25:41.0761 6140 amdsata - ok
17:25:41.0776 6140 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:25:41.0807 6140 amdsbs - ok
17:25:41.0823 6140 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:25:41.0839 6140 amdxata - ok
17:25:41.0932 6140 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:25:41.0948 6140 AntiVirSchedulerService - ok
17:25:41.0979 6140 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:25:42.0010 6140 AntiVirService - ok
17:25:42.0057 6140 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
17:25:42.0119 6140 AppID - ok
17:25:42.0151 6140 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:25:42.0213 6140 AppIDSvc - ok
17:25:42.0260 6140 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
17:25:42.0354 6140 Appinfo - ok
17:25:42.0432 6140 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:25:42.0464 6140 Apple Mobile Device - ok
17:25:42.0495 6140 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
17:25:42.0526 6140 arc - ok
17:25:42.0542 6140 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:25:42.0573 6140 arcsas - ok
17:25:42.0651 6140 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:25:42.0666 6140 aspnet_state - ok
17:25:42.0698 6140 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:25:42.0760 6140 AsyncMac - ok
17:25:42.0822 6140 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
17:25:42.0838 6140 atapi - ok
17:25:42.0994 6140 [ 745C79700646C3F285CD09775618A04B ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
17:25:43.0181 6140 atikmdag - ok
17:25:43.0244 6140 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:25:43.0322 6140 AudioEndpointBuilder - ok
17:25:43.0322 6140 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
17:25:43.0384 6140 Audiosrv - ok
17:25:43.0446 6140 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:25:43.0478 6140 avgntflt - ok
17:25:43.0493 6140 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:25:43.0524 6140 avipbb - ok
17:25:43.0556 6140 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:25:43.0571 6140 avkmgr - ok
17:25:43.0618 6140 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:25:43.0665 6140 AxInstSV - ok
17:25:43.0712 6140 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
17:25:43.0758 6140 b06bdrv - ok
17:25:43.0805 6140 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
17:25:43.0836 6140 b57nd60x - ok
17:25:43.0899 6140 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
17:25:43.0930 6140 BcmSqlStartupSvc - ok
17:25:43.0977 6140 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
17:25:44.0024 6140 BDESVC - ok
17:25:44.0039 6140 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
17:25:44.0102 6140 Beep - ok
17:25:44.0164 6140 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
17:25:44.0226 6140 BFE - ok
17:25:44.0273 6140 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
17:25:44.0351 6140 BITS - ok
17:25:44.0382 6140 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:25:44.0414 6140 blbdrive - ok
17:25:44.0523 6140 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:25:44.0538 6140 Bonjour Service - ok
17:25:44.0585 6140 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:25:44.0616 6140 bowser - ok
17:25:44.0648 6140 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:25:44.0679 6140 BrFiltLo - ok
17:25:44.0694 6140 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:25:44.0741 6140 BrFiltUp - ok
17:25:44.0788 6140 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
17:25:44.0819 6140 Browser - ok
17:25:44.0850 6140 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:25:44.0897 6140 Brserid - ok
17:25:44.0913 6140 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:25:44.0960 6140 BrSerWdm - ok
17:25:44.0975 6140 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:25:45.0006 6140 BrUsbMdm - ok
17:25:45.0022 6140 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:25:45.0084 6140 BrUsbSer - ok
17:25:45.0147 6140 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
17:25:45.0178 6140 BthEnum - ok
17:25:45.0194 6140 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:25:45.0240 6140 BTHMODEM - ok
17:25:45.0287 6140 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:25:45.0303 6140 BthPan - ok
17:25:45.0365 6140 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
17:25:45.0412 6140 BTHPORT - ok
17:25:45.0443 6140 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
17:25:45.0506 6140 bthserv - ok
17:25:45.0537 6140 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
17:25:45.0568 6140 BTHUSB - ok
17:25:45.0584 6140 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:25:45.0646 6140 cdfs - ok
17:25:45.0708 6140 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
17:25:45.0740 6140 cdrom - ok
17:25:45.0786 6140 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
17:25:45.0849 6140 CertPropSvc - ok
17:25:45.0880 6140 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:25:45.0911 6140 circlass - ok
17:25:45.0942 6140 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
17:25:45.0974 6140 CLFS - ok
17:25:46.0005 6140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:25:46.0036 6140 clr_optimization_v2.0.50727_32 - ok
17:25:46.0052 6140 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:25:46.0098 6140 CmBatt - ok
17:25:46.0145 6140 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
17:25:46.0161 6140 cmdide - ok
17:25:46.0208 6140 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
17:25:46.0254 6140 CNG - ok
17:25:46.0270 6140 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:25:46.0286 6140 Compbatt - ok
17:25:46.0348 6140 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:25:46.0395 6140 CompositeBus - ok
17:25:46.0410 6140 COMSysApp - ok
17:25:46.0426 6140 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:25:46.0457 6140 crcdisk - ok
17:25:46.0504 6140 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
17:25:46.0551 6140 CryptSvc - ok
17:25:46.0598 6140 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
17:25:46.0676 6140 DcomLaunch - ok
17:25:46.0707 6140 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
17:25:46.0769 6140 defragsvc - ok
17:25:46.0800 6140 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:25:46.0878 6140 DfsC - ok
17:25:46.0894 6140 DgiVecp - ok
17:25:46.0925 6140 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
17:25:47.0003 6140 Dhcp - ok
17:25:47.0034 6140 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
17:25:47.0097 6140 discache - ok
17:25:47.0144 6140 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
17:25:47.0159 6140 Disk - ok
17:25:47.0190 6140 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:25:47.0253 6140 Dnscache - ok
17:25:47.0284 6140 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
17:25:47.0346 6140 dot3svc - ok
17:25:47.0393 6140 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
17:25:47.0456 6140 DPS - ok
17:25:47.0502 6140 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:25:47.0549 6140 drmkaud - ok
17:25:47.0612 6140 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:25:47.0643 6140 DXGKrnl - ok
17:25:47.0690 6140 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
17:25:47.0752 6140 EapHost - ok
17:25:47.0846 6140 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
17:25:47.0955 6140 ebdrv - ok
17:25:47.0986 6140 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
17:25:48.0033 6140 EFS - ok
17:25:48.0111 6140 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:25:48.0158 6140 ehRecvr - ok
17:25:48.0204 6140 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
17:25:48.0236 6140 ehSched - ok
17:25:48.0298 6140 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:25:48.0329 6140 elxstor - ok
17:25:48.0345 6140 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:25:48.0392 6140 ErrDev - ok
17:25:48.0438 6140 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
17:25:48.0501 6140 EventSystem - ok
17:25:48.0532 6140 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
17:25:48.0594 6140 exfat - ok
17:25:48.0626 6140 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:25:48.0688 6140 fastfat - ok
17:25:48.0735 6140 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
17:25:48.0782 6140 Fax - ok
17:25:48.0813 6140 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:25:48.0828 6140 fdc - ok
17:25:48.0860 6140 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
17:25:48.0922 6140 fdPHost - ok
17:25:48.0938 6140 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
17:25:49.0000 6140 FDResPub - ok
17:25:49.0016 6140 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:25:49.0047 6140 FileInfo - ok
17:25:49.0062 6140 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:25:49.0125 6140 Filetrace - ok
17:25:49.0125 6140 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:25:49.0172 6140 flpydisk - ok
17:25:49.0203 6140 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:25:49.0218 6140 FltMgr - ok
17:25:49.0281 6140 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\windows\system32\FntCache.dll
17:25:49.0359 6140 FontCache - ok
17:25:49.0421 6140 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:25:49.0437 6140 FontCache3.0.0.0 - ok
17:25:49.0452 6140 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:25:49.0484 6140 FsDepends - ok
17:25:49.0515 6140 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:25:49.0530 6140 fssfltr - ok
17:25:49.0624 6140 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:25:49.0655 6140 fsssvc - ok
17:25:49.0686 6140 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:25:49.0718 6140 Fs_Rec - ok
17:25:49.0764 6140 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:25:49.0796 6140 fvevol - ok
17:25:49.0827 6140 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:25:49.0858 6140 gagp30kx - ok
17:25:49.0905 6140 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:25:49.0920 6140 GEARAspiWDM - ok
17:25:49.0967 6140 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
17:25:50.0030 6140 gpsvc - ok
17:25:50.0076 6140 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
17:25:50.0092 6140 hamachi - ok
17:25:50.0217 6140 [ A7EBBF64C7610B7C67D46AE620AADBA3 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
17:25:50.0279 6140 Hamachi2Svc - ok
17:25:50.0295 6140 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:25:50.0326 6140 hcw85cir - ok
17:25:50.0404 6140 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:25:50.0451 6140 HdAudAddService - ok
17:25:50.0482 6140 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:25:50.0513 6140 HDAudBus - ok
17:25:50.0544 6140 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:25:50.0576 6140 HidBatt - ok
17:25:50.0591 6140 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:25:50.0638 6140 HidBth - ok
17:25:50.0669 6140 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:25:50.0716 6140 HidIr - ok
17:25:50.0732 6140 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
17:25:50.0810 6140 hidserv - ok
17:25:50.0872 6140 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:25:50.0903 6140 HidUsb - ok
17:25:50.0950 6140 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
17:25:51.0012 6140 hkmsvc - ok
17:25:51.0059 6140 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:25:51.0090 6140 HomeGroupListener - ok
17:25:51.0137 6140 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:25:51.0184 6140 HomeGroupProvider - ok
17:25:51.0215 6140 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:25:51.0246 6140 HpSAMD - ok
17:25:51.0309 6140 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:25:51.0356 6140 HTTP - ok
17:25:51.0402 6140 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:25:51.0418 6140 hwpolicy - ok
17:25:51.0480 6140 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:25:51.0512 6140 i8042prt - ok
17:25:51.0558 6140 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:25:51.0590 6140 iaStor - ok
17:25:51.0621 6140 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:25:51.0652 6140 iaStorV - ok
17:25:51.0730 6140 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:25:51.0777 6140 idsvc - ok
17:25:51.0902 6140 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
17:25:52.0073 6140 igfx - ok
17:25:52.0104 6140 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:25:52.0136 6140 iirsp - ok
17:25:52.0198 6140 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
17:25:52.0260 6140 IKEEXT - ok
17:25:52.0354 6140 [ 5CEEF2CCCB4FE00D3FFBFEB12BCFA07F ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
17:25:52.0448 6140 IntcAzAudAddService - ok
17:25:52.0463 6140 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
17:25:52.0494 6140 intelide - ok
17:25:52.0526 6140 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:25:52.0572 6140 intelppm - ok
17:25:52.0619 6140 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:25:52.0666 6140 IPBusEnum - ok
17:25:52.0697 6140 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:25:52.0760 6140 IpFilterDriver - ok
17:25:52.0822 6140 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:25:52.0884 6140 iphlpsvc - ok
17:25:52.0931 6140 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:25:52.0962 6140 IPMIDRV - ok
17:25:52.0994 6140 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:25:53.0040 6140 IPNAT - ok
17:25:53.0134 6140 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:25:53.0165 6140 iPod Service - ok
17:25:53.0212 6140 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
17:25:53.0259 6140 IRENUM - ok
17:25:53.0290 6140 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:25:53.0321 6140 isapnp - ok
17:25:53.0337 6140 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:25:53.0368 6140 iScsiPrt - ok
17:25:53.0446 6140 [ A195C4FC49492928E8296B8C4AB00517 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
17:25:53.0462 6140 ISWKL - ok
17:25:53.0508 6140 [ E78EACA70B4E0C260E4B32972B7086AC ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
17:25:53.0540 6140 IswSvc - ok
17:25:53.0571 6140 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:25:53.0586 6140 kbdclass - ok
17:25:53.0633 6140 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:25:53.0680 6140 kbdhid - ok
17:25:53.0696 6140 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
17:25:53.0727 6140 KeyIso - ok
17:25:53.0758 6140 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:25:53.0789 6140 KSecDD - ok
17:25:53.0805 6140 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:25:53.0836 6140 KSecPkg - ok
17:25:53.0867 6140 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
17:25:53.0945 6140 KtmRm - ok
17:25:53.0976 6140 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
17:25:54.0039 6140 LanmanServer - ok
17:25:54.0070 6140 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:25:54.0132 6140 LanmanWorkstation - ok
17:25:54.0179 6140 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:25:54.0242 6140 lltdio - ok
17:25:54.0273 6140 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:25:54.0351 6140 lltdsvc - ok
17:25:54.0382 6140 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
17:25:54.0429 6140 lmhosts - ok
17:25:54.0460 6140 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:25:54.0491 6140 LSI_FC - ok
17:25:54.0491 6140 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:25:54.0522 6140 LSI_SAS - ok
17:25:54.0538 6140 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:25:54.0569 6140 LSI_SAS2 - ok
17:25:54.0585 6140 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:25:54.0600 6140 LSI_SCSI - ok
17:25:54.0632 6140 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
17:25:54.0710 6140 luafv - ok
17:25:54.0788 6140 McAfee SiteAdvisor Service - ok
17:25:54.0819 6140 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:25:54.0850 6140 Mcx2Svc - ok
17:25:54.0866 6140 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:25:54.0897 6140 megasas - ok
17:25:54.0928 6140 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:25:54.0959 6140 MegaSR - ok
17:25:54.0990 6140 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
17:25:55.0053 6140 MMCSS - ok
17:25:55.0068 6140 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
17:25:55.0115 6140 Modem - ok
17:25:55.0131 6140 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:25:55.0178 6140 monitor - ok
17:25:55.0224 6140 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:25:55.0256 6140 mouclass - ok
17:25:55.0302 6140 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:25:55.0334 6140 mouhid - ok
17:25:55.0365 6140 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:25:55.0396 6140 mountmgr - ok
17:25:55.0458 6140 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:25:55.0474 6140 MozillaMaintenance - ok
17:25:55.0521 6140 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
17:25:55.0536 6140 mpio - ok
17:25:55.0568 6140 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:25:55.0614 6140 mpsdrv - ok
17:25:55.0661 6140 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
17:25:55.0724 6140 MpsSvc - ok
17:25:55.0770 6140 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:25:55.0802 6140 MRxDAV - ok
17:25:55.0848 6140 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:25:55.0895 6140 mrxsmb - ok
17:25:55.0911 6140 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:25:55.0958 6140 mrxsmb10 - ok
17:25:55.0973 6140 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:25:56.0020 6140 mrxsmb20 - ok
17:25:56.0051 6140 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
17:25:56.0082 6140 msahci - ok
17:25:56.0082 6140 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:25:56.0114 6140 msdsm - ok
17:25:56.0129 6140 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
17:25:56.0176 6140 MSDTC - ok
17:25:56.0207 6140 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
17:25:56.0285 6140 Msfs - ok
17:25:56.0301 6140 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:25:56.0379 6140 mshidkmdf - ok
17:25:56.0394 6140 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:25:56.0426 6140 msisadrv - ok
17:25:56.0472 6140 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:25:56.0535 6140 MSiSCSI - ok
17:25:56.0535 6140 msiserver - ok
17:25:56.0566 6140 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:25:56.0628 6140 MSKSSRV - ok
17:25:56.0660 6140 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:25:56.0722 6140 MSPCLOCK - ok
17:25:56.0738 6140 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:25:56.0800 6140 MSPQM - ok
17:25:56.0831 6140 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:25:56.0862 6140 MsRPC - ok
17:25:56.0909 6140 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:25:56.0925 6140 mssmbios - ok
17:25:56.0987 6140 MSSQL$MSSMLBIZ - ok
17:25:57.0018 6140 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:25:57.0034 6140 MSSQLServerADHelper - ok
17:25:57.0065 6140 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:25:57.0112 6140 MSTEE - ok
17:25:57.0128 6140 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:25:57.0174 6140 MTConfig - ok
17:25:57.0190 6140 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
17:25:57.0206 6140 Mup - ok
17:25:57.0252 6140 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
17:25:57.0330 6140 napagent - ok
17:25:57.0377 6140 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:25:57.0408 6140 NativeWifiP - ok
17:25:57.0471 6140 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
17:25:57.0502 6140 NDIS - ok
17:25:57.0518 6140 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:25:57.0580 6140 NdisCap - ok
17:25:57.0611 6140 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:25:57.0674 6140 NdisTapi - ok
17:25:57.0736 6140 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:25:57.0798 6140 Ndisuio - ok
17:25:57.0830 6140 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:25:57.0892 6140 NdisWan - ok
17:25:57.0939 6140 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:25:58.0001 6140 NDProxy - ok
17:25:58.0048 6140 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:25:58.0110 6140 NetBIOS - ok
17:25:58.0142 6140 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:25:58.0220 6140 NetBT - ok
17:25:58.0235 6140 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
17:25:58.0266 6140 Netlogon - ok
17:25:58.0313 6140 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
17:25:58.0391 6140 Netman - ok
17:25:58.0407 6140 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
17:25:58.0485 6140 netprofm - ok
17:25:58.0516 6140 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:25:58.0547 6140 NetTcpPortSharing - ok
17:25:58.0578 6140 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:25:58.0610 6140 nfrd960 - ok
17:25:58.0641 6140 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
17:25:58.0703 6140 NlaSvc - ok
17:25:58.0750 6140 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:25:58.0797 6140 Npfs - ok
17:25:58.0828 6140 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
17:25:58.0875 6140 nsi - ok
17:25:58.0890 6140 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:25:58.0953 6140 nsiproxy - ok
17:25:59.0031 6140 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:25:59.0078 6140 Ntfs - ok
17:25:59.0109 6140 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
17:25:59.0187 6140 Null - ok
17:25:59.0218 6140 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:25:59.0249 6140 nvraid - ok
17:25:59.0265 6140 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:25:59.0280 6140 nvstor - ok
17:25:59.0327 6140 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:25:59.0358 6140 nv_agp - ok
17:25:59.0421 6140 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
17:25:59.0436 6140 OberonGameConsoleService - ok
17:25:59.0530 6140 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:25:59.0561 6140 odserv - ok
17:25:59.0592 6140 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:25:59.0624 6140 ohci1394 - ok
17:25:59.0655 6140 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:25:59.0686 6140 ose - ok
17:25:59.0733 6140 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:25:59.0780 6140 p2pimsvc - ok
17:25:59.0795 6140 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
17:25:59.0826 6140 p2psvc - ok
17:25:59.0858 6140 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:25:59.0889 6140 Parport - ok
17:25:59.0920 6140 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
17:25:59.0951 6140 partmgr - ok
17:25:59.0951 6140 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
17:25:59.0982 6140 Parvdm - ok
17:25:59.0998 6140 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
17:26:00.0029 6140 PcaSvc - ok
17:26:00.0060 6140 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
17:26:00.0092 6140 pci - ok
17:26:00.0107 6140 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
17:26:00.0123 6140 pciide - ok
17:26:00.0138 6140 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:26:00.0170 6140 pcmcia - ok
17:26:00.0185 6140 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
17:26:00.0216 6140 pcw - ok
17:26:00.0248 6140 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:26:00.0326 6140 PEAUTH - ok
17:26:00.0419 6140 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
17:26:00.0513 6140 pla - ok
17:26:00.0544 6140 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:26:00.0606 6140 PlugPlay - ok
17:26:00.0638 6140 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:26:00.0669 6140 PNRPAutoReg - ok
17:26:00.0700 6140 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:26:00.0731 6140 PNRPsvc - ok
17:26:00.0778 6140 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:26:00.0840 6140 PolicyAgent - ok
17:26:00.0872 6140 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
17:26:00.0918 6140 Power - ok
17:26:00.0965 6140 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:26:01.0012 6140 PptpMiniport - ok
17:26:01.0043 6140 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
17:26:01.0059 6140 Processor - ok
17:26:01.0106 6140 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\windows\system32\profsvc.dll
17:26:01.0152 6140 ProfSvc - ok
17:26:01.0168 6140 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
17:26:01.0199 6140 ProtectedStorage - ok
17:26:01.0230 6140 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:26:01.0293 6140 Psched - ok
17:26:01.0340 6140 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:26:01.0402 6140 ql2300 - ok
17:26:01.0418 6140 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:26:01.0449 6140 ql40xx - ok
17:26:01.0480 6140 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
17:26:01.0542 6140 QWAVE - ok
17:26:01.0542 6140 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:26:01.0574 6140 QWAVEdrv - ok
17:26:01.0605 6140 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:26:01.0667 6140 RasAcd - ok
17:26:01.0698 6140 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:26:01.0761 6140 RasAgileVpn - ok
17:26:01.0792 6140 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
17:26:01.0854 6140 RasAuto - ok
17:26:01.0886 6140 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:26:01.0948 6140 Rasl2tp - ok
17:26:01.0995 6140 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
17:26:02.0073 6140 RasMan - ok
17:26:02.0088 6140 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:26:02.0166 6140 RasPppoe - ok
17:26:02.0198 6140 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:26:02.0260 6140 RasSstp - ok
17:26:02.0307 6140 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:26:02.0369 6140 rdbss - ok
17:26:02.0385 6140 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:26:02.0416 6140 rdpbus - ok
17:26:02.0463 6140 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:26:02.0510 6140 RDPCDD - ok
17:26:02.0541 6140 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:26:02.0603 6140 RDPENCDD - ok
17:26:02.0619 6140 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:26:02.0681 6140 RDPREFMP - ok
17:26:02.0712 6140 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:26:02.0759 6140 RDPWD - ok
17:26:02.0806 6140 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:26:02.0837 6140 rdyboost - ok
17:26:02.0868 6140 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
17:26:02.0931 6140 RemoteAccess - ok
17:26:02.0962 6140 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:26:03.0024 6140 RemoteRegistry - ok
17:26:03.0071 6140 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SYSTEM32\Rezip.exe
17:26:03.0102 6140 Rezip ( UnsignedFile.Multi.Generic ) - warning
17:26:03.0102 6140 Rezip - detected UnsignedFile.Multi.Generic (1)
17:26:03.0149 6140 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:26:03.0212 6140 RFCOMM - ok
17:26:03.0243 6140 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:26:03.0321 6140 RpcEptMapper - ok
17:26:03.0352 6140 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
17:26:03.0383 6140 RpcLocator - ok
17:26:03.0414 6140 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
17:26:03.0477 6140 RpcSs - ok
17:26:03.0508 6140 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:26:03.0570 6140 rspndr - ok
17:26:03.0602 6140 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
17:26:03.0648 6140 RTL8167 - ok
17:26:03.0695 6140 [ A54DBEDF7CA55245AFD5B358BA5CA1B2 ] rtl819xp C:\windows\system32\DRIVERS\rtl819xp.sys
17:26:03.0758 6140 rtl819xp - ok
17:26:03.0804 6140 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
17:26:03.0851 6140 SABI - ok
17:26:03.0867 6140 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
17:26:03.0898 6140 SamSs - ok
17:26:03.0945 6140 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:26:03.0960 6140 sbp2port - ok
17:26:04.0007 6140 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:26:04.0070 6140 SCardSvr - ok
17:26:04.0070 6140 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:26:04.0132 6140 scfilter - ok
17:26:04.0179 6140 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
17:26:04.0257 6140 Schedule - ok
17:26:04.0272 6140 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
17:26:04.0319 6140 SCPolicySvc - ok
17:26:04.0366 6140 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:26:04.0413 6140 SDRSVC - ok
17:26:04.0444 6140 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:26:04.0491 6140 secdrv - ok
17:26:04.0522 6140 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
17:26:04.0600 6140 seclogon - ok
17:26:04.0616 6140 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
17:26:04.0678 6140 SENS - ok
17:26:04.0709 6140 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
17:26:04.0740 6140 SensrSvc - ok
17:26:04.0772 6140 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:26:04.0803 6140 Serenum - ok
17:26:04.0834 6140 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:26:04.0881 6140 Serial - ok
17:26:04.0896 6140 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:26:04.0928 6140 sermouse - ok
17:26:04.0974 6140 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
17:26:05.0037 6140 SessionEnv - ok
17:26:05.0068 6140 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:26:05.0099 6140 sffdisk - ok
17:26:05.0115 6140 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:26:05.0162 6140 sffp_mmc - ok
17:26:05.0193 6140 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:26:05.0240 6140 sffp_sd - ok
17:26:05.0271 6140 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:26:05.0318 6140 sfloppy - ok
17:26:05.0349 6140 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:26:05.0427 6140 SharedAccess - ok
17:26:05.0474 6140 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:26:05.0552 6140 ShellHWDetection - ok
17:26:05.0583 6140 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
17:26:05.0598 6140 sisagp - ok
17:26:05.0630 6140 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:26:05.0661 6140 SiSRaid2 - ok
17:26:05.0676 6140 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:26:05.0708 6140 SiSRaid4 - ok
17:26:05.0723 6140 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
17:26:05.0770 6140 Smb - ok
17:26:05.0817 6140 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:26:05.0848 6140 SNMPTRAP - ok
17:26:05.0879 6140 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
17:26:05.0895 6140 spldr - ok
17:26:05.0942 6140 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\windows\System32\spoolsv.exe
17:26:06.0004 6140 Spooler - ok
17:26:06.0113 6140 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
17:26:06.0222 6140 sppsvc - ok
17:26:06.0269 6140 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:26:06.0332 6140 sppuinotify - ok
17:26:06.0378 6140 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:26:06.0410 6140 SQLBrowser - ok
17:26:06.0441 6140 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:26:06.0456 6140 SQLWriter - ok
17:26:06.0503 6140 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
17:26:06.0550 6140 srv - ok
17:26:06.0566 6140 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:26:06.0612 6140 srv2 - ok
17:26:06.0645 6140 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:26:06.0691 6140 srvnet - ok
17:26:06.0723 6140 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:26:06.0801 6140 SSDPSRV - ok
17:26:06.0832 6140 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
17:26:06.0847 6140 ssmdrv - ok
17:26:06.0879 6140 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\windows\system32\Drivers\SSPORT.sys
17:26:06.0910 6140 SSPORT ( UnsignedFile.Multi.Generic ) - warning
17:26:06.0910 6140 SSPORT - detected UnsignedFile.Multi.Generic (1)
17:26:06.0925 6140 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
17:26:07.0003 6140 SstpSvc - ok
17:26:07.0035 6140 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:26:07.0050 6140 stexstor - ok
17:26:07.0113 6140 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
17:26:07.0175 6140 StiSvc - ok
17:26:07.0222 6140 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
17:26:07.0237 6140 swenum - ok
17:26:07.0269 6140 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
17:26:07.0331 6140 swprv - ok
17:26:07.0362 6140 [ 7A9025D8F7852B06D6D08ED536135E7E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:26:07.0393 6140 SynTP - ok
17:26:07.0456 6140 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
17:26:07.0518 6140 SysMain - ok
17:26:07.0565 6140 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
17:26:07.0612 6140 TabletInputService - ok
17:26:07.0660 6140 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
17:26:07.0722 6140 TapiSrv - ok
17:26:07.0769 6140 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
17:26:07.0831 6140 TBS - ok
17:26:07.0909 6140 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:26:07.0956 6140 Tcpip - ok
17:26:08.0003 6140 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:26:08.0050 6140 TCPIP6 - ok
17:26:08.0096 6140 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:26:08.0159 6140 tcpipreg - ok
17:26:08.0206 6140 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:26:08.0252 6140 TDPIPE - ok
17:26:08.0299 6140 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:26:08.0315 6140 TDTCP - ok
17:26:08.0362 6140 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:26:08.0408 6140 tdx - ok
17:26:08.0440 6140 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
17:26:08.0455 6140 TermDD - ok
17:26:08.0518 6140 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
17:26:08.0580 6140 TermService - ok
17:26:08.0627 6140 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
17:26:08.0674 6140 Themes - ok
17:26:08.0689 6140 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
17:26:08.0736 6140 THREADORDER - ok
17:26:08.0767 6140 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
17:26:08.0830 6140 TrkWks - ok
17:26:08.0892 6140 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:26:08.0939 6140 TrustedInstaller - ok
17:26:08.0970 6140 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:26:09.0032 6140 tssecsrv - ok
17:26:09.0079 6140 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:26:09.0126 6140 TsUsbFlt - ok
17:26:09.0173 6140 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:26:09.0235 6140 tunnel - ok
17:26:09.0266 6140 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:26:09.0282 6140 uagp35 - ok
17:26:09.0329 6140 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:26:09.0391 6140 udfs - ok
17:26:09.0438 6140 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:26:09.0485 6140 UI0Detect - ok
17:26:09.0532 6140 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:26:09.0547 6140 uliagpkx - ok
17:26:09.0578 6140 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
17:26:09.0610 6140 umbus - ok
17:26:09.0641 6140 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:26:09.0688 6140 UmPass - ok
17:26:09.0703 6140 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
17:26:09.0781 6140 upnphost - ok
17:26:09.0797 6140 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\windows\system32\drivers\usbccgp.sys
17:26:09.0844 6140 usbccgp - ok
17:26:09.0890 6140 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:26:09.0922 6140 usbcir - ok
17:26:09.0953 6140 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\windows\system32\drivers\usbehci.sys
17:26:10.0000 6140 usbehci - ok
17:26:10.0031 6140 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:26:10.0062 6140 usbhub - ok
17:26:10.0078 6140 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:26:10.0109 6140 usbohci - ok
17:26:10.0156 6140 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:26:10.0202 6140 usbprint - ok
17:26:10.0218 6140 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:26:10.0249 6140 USBSTOR - ok
17:26:10.0296 6140 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:26:10.0312 6140 usbuhci - ok
17:26:10.0358 6140 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
17:26:10.0405 6140 usbvideo - ok
17:26:10.0436 6140 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
17:26:10.0483 6140 UxSms - ok
17:26:10.0499 6140 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
17:26:10.0514 6140 VaultSvc - ok
17:26:10.0546 6140 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:26:10.0577 6140 vdrvroot - ok
17:26:10.0624 6140 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
17:26:10.0670 6140 vds - ok
17:26:10.0702 6140 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:26:10.0748 6140 vga - ok
17:26:10.0764 6140 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
17:26:10.0826 6140 VgaSave - ok
17:26:10.0873 6140 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:26:10.0889 6140 vhdmp - ok
17:26:10.0920 6140 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
17:26:10.0951 6140 viaagp - ok
17:26:10.0967 6140 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
17:26:10.0998 6140 ViaC7 - ok
17:26:11.0045 6140 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
17:26:11.0060 6140 viaide - ok
17:26:11.0092 6140 [ 88C52F322117F60B7A0C89D683E30F6A ] VMC326 C:\windows\system32\Drivers\VMC326.sys
17:26:11.0123 6140 VMC326 - ok
17:26:11.0138 6140 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:26:11.0170 6140 volmgr - ok
17:26:11.0201 6140 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:26:11.0232 6140 volmgrx - ok
17:26:11.0248 6140 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:26:11.0279 6140 volsnap - ok
17:26:11.0341 6140 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
17:26:11.0372 6140 Vsdatant - ok
17:26:11.0419 6140 vsmon - ok
17:26:11.0450 6140 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:26:11.0466 6140 vsmraid - ok
17:26:11.0544 6140 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
17:26:11.0622 6140 VSS - ok
17:26:11.0638 6140 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:26:11.0684 6140 vwifibus - ok
17:26:11.0716 6140 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:26:11.0762 6140 vwififlt - ok
17:26:11.0794 6140 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
17:26:11.0856 6140 vwifimp - ok
17:26:11.0887 6140 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
17:26:11.0965 6140 W32Time - ok
17:26:11.0996 6140 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:26:12.0028 6140 WacomPen - ok
17:26:12.0074 6140 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:26:12.0121 6140 WANARP - ok
17:26:12.0137 6140 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:26:12.0184 6140 Wanarpv6 - ok
17:26:12.0277 6140 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:26:12.0340 6140 WatAdminSvc - ok
17:26:12.0402 6140 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
17:26:12.0449 6140 wbengine - ok
17:26:12.0480 6140 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:26:12.0527 6140 WbioSrvc - ok
17:26:12.0574 6140 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
17:26:12.0605 6140 wcncsvc - ok
17:26:12.0620 6140 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:26:12.0683 6140 WcsPlugInService - ok
17:26:12.0714 6140 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
17:26:12.0745 6140 Wd - ok
17:26:12.0761 6140 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:26:12.0792 6140 Wdf01000 - ok
17:26:12.0808 6140 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
17:26:12.0854 6140 WdiServiceHost - ok
17:26:12.0854 6140 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
17:26:12.0886 6140 WdiSystemHost - ok
17:26:12.0917 6140 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
17:26:12.0964 6140 WebClient - ok
17:26:12.0995 6140 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
17:26:13.0057 6140 Wecsvc - ok
17:26:13.0073 6140 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
17:26:13.0151 6140 wercplsupport - ok
17:26:13.0182 6140 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
17:26:13.0244 6140 WerSvc - ok
17:26:13.0260 6140 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:26:13.0322 6140 WfpLwf - ok
17:26:13.0338 6140 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:26:13.0354 6140 WIMMount - ok
17:26:13.0432 6140 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:26:13.0478 6140 WinDefend - ok
17:26:13.0494 6140 WinHttpAutoProxySvc - ok
17:26:13.0556 6140 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:26:13.0619 6140 Winmgmt - ok
17:26:13.0681 6140 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
17:26:13.0759 6140 WinRM - ok
17:26:13.0837 6140 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:26:13.0868 6140 WinUsb - ok
17:26:13.0915 6140 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
17:26:13.0978 6140 Wlansvc - ok
17:26:14.0024 6140 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:26:14.0071 6140 WmiAcpi - ok
17:26:14.0118 6140 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:26:14.0165 6140 wmiApSrv - ok
17:26:14.0274 6140 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:26:14.0321 6140 WMPNetworkSvc - ok
17:26:14.0336 6140 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
17:26:14.0383 6140 WPCSvc - ok
17:26:14.0414 6140 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:26:14.0461 6140 WPDBusEnum - ok
17:26:14.0508 6140 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:26:14.0570 6140 ws2ifsl - ok
17:26:14.0586 6140 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
17:26:14.0617 6140 wscsvc - ok
17:26:14.0617 6140 WSearch - ok
17:26:14.0711 6140 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
17:26:14.0789 6140 wuauserv - ok
17:26:14.0836 6140 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:26:14.0898 6140 WudfPf - ok
17:26:14.0929 6140 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:26:14.0976 6140 WUDFRd - ok
17:26:15.0007 6140 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:26:15.0070 6140 wudfsvc - ok
17:26:15.0101 6140 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
17:26:15.0148 6140 WwanSvc - ok
17:26:15.0194 6140 [ F0CEEA6CC0E5BFEFC745B66DC5E9816B ] yksvc C:\windows\System32\yk62x86.dll
17:26:15.0241 6140 yksvc - ok
17:26:15.0272 6140 [ 3EB1576F77B60A6C79DD7742B67219B8 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
17:26:15.0319 6140 yukonw7 - ok
17:26:15.0366 6140 ================ Scan global ===============================
17:26:15.0413 6140 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
17:26:15.0444 6140 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
17:26:15.0460 6140 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
17:26:15.0491 6140 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
17:26:15.0538 6140 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
17:26:15.0538 6140 [Global] - ok
17:26:15.0538 6140 ================ Scan MBR ==================================
17:26:15.0569 6140 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
17:26:15.0990 6140 \Device\Harddisk0\DR0 - ok
17:26:16.0006 6140 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:26:16.0115 6140 \Device\Harddisk1\DR1 - ok
17:26:16.0115 6140 ================ Scan VBR ==================================
17:26:16.0130 6140 [ B2AECF08A32B808926E5E4BA05876F6A ] \Device\Harddisk0\DR0\Partition1
17:26:16.0130 6140 \Device\Harddisk0\DR0\Partition1 - ok
17:26:16.0146 6140 [ C7AC0852FC076CADBDCFE7FCF59C70D8 ] \Device\Harddisk0\DR0\Partition2
17:26:16.0146 6140 \Device\Harddisk0\DR0\Partition2 - ok
17:26:16.0177 6140 [ 8518B25833FC024387E2F561918BC87C ] \Device\Harddisk0\DR0\Partition3
17:26:16.0177 6140 \Device\Harddisk0\DR0\Partition3 - ok
17:26:16.0177 6140 [ AC21E0F6BF8F9C2B7A2E93CCA45EF565 ] \Device\Harddisk1\DR1\Partition1
17:26:16.0193 6140 \Device\Harddisk1\DR1\Partition1 - ok
17:26:16.0193 6140 ============================================================
17:26:16.0193 6140 Scan finished
17:26:16.0193 6140 ============================================================
17:26:16.0208 4812 Detected object count: 2
17:26:16.0208 4812 Actual detected object count: 2
17:26:24.0929 4812 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
17:26:24.0929 4812 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:26:24.0929 4812 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
17:26:24.0929 4812 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
10.12.2012, 19:53
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-Karte Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2012, 13:33
| #13 |
| | recycler/e621ca05.exe auf meiner SD-Karte log von combofix: Code:
ATTFilter ComboFix 12-12-10.01 - Jörg Panzer 12.12.2012 13:11:00.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3037.2252 [GMT 1:00]
ausgeführt von:: c:\users\J÷rg Panzer\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-12 bis 2012-12-12 ))))))))))))))))))))))))))))))
.
.
2012-12-12 12:22 . 2012-12-12 12:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-11 12:52 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{836EB083-6702-4DD5-A31D-815BF7B8F7F6}\mpengine.dll
2012-12-10 16:11 . 2012-12-10 16:11 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-05 18:22 . 2012-12-05 18:22 -------- d-----w- c:\users\Jörg Panzer\AppData\Roaming\Malwarebytes
2012-12-05 18:22 . 2012-12-05 18:22 -------- d-----w- c:\programdata\Malwarebytes
2012-12-05 18:22 . 2012-12-05 18:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-05 18:22 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-01 09:23 . 2012-12-01 09:23 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-11-30 16:15 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-30 16:15 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-30 16:15 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-11-30 16:15 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-30 16:15 . 2012-09-14 18:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-30 16:14 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-30 16:14 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-30 16:14 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-30 16:14 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-11-30 16:14 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-30 16:14 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-30 16:14 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-30 16:14 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-11 21:33 . 2012-08-18 18:12 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-11 21:33 . 2011-10-07 10:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-29 15:51 . 2011-10-06 11:29 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Jörg Panzer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Jörg Panzer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Jörg Panzer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-01 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-19 7711264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-11 348664]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-08-03 73392]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-01-21 220744]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2010-06-08 618496]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 rtl819xp;Realtek RTL8190\RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\DRIVERS\rtl819xp.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x]
S2 Rezip;Rezip;c:\windows\SYSTEM32\Rezip.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [x]
S3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 21:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Jörg Panzer\AppData\Roaming\Mozilla\Firefox\Profiles\nbecm84s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732
FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732&q={searchTerms}
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732&q={searchTerms}
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?Source=Newtab&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=6c6e06ca0000000000000024541dc732
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24049646502415-1001&toolbarId=base&affiliateId=1025&Lan={dfltLng}&utid=6c6e06ca0000000000000024541dc732&q=
FF - user.js: extensions.zonealarm.id - 6c6e06ca0000000000000024541dc732
FF - user.js: extensions.zonealarm.instlDay - 15579
FF - user.js: extensions.zonealarm.vrsn - 1.6.7.4
FF - user.js: extensions.zonealarm.vrsni - 1.6.7.4
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.6.7.418:43
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24049646502415-1001
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - (no file)
HKLM-Run-ISW - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(588)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Zeit der Fertigstellung: 2012-12-12 13:26:10
ComboFix-quarantined-files.txt 2012-12-12 12:26
.
Vor Suchlauf: 8 Verzeichnis(se), 134.250.852.352 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 135.275.180.032 Bytes frei
.
- - End Of File - - 89993E6BDD4684931D3BB0B09145AA65
 |
|
12.12.2012, 14:33
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | recycler/e621ca05.exe auf meiner SD-Karte adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2012, 23:35
| #15 |
| | recycler/e621ca05.exe auf meiner SD-KarteCode:
ATTFilter # AdwCleaner v2.100 - Datei am 12/12/2012 um 23:33:41 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Jörg Panzer - FRIEDENSPANZER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jörg Panzer\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Jörg Panzer\AppData\Roaming\Mozilla\Firefox\Profiles\nbecm84s.default\searchplugins\Conduit.xml
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Jörg Panzer\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Jörg Panzer\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Jörg Panzer\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Jörg Panzer\AppData\Roaming\Mozilla\Firefox\Profiles\nbecm84s.default\ConduitCommon
Ordner Gefunden : C:\Users\Jörg Panzer\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16455
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v14.0.1 (de)
Profilname : default
Datei : C:\Users\Jörg Panzer\AppData\Roaming\Mozilla\Firefox\Profiles\nbecm84s.default\prefs.js
Gefunden : user_pref("CT2613550..clientLogIsEnabled", false);
Gefunden : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2613550.CTID", "CT2613550");
Gefunden : user_pref("CT2613550.CurrentServerDate", "6-10-2011");
Gefunden : user_pref("CT2613550.DSChangedManually", true);
Gefunden : user_pref("CT2613550.DSInstall", true);
Gefunden : user_pref("CT2613550.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2613550.DialogsGetterLastCheckTime", "Thu Oct 06 2011 13:46:25 GMT+0200");
Gefunden : user_pref("CT2613550.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2613550.EMailNotifierPollDate", "Thu Oct 06 2011 14:03:59 GMT+0200");
Gefunden : user_pref("CT2613550.FirstServerDate", "6-10-2011");
Gefunden : user_pref("CT2613550.FirstTime", true);
Gefunden : user_pref("CT2613550.FirstTimeFF3", true);
Gefunden : user_pref("CT2613550.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2613550.HPInstall", false);
Gefunden : user_pref("CT2613550.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2613550.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT2613550.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Gefunden : user_pref("CT2613550.Initialize", true);
Gefunden : user_pref("CT2613550.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2613550.InstallationAndCookieDataSentCount", 1);
Gefunden : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2613550.InstalledDate", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CT2613550.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2613550.IsGrouping", false);
Gefunden : user_pref("CT2613550.IsInitSetupIni", true);
Gefunden : user_pref("CT2613550.IsMulticommunity", false);
Gefunden : user_pref("CT2613550.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2613550.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2613550.IsProtectorsInit", true);
Gefunden : user_pref("CT2613550.LanguagePackLastCheckTime", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2613550.LastLogin_3.7.0.6", "Thu Oct 06 2011 13:46:27 GMT+0200");
Gefunden : user_pref("CT2613550.LatestVersion", "3.7.0.6");
Gefunden : user_pref("CT2613550.Locale", "de-de");
Gefunden : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2613550.MCDetectTooltipShow", false);
Gefunden : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2613550.MyStuffEnabledAtInstallation", false);
Gefunden : user_pref("CT2613550.OriginalFirstVersion", "3.7.0.6");
Gefunden : user_pref("CT2613550.SearchBoxWidth", 100);
Gefunden : user_pref("CT2613550.SearchCaption", "ZoneAlarm-Sicherheit Customized Web Search");
Gefunden : user_pref("CT2613550.SearchEngineBeforeUnload", "ZoneAlarm-Sicherheit Customized Web Search");
Gefunden : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Gefunden : user_pref("CT2613550.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Thu Oct 06 2011 13:46:27 GMT+0200");
Gefunden : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2613550.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gefunden : user_pref("CT2613550.SearchProtectorEnabled", false);
Gefunden : user_pref("CT2613550.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2613550.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT2613550.ServiceMapLastCheckTime", "Thu Oct 06 2011 13:46:24 GMT+0200");
Gefunden : user_pref("CT2613550.SettingsLastCheckTime", "Thu Oct 06 2011 13:46:24 GMT+0200");
Gefunden : user_pref("CT2613550.SettingsLastUpdate", "1317549292");
Gefunden : user_pref("CT2613550.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13");
Gefunden : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Thu Oct 06 2011 13:46:24 GMT+0200");
Gefunden : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Gefunden : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Gefunden : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2613550.UserID", "UN90027255191702651");
Gefunden : user_pref("CT2613550.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2613550.alertChannelId", "1006347");
Gefunden : user_pref("CT2613550.approveUntrustedApps", true);
Gefunden : user_pref("CT2613550.components.1000034", false);
Gefunden : user_pref("CT2613550.components.129171076488856945", false);
Gefunden : user_pref("CT2613550.components.129171076489169448", false);
Gefunden : user_pref("CT2613550.components.129539182460150402", false);
Gefunden : user_pref("CT2613550.components.129539182525463225", true);
Gefunden : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2613550.initDone", true);
Gefunden : user_pref("CT2613550.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2613550.myStuffEnabled", true);
Gefunden : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2613550.revertSettingsEnabled", true);
Gefunden : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2613550.testingCtid", "");
Gefunden : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Thu Oct 06 2011 13:46:25 GMT+0200");
Gefunden : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CT2613550.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm-Sicherheit Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1006347/1002062/DE", "\"0\"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2613550&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jörg Panzer\\AppData\\Roaming\\Mozi[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CommunityToolbar.globalUserId", "398eb237-1743-4092-8807-ac2959201206");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613550");
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Oct 06 2011 13:46:2[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Oct 06 2011 13:46:35 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Oct 06 2011 13:46:26 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "9c511ed3-4b7b-4ee3-b0d2-c64901febad0");
Gefunden : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Gefunden : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Gefunden : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm-Sicherheit Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&Sea[...]
*************************
AdwCleaner[R1].txt - [16152 octets] - [12/12/2012 23:33:41]
########## EOF - C:\AdwCleaner[R1].txt - [16213 octets] ##########
|
|
| Themen zu recycler/e621ca05.exe auf meiner SD-Karte |
| 4d36e972-e325-11ce-bfc1-08002be10318, andere, anderen, angezeigt, beratung, beste, besten, branding, einfach, fotos, heuristics, informieren, leute, nicht mehr, ordner, ordner werden zu verknüpfungen, plug-in, poste, posten, recycler/e621ca05.exe, scan, schei, schonmal, speicherkarte, status, thread, trojaner, umgehen, urlaub, verknüpfung, wrapper, würde |
Linear-Darstellung
