| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC läuft zu langsam (Schädlingsverdacht)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.02.2013, 14:44
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PC läuft zu langsam (Schädlingsverdacht) Ja aber du hast es zerhackstückelt Bitte so vorgehen => http://www.trojaner-board.de/69886-a...tml#post566999
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.02.2013, 17:19
| #17 |
 | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter 15:07:09.0717 2988 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:07:10.0017 2988 ============================================================
15:07:10.0017 2988 Current date / time: 2013/02/15 15:07:10.0017
15:07:10.0017 2988 SystemInfo:
15:07:10.0017 2988
15:07:10.0017 2988 OS Version: 6.1.7601 ServicePack: 1.0
15:07:10.0017 2988 Product type: Workstation
15:07:10.0017 2988 ComputerName: BIBA
15:07:10.0017 2988 UserName: 15G22J0290K0EU2Y
15:07:10.0017 2988 Windows directory: C:\Windows
15:07:10.0017 2988 System windows directory: C:\Windows
15:07:10.0017 2988 Processor architecture: Intel x86
15:07:10.0017 2988 Number of processors: 4
15:07:10.0017 2988 Page size: 0x1000
15:07:10.0017 2988 Boot type: Normal boot
15:07:10.0017 2988 ============================================================
15:07:14.0363 2988 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x46FCB, SectorsPerTrack: 0x32, TracksPerCylinder: 0x2B, Type 'K0', Flags 0x00000050
15:07:14.0523 2988 ============================================================
15:07:14.0523 2988 \Device\Harddisk0\DR0:
15:07:14.0657 2988 MBR partitions:
15:07:14.0657 2988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1000568, BlocksNum 0xC530622
15:07:14.0658 2988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD530B8A, BlocksNum 0x17EED2FE
15:07:14.0658 2988 ============================================================
15:07:14.0705 2988 C: <-> \Device\Harddisk0\DR0\Partition1
15:07:14.0745 2988 D: <-> \Device\Harddisk0\DR0\Partition2
15:07:14.0745 2988 ============================================================
15:07:14.0745 2988 Initialize success
15:07:14.0745 2988 ============================================================
15:07:19.0351 2552 ============================================================
15:07:19.0351 2552 Scan started
15:07:19.0351 2552 Mode: Manual;
15:07:19.0351 2552 ============================================================
15:07:20.0181 2552 ================ Scan system memory ========================
15:07:20.0181 2552 System memory - ok
15:07:20.0181 2552 ================ Scan services =============================
15:07:20.0361 2552 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:07:20.0361 2552 1394ohci - ok
15:07:20.0421 2552 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:07:20.0441 2552 ACPI - ok
15:07:20.0491 2552 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:07:20.0551 2552 AcpiPmi - ok
15:07:20.0641 2552 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:07:20.0641 2552 AdobeARMservice - ok
15:07:20.0701 2552 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:07:20.0711 2552 AdobeFlashPlayerUpdateSvc - ok
15:07:20.0771 2552 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:07:20.0781 2552 adp94xx - ok
15:07:20.0821 2552 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:07:20.0821 2552 adpahci - ok
15:07:20.0851 2552 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:07:20.0861 2552 adpu320 - ok
15:07:20.0901 2552 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:07:20.0911 2552 AeLookupSvc - ok
15:07:20.0941 2552 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:07:20.0951 2552 AFD - ok
15:07:20.0991 2552 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:07:20.0991 2552 agp440 - ok
15:07:21.0031 2552 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:07:21.0041 2552 aic78xx - ok
15:07:21.0071 2552 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:07:21.0071 2552 ALG - ok
15:07:21.0101 2552 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:07:21.0101 2552 aliide - ok
15:07:21.0131 2552 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:07:21.0131 2552 amdagp - ok
15:07:21.0161 2552 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:07:21.0161 2552 amdide - ok
15:07:21.0181 2552 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:07:21.0191 2552 AmdK8 - ok
15:07:21.0211 2552 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:07:21.0221 2552 AmdPPM - ok
15:07:21.0251 2552 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:07:21.0261 2552 amdsata - ok
15:07:21.0301 2552 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:07:21.0311 2552 amdsbs - ok
15:07:21.0331 2552 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:07:21.0331 2552 amdxata - ok
15:07:21.0361 2552 [ D2BF422C2611632AFB9CE8F7B2A8C306 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:07:21.0361 2552 AmUStor - ok
15:07:21.0411 2552 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:07:21.0411 2552 AppID - ok
15:07:21.0451 2552 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:07:21.0451 2552 AppIDSvc - ok
15:07:21.0491 2552 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:07:21.0491 2552 Appinfo - ok
15:07:21.0531 2552 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:07:21.0531 2552 arc - ok
15:07:21.0551 2552 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:07:21.0561 2552 arcsas - ok
15:07:21.0581 2552 [ ADAA34740E9F6AFF94CC75D5CF8ED7E2 ] ASInsHelp C:\Windows\system32\drivers\AsInsHelp32.sys
15:07:21.0591 2552 ASInsHelp - ok
15:07:21.0611 2552 [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO C:\Windows\system32\drivers\AsIO.sys
15:07:21.0611 2552 AsIO - ok
15:07:21.0641 2552 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:21.0641 2552 AsyncMac - ok
15:07:21.0671 2552 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:07:21.0681 2552 atapi - ok
15:07:21.0771 2552 [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr C:\Windows\system32\DRIVERS\athr.sys
15:07:21.0831 2552 athr - ok
15:07:21.0881 2552 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:07:21.0891 2552 AudioEndpointBuilder - ok
15:07:21.0911 2552 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:07:21.0921 2552 Audiosrv - ok
15:07:21.0971 2552 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:07:21.0971 2552 AxInstSV - ok
15:07:22.0011 2552 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:07:22.0021 2552 b06bdrv - ok
15:07:22.0051 2552 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:07:22.0051 2552 b57nd60x - ok
15:07:22.0091 2552 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:07:22.0101 2552 BDESVC - ok
15:07:22.0121 2552 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:07:22.0121 2552 Beep - ok
15:07:22.0181 2552 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:07:22.0201 2552 BFE - ok
15:07:22.0241 2552 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:07:22.0291 2552 BITS - ok
15:07:22.0331 2552 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:07:22.0331 2552 blbdrive - ok
15:07:22.0361 2552 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:07:22.0371 2552 bowser - ok
15:07:22.0391 2552 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:07:22.0391 2552 BrFiltLo - ok
15:07:22.0411 2552 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:07:22.0411 2552 BrFiltUp - ok
15:07:22.0461 2552 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:07:22.0461 2552 Browser - ok
15:07:22.0491 2552 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:07:22.0491 2552 Brserid - ok
15:07:22.0531 2552 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:22.0531 2552 BrSerWdm - ok
15:07:22.0551 2552 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:22.0561 2552 BrUsbMdm - ok
15:07:22.0571 2552 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:22.0581 2552 BrUsbSer - ok
15:07:22.0601 2552 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:07:22.0601 2552 BTHMODEM - ok
15:07:22.0641 2552 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:07:22.0641 2552 bthserv - ok
15:07:22.0671 2552 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:07:22.0671 2552 cdfs - ok
15:07:22.0701 2552 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:07:22.0701 2552 cdrom - ok
15:07:22.0751 2552 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:07:22.0751 2552 CertPropSvc - ok
15:07:22.0791 2552 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:07:22.0801 2552 circlass - ok
15:07:22.0831 2552 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:07:22.0841 2552 CLFS - ok
15:07:22.0911 2552 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:22.0911 2552 clr_optimization_v2.0.50727_32 - ok
15:07:22.0941 2552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:22.0951 2552 clr_optimization_v4.0.30319_32 - ok
15:07:22.0981 2552 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:07:22.0991 2552 CmBatt - ok
15:07:23.0021 2552 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:07:23.0021 2552 cmdide - ok
15:07:23.0061 2552 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
15:07:23.0071 2552 CNG - ok
15:07:23.0091 2552 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:07:23.0091 2552 Compbatt - ok
15:07:23.0121 2552 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:07:23.0131 2552 CompositeBus - ok
15:07:23.0141 2552 COMSysApp - ok
15:07:23.0161 2552 cooonihv - ok
15:07:23.0191 2552 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:07:23.0191 2552 crcdisk - ok
15:07:23.0251 2552 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:07:23.0261 2552 CryptSvc - ok
15:07:23.0331 2552 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:07:23.0341 2552 DcomLaunch - ok
15:07:23.0381 2552 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:07:23.0391 2552 defragsvc - ok
15:07:23.0441 2552 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:07:23.0441 2552 DfsC - ok
15:07:23.0471 2552 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:07:23.0471 2552 Dhcp - ok
15:07:23.0501 2552 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:07:23.0511 2552 discache - ok
15:07:23.0541 2552 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:07:23.0541 2552 Disk - ok
15:07:23.0551 2552 Dnscache - ok
15:07:23.0601 2552 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:07:23.0611 2552 dot3svc - ok
15:07:23.0641 2552 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:07:23.0651 2552 DPS - ok
15:07:23.0681 2552 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:07:23.0681 2552 drmkaud - ok
15:07:23.0751 2552 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:07:23.0761 2552 dtsoftbus01 - ok
15:07:23.0821 2552 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:07:23.0831 2552 DXGKrnl - ok
15:07:23.0871 2552 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:07:23.0881 2552 EapHost - ok
15:07:24.0011 2552 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:07:24.0101 2552 ebdrv - ok
15:07:24.0161 2552 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:07:24.0161 2552 EFS - ok
15:07:24.0221 2552 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:07:24.0231 2552 elxstor - ok
15:07:24.0271 2552 [ 70C764BFE0EC4B1B242E9626D3564443 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
15:07:24.0271 2552 enecir - ok
15:07:24.0301 2552 [ 65BF24816C2814596253F312DD35F171 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
15:07:24.0301 2552 enecirhid - ok
15:07:24.0331 2552 [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
15:07:24.0331 2552 enecirhidma - ok
15:07:24.0421 2552 [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv C:\Windows\system32\epmntdrv.sys
15:07:24.0421 2552 epmntdrv - ok
15:07:24.0441 2552 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:07:24.0451 2552 ErrDev - ok
15:07:24.0511 2552 [ 44081333DB283E141F89AE4EC74ED961 ] ETSCSERVICE C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe
15:07:24.0511 2552 ETSCSERVICE - ok
15:07:24.0581 2552 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
15:07:24.0581 2552 EuGdiDrv - ok
15:07:24.0641 2552 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:07:24.0651 2552 EventSystem - ok
15:07:24.0681 2552 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:07:24.0691 2552 exfat - ok
15:07:24.0721 2552 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:07:24.0721 2552 fastfat - ok
15:07:24.0771 2552 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:07:24.0791 2552 Fax - ok
15:07:24.0811 2552 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:07:24.0811 2552 fdc - ok
15:07:24.0851 2552 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:07:24.0851 2552 fdPHost - ok
15:07:24.0881 2552 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:07:24.0881 2552 FDResPub - ok
15:07:24.0911 2552 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:07:24.0921 2552 FileInfo - ok
15:07:24.0941 2552 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:07:24.0941 2552 Filetrace - ok
15:07:24.0971 2552 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:24.0971 2552 flpydisk - ok
15:07:25.0001 2552 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:07:25.0011 2552 FltMgr - ok
15:07:25.0071 2552 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:07:25.0091 2552 FontCache - ok
15:07:25.0121 2552 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:07:25.0121 2552 FsDepends - ok
15:07:25.0161 2552 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:07:25.0161 2552 Fs_Rec - ok
15:07:25.0201 2552 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:07:25.0211 2552 fvevol - ok
15:07:25.0241 2552 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:07:25.0251 2552 gagp30kx - ok
15:07:25.0291 2552 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:07:25.0301 2552 gpsvc - ok
15:07:25.0381 2552 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:07:25.0391 2552 gupdate - ok
15:07:25.0401 2552 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:07:25.0401 2552 gupdatem - ok
15:07:25.0441 2552 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:07:25.0451 2552 hcw85cir - ok
15:07:25.0491 2552 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:07:25.0501 2552 HdAudAddService - ok
15:07:25.0521 2552 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:07:25.0531 2552 HDAudBus - ok
15:07:25.0551 2552 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:07:25.0551 2552 HidBatt - ok
15:07:25.0571 2552 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:07:25.0581 2552 HidBth - ok
15:07:25.0611 2552 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:07:25.0611 2552 HidIr - ok
15:07:25.0641 2552 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:07:25.0651 2552 hidserv - ok
15:07:25.0671 2552 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:07:25.0681 2552 HidUsb - ok
15:07:25.0721 2552 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:07:25.0731 2552 hkmsvc - ok
15:07:25.0771 2552 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:07:25.0781 2552 HomeGroupListener - ok
15:07:25.0831 2552 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:07:25.0871 2552 HomeGroupProvider - ok
15:07:25.0911 2552 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:07:25.0921 2552 HpSAMD - ok
15:07:25.0971 2552 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:07:25.0981 2552 HTTP - ok
15:07:26.0001 2552 hwdatacard - ok
15:07:26.0041 2552 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:07:26.0051 2552 hwpolicy - ok
15:07:26.0081 2552 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:07:26.0091 2552 i8042prt - ok
15:07:26.0141 2552 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:07:26.0151 2552 iaStorV - ok
15:07:26.0181 2552 [ 5E2AD01BD003E998AE89C843A600A0CE ] IdcFltr C:\Windows\system32\DRIVERS\idcfltr.sys
15:07:26.0191 2552 IdcFltr - ok
15:07:26.0221 2552 [ 57C85D767CB8A8D90939F3A268F4FC57 ] IdcSrv C:\Program Files\IdeaCom\TSC\IdcSrv.exe
15:07:26.0221 2552 IdcSrv - ok
15:07:26.0271 2552 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:07:26.0271 2552 iirsp - ok
15:07:26.0331 2552 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:07:26.0351 2552 IKEEXT - ok
15:07:26.0501 2552 [ 2D6E527B8BE62FB0223DA0C2D9C75B45 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:07:26.0621 2552 IntcAzAudAddService - ok
15:07:26.0651 2552 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:07:26.0661 2552 intelide - ok
15:07:26.0701 2552 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:07:26.0701 2552 intelppm - ok
15:07:26.0731 2552 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:07:26.0741 2552 IPBusEnum - ok
15:07:26.0771 2552 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:26.0771 2552 IpFilterDriver - ok
15:07:26.0831 2552 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:07:26.0841 2552 iphlpsvc - ok
15:07:26.0881 2552 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:07:26.0891 2552 IPMIDRV - ok
15:07:26.0921 2552 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:07:26.0921 2552 IPNAT - ok
15:07:26.0941 2552 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:07:26.0951 2552 IRENUM - ok
15:07:26.0971 2552 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:07:26.0981 2552 isapnp - ok
15:07:27.0001 2552 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:07:27.0011 2552 iScsiPrt - ok
15:07:27.0021 2552 islxmqgh - ok
15:07:27.0041 2552 ivtpxjih - ok
15:07:27.0061 2552 iwaozptt - ok
15:07:27.0101 2552 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:07:27.0101 2552 kbdclass - ok
15:07:27.0121 2552 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:07:27.0121 2552 kbdhid - ok
15:07:27.0151 2552 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:07:27.0151 2552 KeyIso - ok
15:07:27.0191 2552 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:07:27.0191 2552 KSecDD - ok
15:07:27.0231 2552 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:07:27.0241 2552 KSecPkg - ok
15:07:27.0281 2552 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:07:27.0291 2552 KtmRm - ok
15:07:27.0331 2552 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:07:27.0341 2552 LanmanServer - ok
15:07:27.0431 2552 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:07:27.0441 2552 LightScribeService - ok
15:07:27.0471 2552 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:07:27.0471 2552 lltdio - ok
15:07:27.0511 2552 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:07:27.0521 2552 lltdsvc - ok
15:07:27.0541 2552 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:07:27.0551 2552 lmhosts - ok
15:07:27.0591 2552 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:07:27.0591 2552 LSI_FC - ok
15:07:27.0631 2552 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:07:27.0631 2552 LSI_SAS - ok
15:07:27.0651 2552 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:07:27.0661 2552 LSI_SAS2 - ok
15:07:27.0681 2552 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:07:27.0691 2552 LSI_SCSI - ok
15:07:27.0721 2552 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:07:27.0721 2552 luafv - ok
15:07:27.0751 2552 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:07:27.0761 2552 megasas - ok
15:07:27.0801 2552 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:07:27.0801 2552 MegaSR - ok
15:07:27.0921 2552 Microsoft SharePoint Workspace Audit Service - ok
15:07:27.0981 2552 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:07:27.0991 2552 MMCSS - ok
15:07:28.0131 2552 [ 5A78BB029FD8414381FF1315F1E46947 ] Mobile Broadband HL Service C:\ProgramData\MobileBrServ\mbbservice.exe
15:07:28.0131 2552 Mobile Broadband HL Service - ok
15:07:28.0171 2552 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:07:28.0171 2552 Modem - ok
15:07:28.0211 2552 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:07:28.0211 2552 monitor - ok
15:07:28.0261 2552 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:07:28.0261 2552 mouclass - ok
15:07:28.0281 2552 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:07:28.0291 2552 mouhid - ok
15:07:28.0341 2552 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:07:28.0341 2552 mountmgr - ok
15:07:28.0411 2552 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:07:28.0411 2552 MpFilter - ok
|
|
16.02.2013, 17:21
| #18 |
| | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter 15:07:28.0451 2552 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:07:28.0451 2552 mpio - ok
15:07:28.0621 2552 [ A69630D039C38018689190234F866D77 ] MpKsl91c24d7b C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{847D2914-C64B-4D37-A04A-787BDD103C08}\MpKsl91c24d7b.sys
15:07:28.0621 2552 MpKsl91c24d7b - ok
15:07:28.0651 2552 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:07:28.0661 2552 mpsdrv - ok
15:07:28.0711 2552 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:07:28.0731 2552 MpsSvc - ok
15:07:28.0781 2552 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:07:28.0781 2552 MRxDAV - ok
15:07:28.0841 2552 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:28.0851 2552 mrxsmb - ok
15:07:28.0931 2552 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:28.0941 2552 mrxsmb10 - ok
15:07:28.0971 2552 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:28.0981 2552 mrxsmb20 - ok
15:07:29.0031 2552 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:07:29.0031 2552 msahci - ok
15:07:29.0071 2552 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:07:29.0081 2552 msdsm - ok
15:07:29.0111 2552 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:07:29.0121 2552 MSDTC - ok
15:07:29.0171 2552 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:07:29.0181 2552 Msfs - ok
15:07:29.0211 2552 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:07:29.0211 2552 mshidkmdf - ok
15:07:29.0251 2552 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:07:29.0251 2552 msisadrv - ok
15:07:29.0301 2552 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:07:29.0311 2552 MSiSCSI - ok
15:07:29.0331 2552 msiserver - ok
15:07:29.0381 2552 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:07:29.0381 2552 MSKSSRV - ok
15:07:29.0451 2552 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:07:29.0461 2552 MsMpSvc - ok
15:07:29.0501 2552 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:29.0511 2552 MSPCLOCK - ok
15:07:29.0551 2552 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:07:29.0561 2552 MSPQM - ok
15:07:29.0601 2552 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:07:29.0611 2552 MsRPC - ok
15:07:29.0681 2552 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:07:29.0691 2552 mssmbios - ok
15:07:29.0721 2552 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:07:29.0731 2552 MSTEE - ok
15:07:29.0791 2552 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:07:29.0801 2552 MTConfig - ok
15:07:29.0851 2552 [ CBE71C122434805CB73FFB6619F60598 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:07:29.0851 2552 MTsensor - ok
15:07:29.0891 2552 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:07:29.0891 2552 Mup - ok
15:07:29.0951 2552 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:07:29.0971 2552 napagent - ok
15:07:30.0021 2552 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:07:30.0021 2552 NativeWifiP - ok
15:07:30.0141 2552 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
15:07:30.0161 2552 NAUpdate - ok
15:07:30.0241 2552 [ E240F3204E86B7B6CCF266B2A2AD32B4 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
15:07:30.0241 2552 NBVol - ok
15:07:30.0281 2552 [ C0CF3CCCCE3C75F7280C89029AB47866 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
15:07:30.0291 2552 NBVolUp - ok
15:07:30.0341 2552 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:07:30.0361 2552 NDIS - ok
15:07:30.0391 2552 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:30.0401 2552 NdisCap - ok
15:07:30.0421 2552 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:30.0421 2552 NdisTapi - ok
15:07:30.0471 2552 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:30.0471 2552 Ndisuio - ok
15:07:30.0511 2552 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:30.0521 2552 NdisWan - ok
15:07:30.0541 2552 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:07:30.0541 2552 NDProxy - ok
15:07:30.0561 2552 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:07:30.0571 2552 NetBIOS - ok
15:07:30.0611 2552 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:07:30.0611 2552 NetBT - ok
15:07:30.0631 2552 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:07:30.0641 2552 Netlogon - ok
15:07:30.0681 2552 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:07:30.0691 2552 Netman - ok
15:07:30.0721 2552 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:07:30.0741 2552 netprofm - ok
15:07:30.0781 2552 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:07:30.0781 2552 nfrd960 - ok
15:07:30.0831 2552 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:07:30.0831 2552 NisDrv - ok
15:07:30.0851 2552 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:07:30.0861 2552 NisSrv - ok
15:07:30.0911 2552 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:07:30.0921 2552 NlaSvc - ok
15:07:30.0941 2552 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:07:30.0941 2552 Npfs - ok
15:07:30.0971 2552 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:07:30.0981 2552 nsi - ok
15:07:31.0011 2552 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:07:31.0021 2552 nsiproxy - ok
15:07:31.0091 2552 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:07:31.0111 2552 Ntfs - ok
15:07:31.0151 2552 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:07:31.0161 2552 Null - ok
15:07:31.0201 2552 [ 6C6D6701A76529963F9416D285D2F4D9 ] nvamacpi C:\Windows\system32\DRIVERS\NVAMACPI.sys
15:07:31.0201 2552 nvamacpi - ok
15:07:31.0721 2552 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:32.0031 2552 nvlddmkm - ok
15:07:32.0071 2552 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:07:32.0081 2552 nvraid - ok
15:07:32.0111 2552 [ 02A9F366BCB94B286E34825B2094CB38 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
15:07:32.0111 2552 nvsmu - ok
15:07:32.0141 2552 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:07:32.0141 2552 nvstor - ok
15:07:32.0201 2552 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:07:32.0221 2552 nvsvc - ok
15:07:32.0301 2552 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:32.0321 2552 nvUpdatusService - ok
15:07:32.0361 2552 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:07:32.0361 2552 nv_agp - ok
15:07:32.0411 2552 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:07:32.0421 2552 ohci1394 - ok
15:07:32.0521 2552 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:07:32.0531 2552 ose - ok
15:07:32.0741 2552 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:07:32.0891 2552 osppsvc - ok
15:07:33.0001 2552 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:07:33.0011 2552 p2pimsvc - ok
15:07:33.0051 2552 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:07:33.0091 2552 p2psvc - ok
15:07:33.0151 2552 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:07:33.0171 2552 Parport - ok
15:07:33.0231 2552 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:07:33.0251 2552 partmgr - ok
15:07:33.0271 2552 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:07:33.0271 2552 Parvdm - ok
15:07:33.0321 2552 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:07:33.0331 2552 PcaSvc - ok
15:07:33.0381 2552 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:07:33.0391 2552 pci - ok
15:07:33.0421 2552 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:07:33.0431 2552 pciide - ok
15:07:33.0501 2552 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:07:33.0521 2552 pcmcia - ok
15:07:33.0691 2552 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
15:07:33.0701 2552 pcouffin - ok
15:07:33.0761 2552 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:07:33.0761 2552 pcw - ok
15:07:33.0811 2552 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:07:33.0821 2552 PEAUTH - ok
15:07:33.0951 2552 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:07:33.0991 2552 pla - ok
15:07:34.0051 2552 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:07:34.0071 2552 PlugPlay - ok
15:07:34.0091 2552 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:07:34.0101 2552 PNRPAutoReg - ok
15:07:34.0141 2552 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:07:34.0161 2552 PNRPsvc - ok
15:07:34.0231 2552 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:07:34.0261 2552 PolicyAgent - ok
15:07:34.0331 2552 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:07:34.0351 2552 Power - ok
15:07:34.0401 2552 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:07:34.0421 2552 PptpMiniport - ok
15:07:34.0451 2552 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:07:34.0461 2552 Processor - ok
15:07:34.0501 2552 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:07:34.0511 2552 ProfSvc - ok
15:07:34.0551 2552 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:07:34.0551 2552 ProtectedStorage - ok
15:07:34.0591 2552 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:07:34.0591 2552 Psched - ok
15:07:34.0671 2552 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:07:34.0701 2552 ql2300 - ok
15:07:34.0731 2552 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:07:34.0731 2552 ql40xx - ok
15:07:34.0771 2552 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:07:34.0781 2552 QWAVE - ok
15:07:34.0811 2552 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:07:34.0811 2552 QWAVEdrv - ok
15:07:34.0841 2552 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:07:34.0841 2552 RasAcd - ok
15:07:34.0871 2552 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:34.0871 2552 RasAgileVpn - ok
15:07:34.0901 2552 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:07:34.0911 2552 RasAuto - ok
15:07:34.0941 2552 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:34.0941 2552 Rasl2tp - ok
15:07:34.0991 2552 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:07:35.0001 2552 RasMan - ok
15:07:35.0031 2552 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:35.0031 2552 RasPppoe - ok
15:07:35.0061 2552 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:07:35.0061 2552 RasSstp - ok
15:07:35.0111 2552 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:07:35.0111 2552 rdbss - ok
15:07:35.0141 2552 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:35.0141 2552 rdpbus - ok
15:07:35.0191 2552 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:35.0191 2552 RDPCDD - ok
15:07:35.0221 2552 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:07:35.0231 2552 RDPENCDD - ok
15:07:35.0251 2552 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:07:35.0261 2552 RDPREFMP - ok
15:07:35.0321 2552 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:07:35.0331 2552 RdpVideoMiniport - ok
15:07:35.0381 2552 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:07:35.0391 2552 RDPWD - ok
15:07:35.0441 2552 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:07:35.0441 2552 rdyboost - ok
15:07:35.0501 2552 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:07:35.0511 2552 RemoteAccess - ok
15:07:35.0551 2552 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:07:35.0561 2552 RemoteRegistry - ok
15:07:35.0581 2552 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:07:35.0591 2552 RpcEptMapper - ok
15:07:35.0621 2552 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:07:35.0631 2552 RpcLocator - ok
15:07:35.0661 2552 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:07:35.0681 2552 RpcSs - ok
15:07:35.0711 2552 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:07:35.0721 2552 rspndr - ok
15:07:35.0751 2552 [ AE51516A7F70AF7B5D9070FE41442E87 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:07:35.0761 2552 RTL8167 - ok
15:07:35.0811 2552 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys
15:07:35.0811 2552 s1029bus - ok
15:07:35.0851 2552 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys
15:07:35.0851 2552 s1029mdfl - ok
15:07:35.0881 2552 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys
15:07:35.0881 2552 s1029mdm - ok
15:07:35.0911 2552 [ 9AC56F06C1E13A963C82EBD067FDF274 ] s1029mgmt C:\Windows\system32\DRIVERS\s1029mgmt.sys
15:07:35.0911 2552 s1029mgmt - ok
15:07:35.0941 2552 [ 00C66C6BAAFB2747F15F94F15888C94A ] s1029nd5 C:\Windows\system32\DRIVERS\s1029nd5.sys
15:07:35.0951 2552 s1029nd5 - ok
15:07:35.0991 2552 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys
15:07:36.0001 2552 s1029obex - ok
15:07:36.0041 2552 [ 9979B0E68815394665B2109B03D15FA1 ] s1029unic C:\Windows\system32\DRIVERS\s1029unic.sys
15:07:36.0041 2552 s1029unic - ok
15:07:36.0071 2552 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:07:36.0071 2552 SamSs - ok
15:07:36.0101 2552 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:07:36.0111 2552 sbp2port - ok
15:07:36.0151 2552 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:07:36.0161 2552 SCardSvr - ok
15:07:36.0181 2552 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:07:36.0191 2552 scfilter - ok
15:07:36.0241 2552 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:07:36.0261 2552 Schedule - ok
15:07:36.0321 2552 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:07:36.0321 2552 SCPolicySvc - ok
15:07:36.0351 2552 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:07:36.0361 2552 SDRSVC - ok
15:07:36.0391 2552 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:07:36.0391 2552 secdrv - ok
15:07:36.0421 2552 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:07:36.0431 2552 seclogon - ok
15:07:36.0451 2552 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:07:36.0461 2552 SENS - ok
15:07:36.0481 2552 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:07:36.0491 2552 SensrSvc - ok
15:07:36.0511 2552 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:07:36.0521 2552 Serenum - ok
15:07:36.0541 2552 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:07:36.0541 2552 Serial - ok
15:07:36.0581 2552 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:07:36.0581 2552 sermouse - ok
15:07:36.0651 2552 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:07:36.0661 2552 SessionEnv - ok
15:07:36.0691 2552 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:07:36.0691 2552 sffdisk - ok
15:07:36.0721 2552 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:07:36.0721 2552 sffp_mmc - ok
15:07:36.0741 2552 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:07:36.0751 2552 sffp_sd - ok
15:07:36.0781 2552 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:36.0781 2552 sfloppy - ok
15:07:36.0841 2552 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:07:36.0851 2552 SharedAccess - ok
15:07:36.0891 2552 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:36.0901 2552 ShellHWDetection - ok
15:07:36.0931 2552 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:07:36.0941 2552 sisagp - ok
15:07:36.0961 2552 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:36.0971 2552 SiSRaid2 - ok
15:07:36.0991 2552 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:37.0001 2552 SiSRaid4 - ok
15:07:37.0061 2552 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:07:37.0071 2552 SkypeUpdate - ok
15:07:37.0091 2552 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:07:37.0091 2552 Smb - ok
15:07:37.0141 2552 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:07:37.0151 2552 SNMPTRAP - ok
15:07:37.0191 2552 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:07:37.0191 2552 spldr - ok
15:07:37.0231 2552 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:07:37.0241 2552 Spooler - ok
15:07:37.0361 2552 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:07:37.0471 2552 sppsvc - ok
15:07:37.0521 2552 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:07:37.0531 2552 sppuinotify - ok
15:07:37.0581 2552 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys
15:07:37.0591 2552 sptd - ok
15:07:37.0641 2552 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:07:37.0651 2552 srv - ok
15:07:37.0681 2552 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:07:37.0691 2552 srv2 - ok
15:07:37.0721 2552 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:07:37.0721 2552 srvnet - ok
15:07:37.0781 2552 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:07:37.0801 2552 SSDPSRV - ok
15:07:37.0831 2552 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:07:37.0851 2552 SstpSvc - ok
15:07:37.0931 2552 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:07:37.0941 2552 Stereo Service - ok
15:07:37.0981 2552 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:07:38.0031 2552 stexstor - ok
15:07:38.0221 2552 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:07:38.0261 2552 StiSvc - ok
15:07:38.0321 2552 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:07:38.0331 2552 swenum - ok
15:07:38.0401 2552 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:07:38.0411 2552 swprv - ok
15:07:38.0511 2552 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:07:38.0541 2552 SysMain - ok
15:07:38.0611 2552 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:38.0621 2552 TabletInputService - ok
15:07:38.0691 2552 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:07:38.0711 2552 TapiSrv - ok
15:07:38.0761 2552 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:07:38.0771 2552 TBS - ok
15:07:38.0881 2552 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:07:38.0911 2552 Tcpip - ok
15:07:38.0951 2552 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:07:38.0971 2552 TCPIP6 - ok
15:07:39.0021 2552 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:07:39.0021 2552 tcpipreg - ok
15:07:39.0061 2552 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:07:39.0071 2552 TDPIPE - ok
15:07:39.0101 2552 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:07:39.0101 2552 TDTCP - ok
15:07:39.0151 2552 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:07:39.0161 2552 tdx - ok
15:07:39.0191 2552 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:07:39.0201 2552 TermDD - ok
15:07:39.0251 2552 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:07:39.0261 2552 TermService - ok
15:07:39.0301 2552 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:07:39.0311 2552 Themes - ok
15:07:39.0341 2552 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:07:39.0341 2552 THREADORDER - ok
15:07:39.0371 2552 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:07:39.0381 2552 TrkWks - ok
15:07:39.0461 2552 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:39.0461 2552 TrustedInstaller - ok
15:07:39.0521 2552 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:39.0521 2552 tssecsrv - ok
15:07:39.0551 2552 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:07:39.0551 2552 TsUsbFlt - ok
15:07:39.0601 2552 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:07:39.0611 2552 tunnel - ok
15:07:39.0651 2552 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:07:39.0651 2552 uagp35 - ok
15:07:39.0703 2552 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:07:39.0712 2552 udfs - ok
15:07:39.0783 2552 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:07:39.0793 2552 UI0Detect - ok
15:07:39.0823 2552 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:07:39.0833 2552 uliagpkx - ok
15:07:39.0883 2552 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:07:39.0893 2552 umbus - ok
15:07:39.0943 2552 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:07:39.0963 2552 UmPass - ok
15:07:40.0053 2552 [ E9421EAA5F52ADFBD291609299EFBC80 ] Update-Service C:\Windows\System32\UpdSvc.dll
15:07:40.0073 2552 Update-Service - ok
15:07:40.0163 2552 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:07:40.0183 2552 upnphost - ok
15:07:40.0243 2552 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:07:40.0253 2552 usbccgp - ok
15:07:40.0303 2552 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:07:40.0313 2552 usbcir - ok
15:07:40.0383 2552 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:07:40.0393 2552 usbehci - ok
15:07:40.0453 2552 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:07:40.0463 2552 usbhub - ok
15:07:40.0503 2552 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:07:40.0503 2552 usbohci - ok
15:07:40.0563 2552 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:07:40.0563 2552 usbprint - ok
15:07:40.0633 2552 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:07:40.0633 2552 usbscan - ok
15:07:40.0673 2552 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:07:40.0683 2552 USBSTOR - ok
15:07:40.0743 2552 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:07:40.0743 2552 usbuhci - ok
15:07:40.0803 2552 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:07:40.0813 2552 usbvideo - ok
15:07:40.0873 2552 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:07:40.0873 2552 usb_rndisx - ok
15:07:40.0913 2552 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:07:40.0923 2552 UxSms - ok
15:07:40.0963 2552 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:07:40.0973 2552 VaultSvc - ok
15:07:40.0993 2552 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:07:41.0003 2552 vdrvroot - ok
15:07:41.0083 2552 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:07:41.0113 2552 vds - ok
15:07:41.0163 2552 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:41.0163 2552 vga - ok
15:07:41.0183 2552 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:07:41.0183 2552 VgaSave - ok
15:07:41.0233 2552 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:07:41.0233 2552 vhdmp - ok
15:07:41.0273 2552 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:07:41.0273 2552 viaagp - ok
15:07:41.0303 2552 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:07:41.0303 2552 ViaC7 - ok
15:07:41.0333 2552 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:07:41.0343 2552 viaide - ok
15:07:41.0373 2552 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:07:41.0373 2552 volmgr - ok
15:07:41.0433 2552 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:07:41.0443 2552 volmgrx - ok
15:07:41.0483 2552 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:07:41.0483 2552 volsnap - ok
15:07:41.0523 2552 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:07:41.0533 2552 vsmraid - ok
15:07:41.0603 2552 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:07:41.0633 2552 VSS - ok
15:07:41.0663 2552 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:07:41.0673 2552 vwifibus - ok
15:07:41.0703 2552 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:07:41.0703 2552 vwififlt - ok
15:07:41.0733 2552 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:07:41.0733 2552 vwifimp - ok
15:07:41.0783 2552 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:07:41.0803 2552 W32Time - ok
15:07:41.0863 2552 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:07:41.0863 2552 WacomPen - ok
15:07:41.0893 2552 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:07:41.0903 2552 WANARP - ok
15:07:41.0913 2552 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:07:41.0913 2552 Wanarpv6 - ok
15:07:42.0033 2552 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:07:42.0063 2552 WatAdminSvc - ok
15:07:42.0143 2552 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:07:42.0183 2552 wbengine - ok
15:07:42.0233 2552 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:07:42.0243 2552 WbioSrvc - ok
15:07:42.0303 2552 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:07:42.0313 2552 wcncsvc - ok
15:07:42.0353 2552 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:42.0363 2552 WcsPlugInService - ok
15:07:42.0413 2552 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:07:42.0423 2552 Wd - ok
15:07:42.0473 2552 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:07:42.0493 2552 Wdf01000 - ok
15:07:42.0553 2552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:07:42.0563 2552 WdiServiceHost - ok
15:07:42.0593 2552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:07:42.0603 2552 WdiSystemHost - ok
15:07:42.0663 2552 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:07:42.0683 2552 WebClient - ok
15:07:42.0713 2552 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:07:42.0733 2552 Wecsvc - ok
15:07:42.0753 2552 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:07:42.0763 2552 wercplsupport - ok
15:07:42.0793 2552 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:07:42.0803 2552 WerSvc - ok
15:07:42.0853 2552 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:07:42.0853 2552 WfpLwf - ok
15:07:42.0883 2552 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:07:42.0883 2552 WIMMount - ok
15:07:42.0963 2552 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:07:42.0973 2552 WinDefend - ok
15:07:43.0003 2552 WinHttpAutoProxySvc - ok
15:07:43.0103 2552 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:07:43.0103 2552 Winmgmt - ok
15:07:43.0193 2552 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:07:43.0273 2552 WinRM - ok
15:07:43.0443 2552 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:07:43.0443 2552 WinUsb - ok
15:07:43.0523 2552 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:07:43.0543 2552 Wlansvc - ok
15:07:43.0583 2552 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:07:43.0583 2552 WmiAcpi - ok
15:07:43.0643 2552 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:07:43.0643 2552 wmiApSrv - ok
15:07:43.0763 2552 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:07:43.0783 2552 WMPNetworkSvc - ok
15:07:43.0843 2552 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:07:43.0853 2552 WPCSvc - ok
15:07:43.0903 2552 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:07:43.0913 2552 WPDBusEnum - ok
15:07:43.0943 2552 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:07:43.0943 2552 ws2ifsl - ok
15:07:43.0973 2552 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:07:43.0983 2552 wscsvc - ok
15:07:44.0003 2552 WSearch - ok
15:07:44.0133 2552 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:07:44.0183 2552 wuauserv - ok
15:07:44.0233 2552 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:07:44.0243 2552 WudfPf - ok
15:07:44.0293 2552 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:07:44.0303 2552 WUDFRd - ok
15:07:44.0333 2552 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:07:44.0353 2552 wudfsvc - ok
15:07:44.0393 2552 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:07:44.0413 2552 WwanSvc - ok
15:07:44.0543 2552 ================ Scan global ===============================
15:07:44.0623 2552 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:07:44.0663 2552 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:07:44.0693 2552 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:07:44.0723 2552 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:07:44.0793 2552 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:07:44.0803 2552 [Global] - ok
15:07:44.0803 2552 ================ Scan MBR ==================================
15:07:44.0823 2552 [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk0\DR0
15:07:45.0223 2552 \Device\Harddisk0\DR0 - ok
15:07:45.0223 2552 ================ Scan VBR ==================================
15:07:45.0243 2552 [ EFCAF4556CC4D2273069727C6D68A0F5 ] \Device\Harddisk0\DR0\Partition1
15:07:45.0243 2552 \Device\Harddisk0\DR0\Partition1 - ok
15:07:45.0273 2552 [ DC37B8A9882E771E94BBC2EB6C2164FF ] \Device\Harddisk0\DR0\Partition2
15:07:45.0283 2552 \Device\Harddisk0\DR0\Partition2 - ok
15:07:45.0283 2552 ============================================================
15:07:45.0283 2552 Scan finished
15:07:45.0283 2552 ============================================================
15:07:45.0333 4224 Detected object count: 0
15:07:45.0333 4224 Actual detected object count: 0
15:07:58.0223 0840 ============================================================
15:07:58.0223 0840 Scan started
15:07:58.0223 0840 Mode: Manual;
15:07:58.0223 0840 ============================================================
15:07:58.0573 0840 ================ Scan system memory ========================
15:07:58.0573 0840 System memory - ok
15:07:58.0573 0840 ================ Scan services =============================
15:07:58.0733 0840 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:07:58.0743 0840 1394ohci - ok
15:07:58.0783 0840 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:07:58.0783 0840 ACPI - ok
15:07:58.0813 0840 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:07:58.0813 0840 AcpiPmi - ok
15:07:58.0893 0840 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:07:58.0893 0840 AdobeARMservice - ok
15:07:58.0963 0840 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:07:58.0963 0840 AdobeFlashPlayerUpdateSvc - ok
15:07:59.0023 0840 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:07:59.0023 0840 adp94xx - ok
15:07:59.0063 0840 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:07:59.0073 0840 adpahci - ok
15:07:59.0093 0840 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:07:59.0103 0840 adpu320 - ok
15:07:59.0153 0840 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:07:59.0153 0840 AeLookupSvc - ok
15:07:59.0193 0840 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:07:59.0193 0840 AFD - ok
15:07:59.0233 0840 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:07:59.0233 0840 agp440 - ok
15:07:59.0283 0840 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:07:59.0283 0840 aic78xx - ok
15:07:59.0303 0840 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:07:59.0303 0840 ALG - ok
15:07:59.0323 0840 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:07:59.0333 0840 aliide - ok
15:07:59.0353 0840 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:07:59.0353 0840 amdagp - ok
15:07:59.0383 0840 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:07:59.0383 0840 amdide - ok
15:07:59.0413 0840 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:07:59.0413 0840 AmdK8 - ok
15:07:59.0433 0840 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:07:59.0443 0840 AmdPPM - ok
15:07:59.0483 0840 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:07:59.0483 0840 amdsata - ok
15:07:59.0513 0840 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:07:59.0523 0840 amdsbs - ok
15:07:59.0543 0840 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:07:59.0543 0840 amdxata - ok
15:07:59.0573 0840 [ D2BF422C2611632AFB9CE8F7B2A8C306 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:07:59.0573 0840 AmUStor - ok
15:07:59.0623 0840 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:07:59.0623 0840 AppID - ok
15:07:59.0663 0840 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:07:59.0663 0840 AppIDSvc - ok
15:07:59.0703 0840 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:07:59.0703 0840 Appinfo - ok
15:07:59.0743 0840 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:07:59.0743 0840 arc - ok
15:07:59.0783 0840 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:07:59.0783 0840 arcsas - ok
15:07:59.0813 0840 [ ADAA34740E9F6AFF94CC75D5CF8ED7E2 ] ASInsHelp C:\Windows\system32\drivers\AsInsHelp32.sys
15:07:59.0813 0840 ASInsHelp - ok
15:07:59.0833 0840 [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO C:\Windows\system32\drivers\AsIO.sys
15:07:59.0833 0840 AsIO - ok
15:07:59.0863 0840 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:59.0863 0840 AsyncMac - ok
15:07:59.0903 0840 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:07:59.0903 0840 atapi - ok
15:08:00.0003 0840 [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr C:\Windows\system32\DRIVERS\athr.sys
15:08:00.0023 0840 athr - ok
15:08:00.0083 0840 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:08:00.0083 0840 AudioEndpointBuilder - ok
15:08:00.0113 0840 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:08:00.0113 0840 Audiosrv - ok
15:08:00.0163 0840 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:08:00.0163 0840 AxInstSV - ok
15:08:00.0203 0840 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:08:00.0213 0840 b06bdrv - ok
15:08:00.0253 0840 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:08:00.0253 0840 b57nd60x - ok
15:08:00.0293 0840 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:08:00.0293 0840 BDESVC - ok
15:08:00.0323 0840 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:08:00.0323 0840 Beep - ok
15:08:00.0383 0840 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:08:00.0393 0840 BFE - ok
15:08:00.0443 0840 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:08:00.0453 0840 BITS - ok
15:08:00.0483 0840 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:08:00.0483 0840 blbdrive - ok
15:08:00.0523 0840 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:08:00.0523 0840 bowser - ok
15:08:00.0553 0840 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:08:00.0553 0840 BrFiltLo - ok
15:08:00.0573 0840 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:08:00.0573 0840 BrFiltUp - ok
15:08:00.0613 0840 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:08:00.0623 0840 Browser - ok
15:08:00.0643 0840 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:08:00.0653 0840 Brserid - ok
15:08:00.0683 0840 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:08:00.0683 0840 BrSerWdm - ok
15:08:00.0713 0840 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:08:00.0713 0840 BrUsbMdm - ok
15:08:00.0743 0840 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:08:00.0743 0840 BrUsbSer - ok
15:08:00.0763 0840 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:08:00.0763 0840 BTHMODEM - ok
15:08:00.0813 0840 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:08:00.0813 0840 bthserv - ok
15:08:00.0843 0840 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:08:00.0843 0840 cdfs - ok
15:08:00.0873 0840 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:08:00.0873 0840 cdrom - ok
15:08:00.0923 0840 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:08:00.0923 0840 CertPropSvc - ok
15:08:00.0953 0840 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:08:00.0953 0840 circlass - ok
15:08:00.0973 0840 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:08:00.0983 0840 CLFS - ok
15:08:01.0043 0840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:08:01.0043 0840 clr_optimization_v2.0.50727_32 - ok
15:08:01.0083 0840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:08:01.0083 0840 clr_optimization_v4.0.30319_32 - ok
15:08:01.0123 0840 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:08:01.0123 0840 CmBatt - ok
15:08:01.0153 0840 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:08:01.0153 0840 cmdide - ok
15:08:01.0193 0840 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
15:08:01.0203 0840 CNG - ok
15:08:01.0223 0840 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:08:01.0223 0840 Compbatt - ok
15:08:01.0263 0840 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:08:01.0263 0840 CompositeBus - ok
15:08:01.0273 0840 COMSysApp - ok
15:08:01.0293 0840 cooonihv - ok
15:08:01.0323 0840 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:08:01.0323 0840 crcdisk - ok
15:08:01.0383 0840 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:08:01.0393 0840 CryptSvc - ok
15:08:01.0443 0840 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:08:01.0453 0840 DcomLaunch - ok
15:08:01.0493 0840 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:08:01.0503 0840 defragsvc - ok
15:08:01.0533 0840 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:08:01.0543 0840 DfsC - ok
15:08:01.0573 0840 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:08:01.0573 0840 Dhcp - ok
15:08:01.0593 0840 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:08:01.0603 0840 discache - ok
15:08:01.0623 0840 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:08:01.0633 0840 Disk - ok
15:08:01.0643 0840 Dnscache - ok
15:08:01.0693 0840 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:08:01.0693 0840 dot3svc - ok
15:08:01.0733 0840 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:08:01.0743 0840 DPS - ok
15:08:01.0783 0840 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:08:01.0783 0840 drmkaud - ok
15:08:01.0833 0840 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:08:01.0833 0840 dtsoftbus01 - ok
15:08:01.0893 0840 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:08:01.0903 0840 DXGKrnl - ok
15:08:01.0943 0840 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:08:01.0943 0840 EapHost - ok
15:08:02.0073 0840 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:08:02.0103 0840 ebdrv - ok
15:08:02.0163 0840 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:08:02.0163 0840 EFS - ok
15:08:02.0213 0840 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:08:02.0213 0840 elxstor - ok
15:08:02.0253 0840 [ 70C764BFE0EC4B1B242E9626D3564443 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
15:08:02.0263 0840 enecir - ok
15:08:02.0273 0840 [ 65BF24816C2814596253F312DD35F171 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
15:08:02.0283 0840 enecirhid - ok
15:08:02.0303 0840 [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
15:08:02.0303 0840 enecirhidma - ok
15:08:02.0353 0840 [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv C:\Windows\system32\epmntdrv.sys
15:08:02.0353 0840 epmntdrv - ok
15:08:02.0403 0840 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:08:02.0403 0840 ErrDev - ok
15:08:02.0533 0840 [ 44081333DB283E141F89AE4EC74ED961 ] ETSCSERVICE C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe
15:08:02.0533 0840 ETSCSERVICE - ok
15:08:02.0563 0840 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
15:08:02.0573 0840 EuGdiDrv - ok
15:08:02.0613 0840 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:08:02.0623 0840 EventSystem - ok
15:08:02.0653 0840 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:08:02.0653 0840 exfat - ok
15:08:02.0693 0840 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:08:02.0693 0840 fastfat - ok
15:08:02.0743 0840 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:08:02.0753 0840 Fax - ok
15:08:02.0783 0840 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:08:02.0783 0840 fdc - ok
15:08:02.0803 0840 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:08:02.0813 0840 fdPHost - ok
15:08:02.0843 0840 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:08:02.0853 0840 FDResPub - ok
15:08:02.0883 0840 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:08:02.0883 0840 FileInfo - ok
15:08:02.0913 0840 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:08:02.0913 0840 Filetrace - ok
15:08:02.0933 0840 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:08:02.0943 0840 flpydisk - ok
15:08:02.0973 0840 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:08:02.0973 0840 FltMgr - ok
15:08:03.0073 0840 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:08:03.0093 0840 FontCache - ok
15:08:03.0123 0840 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:08:03.0123 0840 FsDepends - ok
15:08:03.0163 0840 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:08:03.0163 0840 Fs_Rec - ok
15:08:03.0203 0840 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:08:03.0213 0840 fvevol - ok
15:08:03.0263 0840 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:08:03.0263 0840 gagp30kx - ok
15:08:03.0303 0840 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:08:03.0313 0840 gpsvc - ok
15:08:03.0383 0840 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:08:03.0383 0840 gupdate - ok
15:08:03.0403 0840 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:08:03.0403 0840 gupdatem - ok
15:08:03.0443 0840 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:08:03.0443 0840 hcw85cir - ok
15:08:03.0493 0840 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:08:03.0493 0840 HdAudAddService - ok
15:08:03.0523 0840 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:08:03.0523 0840 HDAudBus - ok
15:08:03.0553 0840 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:08:03.0553 0840 HidBatt - ok
15:08:03.0573 0840 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:08:03.0583 0840 HidBth - ok
15:08:03.0613 0840 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:08:03.0613 0840 HidIr - ok
15:08:03.0643 0840 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:08:03.0643 0840 hidserv - ok
15:08:03.0673 0840 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:08:03.0683 0840 HidUsb - ok
15:08:03.0733 0840 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:08:03.0743 0840 hkmsvc - ok
15:08:03.0773 0840 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:08:03.0783 0840 HomeGroupListener - ok
15:08:03.0823 0840 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:08:03.0833 0840 HomeGroupProvider - ok
15:08:03.0873 0840 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:08:03.0873 0840 HpSAMD - ok
15:08:03.0923 0840 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:08:03.0933 0840 HTTP - ok
15:08:03.0953 0840 hwdatacard - ok
15:08:04.0003 0840 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:08:04.0003 0840 hwpolicy - ok
15:08:04.0033 0840 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:08:04.0033 0840 i8042prt - ok
15:08:04.0063 0840 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:08:04.0063 0840 iaStorV - ok
15:08:04.0103 0840 [ 5E2AD01BD003E998AE89C843A600A0CE ] IdcFltr C:\Windows\system32\DRIVERS\idcfltr.sys
15:08:04.0103 0840 IdcFltr - ok
15:08:04.0133 0840 [ 57C85D767CB8A8D90939F3A268F4FC57 ] IdcSrv C:\Program Files\IdeaCom\TSC\IdcSrv.exe
15:08:04.0133 0840 IdcSrv - ok
15:08:04.0183 0840 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:08:04.0183 0840 iirsp - ok
15:08:04.0363 0840 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:08:04.0373 0840 IKEEXT - ok
15:08:04.0513 0840 [ 2D6E527B8BE62FB0223DA0C2D9C75B45 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:08:04.0553 0840 IntcAzAudAddService - ok
15:08:04.0583 0840 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:08:04.0593 0840 intelide - ok
15:08:04.0623 0840 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:08:04.0623 0840 intelppm - ok
15:08:04.0663 0840 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:08:04.0663 0840 IPBusEnum - ok
15:08:04.0683 0840 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:08:04.0683 0840 IpFilterDriver - ok
15:08:04.0753 0840 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:08:04.0763 0840 iphlpsvc - ok
15:08:04.0823 0840 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:08:04.0823 0840 IPMIDRV - ok
15:08:04.0853 0840 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:08:04.0863 0840 IPNAT - ok
15:08:04.0893 0840 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:08:04.0893 0840 IRENUM - ok
15:08:04.0943 0840 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:08:04.0943 0840 isapnp - ok
15:08:05.0023 0840 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:08:05.0033 0840 iScsiPrt - ok
15:08:05.0043 0840 islxmqgh - ok
15:08:05.0063 0840 ivtpxjih - ok
15:08:05.0083 0840 iwaozptt - ok
15:08:05.0143 0840 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:08:05.0143 0840 kbdclass - ok
15:08:05.0193 0840 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:08:05.0193 0840 kbdhid - ok
15:08:05.0253 0840 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:08:05.0253 0840 KeyIso - ok
15:08:05.0303 0840 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:08:05.0303 0840 KSecDD - ok
15:08:05.0353 0840 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:08:05.0363 0840 KSecPkg - ok
15:08:05.0403 0840 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:08:05.0413 0840 KtmRm - ok
15:08:05.0463 0840 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:08:05.0483 0840 LanmanServer - ok
15:08:05.0563 0840 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:08:05.0563 0840 LightScribeService - ok
15:08:05.0613 0840 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:08:05.0623 0840 lltdio - ok
15:08:05.0723 0840 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:08:05.0733 0840 lltdsvc - ok
15:08:05.0763 0840 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:08:05.0773 0840 lmhosts - ok
15:08:05.0813 0840 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:08:05.0813 0840 LSI_FC - ok
15:08:05.0853 0840 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:08:05.0853 0840 LSI_SAS - ok
15:08:05.0883 0840 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:08:05.0883 0840 LSI_SAS2 - ok
15:08:05.0913 0840 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:08:05.0913 0840 LSI_SCSI - ok
15:08:05.0933 0840 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:08:05.0933 0840 luafv - ok
15:08:05.0983 0840 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:08:05.0983 0840 megasas - ok
15:08:06.0013 0840 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:08:06.0013 0840 MegaSR - ok
15:08:06.0073 0840 Microsoft SharePoint Workspace Audit Service - ok
15:08:06.0113 0840 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:08:06.0123 0840 MMCSS - ok
15:08:06.0223 0840 [ 5A78BB029FD8414381FF1315F1E46947 ] Mobile Broadband HL Service C:\ProgramData\MobileBrServ\mbbservice.exe
15:08:06.0223 0840 Mobile Broadband HL Service - ok
15:08:06.0243 0840 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:08:06.0253 0840 Modem - ok
15:08:06.0283 0840 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:08:06.0283 0840 monitor - ok
15:08:06.0313 0840 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:08:06.0313 0840 mouclass - ok
15:08:06.0343 0840 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:08:06.0343 0840 mouhid - ok
15:08:06.0383 0840 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:08:06.0393 0840 mountmgr - ok
15:08:06.0443 0840 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:08:06.0443 0840 MpFilter - ok
15:08:06.0473 0840 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:08:06.0473 0840 mpio - ok
15:08:06.0583 0840 [ A69630D039C38018689190234F866D77 ] MpKsl91c24d7b C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{847D2914-C64B-4D37-A04A-787BDD103C08}\MpKsl91c24d7b.sys
15:08:06.0583 0840 MpKsl91c24d7b - ok
15:08:06.0623 0840 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:08:06.0623 0840 mpsdrv - ok
15:08:06.0743 0840 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:08:06.0773 0840 MpsSvc - ok
15:08:06.0813 0840 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:08:06.0823 0840 MRxDAV - ok
15:08:06.0853 0840 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:08:06.0863 0840 mrxsmb - ok
15:08:06.0913 0840 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:08:06.0923 0840 mrxsmb10 - ok
15:08:07.0043 0840 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:08:07.0043 0840 mrxsmb20 - ok
15:08:07.0123 0840 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:08:07.0123 0840 msahci - ok
15:08:07.0163 0840 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:08:07.0173 0840 msdsm - ok
15:08:07.0203 0840 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:08:07.0213 0840 MSDTC - ok
15:08:07.0263 0840 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:08:07.0273 0840 Msfs - ok
15:08:07.0283 0840 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:08:07.0293 0840 mshidkmdf - ok
15:08:07.0323 0840 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:08:07.0323 0840 msisadrv - ok
15:08:07.0343 0840 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:08:07.0353 0840 MSiSCSI - ok
15:08:07.0363 0840 msiserver - ok
15:08:07.0393 0840 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:08:07.0393 0840 MSKSSRV - ok
15:08:07.0443 0840 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:08:07.0443 0840 MsMpSvc - ok
15:08:07.0473 0840 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:08:07.0473 0840 MSPCLOCK - ok
15:08:07.0503 0840 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:08:07.0503 0840 MSPQM - ok
15:08:07.0533 0840 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:08:07.0543 0840 MsRPC - ok
15:08:07.0583 0840 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:08:07.0593 0840 mssmbios - ok
15:08:07.0613 0840 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:08:07.0613 0840 MSTEE - ok
15:08:07.0643 0840 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:08:07.0663 0840 MTConfig - ok
15:08:07.0703 0840 [ CBE71C122434805CB73FFB6619F60598 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:08:07.0773 0840 MTsensor - ok
15:08:07.0873 0840 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:08:07.0883 0840 Mup - ok
15:08:07.0943 0840 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:08:07.0963 0840 napagent - ok
15:08:08.0023 0840 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:08:08.0023 0840 NativeWifiP - ok
15:08:08.0123 0840 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
15:08:08.0143 0840 NAUpdate - ok
15:08:08.0173 0840 [ E240F3204E86B7B6CCF266B2A2AD32B4 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
15:08:08.0183 0840 NBVol - ok
15:08:08.0193 0840 [ C0CF3CCCCE3C75F7280C89029AB47866 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
15:08:08.0193 0840 NBVolUp - ok
15:08:08.0243 0840 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:08:08.0263 0840 NDIS - ok
15:08:08.0293 0840 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:08:08.0303 0840 NdisCap - ok
15:08:08.0323 0840 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:08:08.0323 0840 NdisTapi - ok
15:08:08.0373 0840 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:08:08.0373 0840 Ndisuio - ok
15:08:08.0413 0840 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:08:08.0423 0840 NdisWan - ok
15:08:08.0443 0840 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:08:08.0443 0840 NDProxy - ok
15:08:08.0473 0840 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:08:08.0473 0840 NetBIOS - ok
15:08:08.0533 0840 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:08:08.0533 0840 NetBT - ok
15:08:08.0573 0840 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:08:08.0573 0840 Netlogon - ok
15:08:08.0613 0840 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:08:08.0633 0840 Netman - ok
15:08:08.0663 0840 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:08:08.0673 0840 netprofm - ok
15:08:08.0713 0840 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:08:08.0723 0840 nfrd960 - ok
15:08:08.0783 0840 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:08:08.0783 0840 NisDrv - ok
15:08:08.0893 0840 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:08:08.0923 0840 NisSrv - ok
15:08:08.0963 0840 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:08:08.0973 0840 NlaSvc - ok
15:08:08.0993 0840 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:08:09.0003 0840 Npfs - ok
15:08:09.0023 0840 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:08:09.0033 0840 nsi - ok
15:08:09.0083 0840 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:08:09.0083 0840 nsiproxy - ok
15:08:09.0153 0840 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:08:09.0183 0840 Ntfs - ok
15:08:09.0223 0840 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:08:09.0223 0840 Null - ok
15:08:09.0273 0840 [ 6C6D6701A76529963F9416D285D2F4D9 ] nvamacpi C:\Windows\system32\DRIVERS\NVAMACPI.sys
15:08:09.0273 0840 nvamacpi - ok
15:08:09.0613 0840 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:08:09.0733 0840 nvlddmkm - ok
15:08:09.0793 0840 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:08:09.0793 0840 nvraid - ok
15:08:09.0833 0840 [ 02A9F366BCB94B286E34825B2094CB38 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
15:08:09.0833 0840 nvsmu - ok
15:08:09.0873 0840 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:08:09.0883 0840 nvstor - ok
15:08:09.0943 0840 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:08:09.0953 0840 nvsvc - ok
15:08:10.0033 0840 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:08:10.0063 0840 nvUpdatusService - ok
15:08:10.0093 0840 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:08:10.0103 0840 nv_agp - ok
15:08:10.0143 0840 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:08:10.0153 0840 ohci1394 - ok
15:08:10.0213 0840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:08:10.0223 0840 ose - ok
15:08:10.0413 0840 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:08:10.0563 0840 osppsvc - ok
15:08:10.0613 0840 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:08:10.0623 0840 p2pimsvc - ok
15:08:10.0653 0840 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:08:10.0663 0840 p2psvc - ok
15:08:10.0703 0840 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:08:10.0703 0840 Parport - ok
15:08:10.0743 0840 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:08:10.0743 0840 partmgr - ok
15:08:10.0773 0840 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:08:10.0773 0840 Parvdm - ok
15:08:10.0823 0840 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:08:10.0833 0840 PcaSvc - ok
15:08:10.0873 0840 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:08:10.0873 0840 pci - ok
15:08:10.0893 0840 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:08:10.0893 0840 pciide - ok
15:08:10.0943 0840 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:08:10.0953 0840 pcmcia - ok
15:08:10.0993 0840 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
15:08:11.0003 0840 pcouffin - ok
15:08:11.0043 0840 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:08:11.0073 0840 pcw - ok
15:08:11.0133 0840 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:08:11.0213 0840 PEAUTH - ok
15:08:11.0443 0840 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:08:11.0483 0840 pla - ok
15:08:11.0523 0840 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:08:11.0543 0840 PlugPlay - ok
15:08:11.0573 0840 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:08:11.0583 0840 PNRPAutoReg - ok
15:08:11.0613 0840 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:08:11.0623 0840 PNRPsvc - ok
15:08:11.0673 0840 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:08:11.0683 0840 PolicyAgent - ok
15:08:11.0723 0840 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:08:11.0733 0840 Power - ok
15:08:11.0783 0840 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:08:11.0783 0840 PptpMiniport - ok
15:08:11.0803 0840 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:08:11.0813 0840 Processor - ok
15:08:11.0853 0840 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:08:11.0863 0840 ProfSvc - ok
15:08:11.0883 0840 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:08:11.0883 0840 ProtectedStorage - ok
15:08:11.0913 0840 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:08:11.0913 0840 Psched - ok
15:08:11.0983 0840 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:08:12.0013 0840 ql2300 - ok
15:08:12.0043 0840 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:08:12.0053 0840 ql40xx - ok
15:08:12.0083 0840 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:08:12.0093 0840 QWAVE - ok
15:08:12.0123 0840 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:08:12.0123 0840 QWAVEdrv - ok
15:08:12.0153 0840 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:08:12.0153 0840 RasAcd - ok
15:08:12.0193 0840 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:08:12.0193 0840 RasAgileVpn - ok
15:08:12.0223 0840 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:08:12.0233 0840 RasAuto - ok
15:08:12.0263 0840 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:08:12.0263 0840 Rasl2tp - ok
15:08:12.0313 0840 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:08:12.0323 0840 RasMan - ok
15:08:12.0343 0840 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:08:12.0343 0840 RasPppoe - ok
15:08:12.0373 0840 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:08:12.0373 0840 RasSstp - ok
15:08:12.0423 0840 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:08:12.0433 0840 rdbss - ok
15:08:12.0453 0840 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:08:12.0453 0840 rdpbus - ok
15:08:12.0503 0840 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:08:12.0503 0840 RDPCDD - ok
15:08:12.0533 0840 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:08:12.0543 0840 RDPENCDD - ok
15:08:12.0573 0840 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:08:12.0573 0840 RDPREFMP - ok
15:08:12.0603 0840 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:08:12.0603 0840 RdpVideoMiniport - ok
15:08:12.0653 0840 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:08:12.0663 0840 RDPWD - ok
15:08:12.0703 0840 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:08:12.0713 0840 rdyboost - ok
15:08:12.0743 0840 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:08:12.0753 0840 RemoteAccess - ok
15:08:12.0793 0840 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:08:12.0803 0840 RemoteRegistry - ok
15:08:12.0833 0840 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:08:12.0843 0840 RpcEptMapper - ok
15:08:12.0873 0840 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:08:12.0873 0840 RpcLocator - ok
15:08:12.0913 0840 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:08:12.0923 0840 RpcSs - ok
15:08:12.0963 0840 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:08:12.0963 0840 rspndr - ok
15:08:13.0003 0840 [ AE51516A7F70AF7B5D9070FE41442E87 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:08:13.0003 0840 RTL8167 - ok
15:08:13.0033 0840 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys
15:08:13.0033 0840 s1029bus - ok
15:08:13.0073 0840 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys
15:08:13.0073 0840 s1029mdfl - ok
15:08:13.0113 0840 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys
15:08:13.0113 0840 s1029mdm - ok
15:08:13.0143 0840 [ 9AC56F06C1E13A963C82EBD067FDF274 ] s1029mgmt C:\Windows\system32\DRIVERS\s1029mgmt.sys
15:08:13.0153 0840 s1029mgmt - ok
15:08:13.0193 0840 [ 00C66C6BAAFB2747F15F94F15888C94A ] s1029nd5 C:\Windows\system32\DRIVERS\s1029nd5.sys
15:08:13.0193 0840 s1029nd5 - ok
15:08:13.0233 0840 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys
15:08:13.0233 0840 s1029obex - ok
15:08:13.0263 0840 [ 9979B0E68815394665B2109B03D15FA1 ] s1029unic C:\Windows\system32\DRIVERS\s1029unic.sys
15:08:13.0263 0840 s1029unic - ok
15:08:13.0293 0840 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:08:13.0303 0840 SamSs - ok
15:08:13.0333 0840 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:08:13.0333 0840 sbp2port - ok
15:08:13.0373 0840 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:08:13.0383 0840 SCardSvr - ok
15:08:13.0423 0840 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:08:13.0423 0840 scfilter - ok
15:08:13.0483 0840 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:08:13.0503 0840 Schedule - ok
15:08:13.0543 0840 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:08:13.0543 0840 SCPolicySvc - ok
15:08:13.0573 0840 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:08:13.0583 0840 SDRSVC - ok
15:08:13.0613 0840 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:08:13.0613 0840 secdrv - ok
15:08:13.0643 0840 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:08:13.0653 0840 seclogon - ok
15:08:13.0673 0840 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:08:13.0683 0840 SENS - ok
15:08:13.0703 0840 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:08:13.0713 0840 SensrSvc - ok
15:08:13.0743 0840 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:08:13.0743 0840 Serenum - ok
15:08:13.0773 0840 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:08:13.0783 0840 Serial - ok
15:08:13.0823 0840 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:08:13.0823 0840 sermouse - ok
15:08:13.0903 0840 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:08:13.0913 0840 SessionEnv - ok
15:08:13.0943 0840 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:08:13.0953 0840 sffdisk - ok
15:08:13.0973 0840 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:08:13.0983 0840 sffp_mmc - ok
15:08:14.0003 0840 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:08:14.0003 0840 sffp_sd - ok
15:08:14.0033 0840 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:08:14.0043 0840 sfloppy - ok
15:08:14.0143 0840 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:08:14.0183 0840 SharedAccess - ok
15:08:14.0223 0840 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:08:14.0243 0840 ShellHWDetection - ok
15:08:14.0263 0840 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:08:14.0273 0840 sisagp - ok
15:08:14.0303 0840 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:08:14.0303 0840 SiSRaid2 - ok
15:08:14.0323 0840 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:08:14.0333 0840 SiSRaid4 - ok
15:08:14.0363 0840 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:08:14.0373 0840 SkypeUpdate - ok
15:08:14.0393 0840 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:08:14.0393 0840 Smb - ok
15:08:14.0433 0840 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:08:14.0443 0840 SNMPTRAP - ok
15:08:14.0483 0840 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:08:14.0483 0840 spldr - ok
15:08:14.0523 0840 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:08:14.0533 0840 Spooler - ok
15:08:14.0653 0840 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:08:14.0753 0840 sppsvc - ok
15:08:14.0803 0840 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:08:14.0813 0840 sppuinotify - ok
15:08:14.0853 0840 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys
15:08:14.0863 0840 sptd - ok
15:08:14.0903 0840 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:08:14.0903 0840 srv - ok
15:08:14.0943 0840 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:08:14.0953 0840 srv2 - ok
15:08:14.0973 0840 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:08:14.0983 0840 srvnet - ok
15:08:15.0013 0840 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:08:15.0023 0840 SSDPSRV - ok
15:08:15.0063 0840 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:08:15.0073 0840 SstpSvc - ok
15:08:15.0133 0840 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:08:15.0133 0840 Stereo Service - ok
15:08:15.0173 0840 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:08:15.0173 0840 stexstor - ok
15:08:15.0233 0840 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:08:15.0253 0840 StiSvc - ok
15:08:15.0293 0840 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:08:15.0293 0840 swenum - ok
15:08:15.0343 0840 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:08:15.0363 0840 swprv - ok
15:08:15.0423 0840 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:08:15.0453 0840 SysMain - ok
15:08:15.0503 0840 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:08:15.0513 0840 TabletInputService - ok
15:08:15.0563 0840 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:08:15.0583 0840 TapiSrv - ok
15:08:15.0603 0840 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:08:15.0613 0840 TBS - ok
15:08:15.0703 0840 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:08:15.0723 0840 Tcpip - ok
15:08:15.0763 0840 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:08:15.0783 0840 TCPIP6 - ok
15:08:15.0833 0840 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:08:15.0833 0840 tcpipreg - ok
15:08:15.0873 0840 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:08:15.0883 0840 TDPIPE - ok
15:08:15.0913 0840 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:08:15.0913 0840 TDTCP - ok
15:08:15.0953 0840 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:08:15.0953 0840 tdx - ok
15:08:15.0983 0840 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:08:15.0983 0840 TermDD - ok
15:08:16.0033 0840 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:08:16.0053 0840 TermService - ok
15:08:16.0093 0840 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:08:16.0103 0840 Themes - ok
15:08:16.0123 0840 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:08:16.0133 0840 THREADORDER - ok
15:08:16.0163 0840 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:08:16.0173 0840 TrkWks - ok
15:08:16.0233 0840 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:08:16.0243 0840 TrustedInstaller - ok
15:08:16.0293 0840 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:08:16.0303 0840 tssecsrv - ok
15:08:16.0333 0840 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:08:16.0333 0840 TsUsbFlt - ok
15:08:16.0383 0840 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:08:16.0383 0840 tunnel - ok
15:08:16.0423 0840 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:08:16.0433 0840 uagp35 - ok
15:08:16.0463 0840 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:08:16.0473 0840 udfs - ok
15:08:16.0513 0840 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:08:16.0523 0840 UI0Detect - ok
15:08:16.0553 0840 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:08:16.0553 0840 uliagpkx - ok
15:08:16.0583 0840 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:08:16.0583 0840 umbus - ok
15:08:16.0613 0840 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:08:16.0613 0840 UmPass - ok
15:08:16.0653 0840 [ E9421EAA5F52ADFBD291609299EFBC80 ] Update-Service C:\Windows\System32\UpdSvc.dll
15:08:16.0663 0840 Update-Service - ok
15:08:16.0703 0840 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:08:16.0713 0840 upnphost - ok
15:08:16.0743 0840 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:08:16.0753 0840 usbccgp - ok
15:08:16.0783 0840 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:08:16.0793 0840 usbcir - ok
15:08:16.0823 0840 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:08:16.0823 0840 usbehci - ok
15:08:16.0853 0840 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:08:16.0863 0840 usbhub - ok
15:08:16.0883 0840 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:08:16.0883 0840 usbohci - ok
15:08:16.0933 0840 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:08:16.0953 0840 usbprint - ok
15:08:16.0973 0840 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:08:17.0023 0840 usbscan - ok
15:08:17.0053 0840 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:08:17.0063 0840 USBSTOR - ok
15:08:17.0083 0840 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:08:17.0083 0840 usbuhci - ok
15:08:17.0133 0840 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:08:17.0133 0840 usbvideo - ok
15:08:17.0183 0840 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:08:17.0193 0840 usb_rndisx - ok
15:08:17.0223 0840 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:08:17.0233 0840 UxSms - ok
15:08:17.0263 0840 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:08:17.0263 0840 VaultSvc - ok
15:08:17.0283 0840 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:08:17.0293 0840 vdrvroot - ok
15:08:17.0343 0840 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:08:17.0353 0840 vds - ok
15:08:17.0393 0840 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:08:17.0393 0840 vga - ok
15:08:17.0413 0840 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:08:17.0423 0840 VgaSave - ok
15:08:17.0453 0840 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:08:17.0463 0840 vhdmp - ok
15:08:17.0483 0840 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:08:17.0483 0840 viaagp - ok
15:08:17.0513 0840 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:08:17.0523 0840 ViaC7 - ok
15:08:17.0553 0840 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:08:17.0553 0840 viaide - ok
15:08:17.0583 0840 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:08:17.0583 0840 volmgr - ok
15:08:17.0623 0840 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:08:17.0633 0840 volmgrx - ok
15:08:17.0663 0840 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:08:17.0663 0840 volsnap - ok
15:08:17.0693 0840 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:08:17.0693 0840 vsmraid - ok
15:08:17.0773 0840 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:08:17.0793 0840 VSS - ok
15:08:17.0843 0840 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:08:17.0843 0840 vwifibus - ok
15:08:17.0883 0840 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:08:17.0883 0840 vwififlt - ok
15:08:17.0903 0840 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:08:17.0903 0840 vwifimp - ok
15:08:17.0953 0840 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:08:17.0973 0840 W32Time - ok
15:08:18.0003 0840 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:08:18.0013 0840 WacomPen - ok
15:08:18.0043 0840 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:08:18.0043 0840 WANARP - ok
15:08:18.0063 0840 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:08:18.0063 0840 Wanarpv6 - ok
15:08:18.0143 0840 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:08:18.0163 0840 WatAdminSvc - ok
15:08:18.0243 0840 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:08:18.0273 0840 wbengine - ok
15:08:18.0323 0840 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:08:18.0333 0840 WbioSrvc - ok
15:08:18.0383 0840 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:08:18.0393 0840 wcncsvc - ok
15:08:18.0433 0840 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:08:18.0443 0840 WcsPlugInService - ok
15:08:18.0473 0840 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:08:18.0473 0840 Wd - ok
15:08:18.0523 0840 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:08:18.0533 0840 Wdf01000 - ok
15:08:18.0573 0840 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:08:18.0583 0840 WdiServiceHost - ok
15:08:18.0593 0840 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:08:18.0603 0840 WdiSystemHost - ok
15:08:18.0653 0840 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:08:18.0673 0840 WebClient - ok
15:08:18.0693 0840 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:08:18.0713 0840 Wecsvc - ok
15:08:18.0733 0840 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:08:18.0743 0840 wercplsupport - ok
15:08:18.0773 0840 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:08:18.0783 0840 WerSvc - ok
15:08:18.0823 0840 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:08:18.0823 0840 WfpLwf - ok
15:08:18.0843 0840 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:08:18.0853 0840 WIMMount - ok
15:08:18.0913 0840 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:08:18.0933 0840 WinDefend - ok
15:08:18.0953 0840 WinHttpAutoProxySvc - ok
15:08:19.0043 0840 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:08:19.0043 0840 Winmgmt - ok
15:08:19.0243 0840 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:08:19.0273 0840 WinRM - ok
15:08:19.0323 0840 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:08:19.0323 0840 WinUsb - ok
15:08:19.0383 0840 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:08:19.0413 0840 Wlansvc - ok
15:08:19.0443 0840 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:08:19.0443 0840 WmiAcpi - ok
15:08:19.0503 0840 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:08:19.0543 0840 wmiApSrv - ok
15:08:19.0683 0840 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:08:19.0713 0840 WMPNetworkSvc - ok
15:08:19.0753 0840 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:08:19.0763 0840 WPCSvc - ok
15:08:19.0803 0840 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:08:19.0813 0840 WPDBusEnum - ok
15:08:19.0843 0840 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:08:19.0843 0840 ws2ifsl - ok
15:08:19.0873 0840 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:08:19.0883 0840 wscsvc - ok
15:08:19.0903 0840 WSearch - ok
15:08:20.0003 0840 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:08:20.0053 0840 wuauserv - ok
15:08:20.0093 0840 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:08:20.0093 0840 WudfPf - ok
15:08:20.0123 0840 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:08:20.0133 0840 WUDFRd - ok
15:08:20.0163 0840 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:08:20.0173 0840 wudfsvc - ok
15:08:20.0203 0840 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:08:20.0223 0840 WwanSvc - ok
15:08:20.0293 0840 ================ Scan global ===============================
15:08:20.0333 0840 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:08:20.0383 0840 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:08:20.0403 0840 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:08:20.0443 0840 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:08:20.0493 0840 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:08:20.0503 0840 [Global] - ok
15:08:20.0503 0840 ================ Scan MBR ==================================
15:08:20.0523 0840 [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk0\DR0
15:08:20.0783 0840 \Device\Harddisk0\DR0 - ok
15:08:20.0783 0840 ================ Scan VBR ==================================
15:08:20.0793 0840 [ EFCAF4556CC4D2273069727C6D68A0F5 ] \Device\Harddisk0\DR0\Partition1
15:08:20.0803 0840 \Device\Harddisk0\DR0\Partition1 - ok
15:08:20.0833 0840 [ DC37B8A9882E771E94BBC2EB6C2164FF ] \Device\Harddisk0\DR0\Partition2
15:08:20.0833 0840 \Device\Harddisk0\DR0\Partition2 - ok
15:08:20.0843 0840 ============================================================
15:08:20.0843 0840 Scan finished
15:08:20.0843 0840 ============================================================
15:08:20.0873 2980 Detected object count: 0
15:08:20.0873 2980 Actual detected object count: 0
15:10:52.0631 4184 Deinitialize success
|
|
16.02.2013, 18:49
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht) unauffällig adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2013, 00:04
| #20 |
| | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter # AdwCleaner v2.112 - Datei am 16/02/2013 um 22:35:04 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : 15G22J0290K0EU2Y - BIBA
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\15G22J0290K0EU2Y\Desktop\adwcleaner0.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Ordner Gelöscht : C:\Program Files\GamesBar
Ordner Gelöscht : C:\Users\15G22J0290K0EU2Y\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\15G22J0290K0EU2Y\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724407
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v18.0.2 (de)
Datei : C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Mozilla\Firefox\Profiles\pz396p4t.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [9591 octets] - [16/02/2013 22:33:30]
AdwCleaner[S1].txt - [9362 octets] - [16/02/2013 22:35:04]
########## EOF - C:\AdwCleaner[S1].txt - [9422 octets] ##########
Code:
ATTFilter OTL logfile created on: 2/17/2013 12:06:31 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\15G22J0290K0EU2Y\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.75 Gb Total Physical Memory | 0.42 Gb Available Physical Memory | 24.21% Memory free 6.12 Gb Paging File | 4.80 Gb Available in Paging File | 78.35% Paging File free Paging file location(s): c:\pagefile.sys 2686 2686d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 98.59 Gb Total Space | 56.72 Gb Free Space | 57.53% Space Free | Partition Type: NTFS Drive D: | 191.46 Gb Total Space | 118.91 Gb Free Space | 62.11% Space Free | Partition Type: NTFS Computer Name: BIBA | User Name: 15G22J0290K0EU2Y | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\ProgramData\MobileBrServ\mbbService.exe () PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\ASUS\Eee Manager\EMMessageParser.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Eee Manager\EeeManager.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Message Controller\AsMessageController.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll () MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\ASUS\Message Controller\AsACPINotify.dll () MOD - C:\Program Files\ASUS\Message Controller\AsRemoteControlHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\ImageMgr.dll () MOD - C:\Program Files\ASUS\Message Controller\AsKeyboardHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\MessageParser\AsMultiLang.dll () MOD - C:\Program Files\ASUS\Eee Manager\AsMultiLang.dll () ========== Services (SafeList) ========== SRV - (Guard.Mail.ru) -- File not found SRV - (Dnscache) -- %SystemRoot%\System32\pouae2gyp.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe () SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (IdcSrv) -- C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) SRV - (ETSCSERVICE) -- C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (iwaozptt) -- File not found DRV - (ivtpxjih) -- File not found DRV - (islxmqgh) -- File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (cooonihv) -- File not found DRV - (abbchwwb) -- File not found DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG) DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (IdcFltr) -- C:\Windows\System32\drivers\idcfltr.sys (IdeaCom Technology Inc.) DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys () DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.) DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s1029unic) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation) DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation) DRV - (s1029bus) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation) DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation) DRV - (s1029mgmt) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation) DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation) DRV - (s1029nd5) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation) DRV - (ASInsHelp) -- C:\Windows\System32\drivers\AsInsHelp32.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo!" FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..browser.startup.homepage: "hxxp://office-manager/Account/LogOn" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\15G22J0290K0EU2Y\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/06 18:55:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/12 08:43:15 | 000,000,000 | ---D | M] [2012/08/28 19:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Extensions [2012/12/28 09:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Firefox\Profiles\pz396p4t.default\extensions [2012/12/10 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/12/10 18:04:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/02/06 18:55:08 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/01/18 21:02:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/08/29 11:27:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/01/18 21:02:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/01/18 21:02:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012/01/18 21:02:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/01/18 21:02:19 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml [2012/12/22 17:18:38 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober14387457.xml Hosts file not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry) O4 - HKLM..\Run: [StartCal.exe] C:\Program Files\IdeaCom\TSC\StartCal.exe (IdeaCom Technology Inc.) O4 - HKU\.DEFAULT..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-18..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\update\SearchEngineProtection.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\system32\UDDIjdlcn.dll File not found O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{577a8c28-8370-4d95-a804-69548d509e85}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{716FB368-5896-4B52-8AF2-C05A3D46DE1D}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d4817425-ae18-4a77-9d08-71acc98bd32c}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f759e9d5-c984-4da0-b5a0-a2d9df02b1ff}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\IdcNotify: DllName - (idcnotify.dll) - C:\Windows\System32\idcnotify.dll () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell - "" = AutoRun O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell\AutoRun\command - "" = F:\start.exe O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/17 00:04:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/15 16:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/02/15 16:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013/02/15 13:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/14 00:47:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/02/14 00:47:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/02/14 00:47:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/02/14 00:47:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/02/14 00:47:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/02/14 00:47:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/02/14 00:47:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/02/14 00:46:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/02/13 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Desktop\Scan [2013/02/13 14:05:24 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/02/13 14:02:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/02/13 14:01:59 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/02/13 14:01:19 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013/02/13 14:00:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/02/11 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TuneUp Software [2013/02/11 16:48:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Avg2013 [2013/02/08 09:21:13 | 016,365,936 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/02/07 17:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/02/05 15:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013/01/23 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Documents\Outlook-Dateien [2012/05/08 10:11:07 | 001,638,400 | ---- | C] (LIGHTNING UK!) -- C:\Users\15G22J0290K0EU2Y\AppData\Local\ImgBurn.exe [2011/12/08 23:02:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2013/02/17 00:07:01 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000UA.job [2013/02/16 23:55:02 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/16 23:21:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/16 22:46:49 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/16 22:46:49 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/16 22:41:51 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/02/16 22:41:03 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/16 22:40:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/16 22:40:36 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys [2013/02/16 20:45:08 | 000,327,680 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/02/16 20:13:30 | 000,587,671 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\adwcleaner0.exe [2013/02/16 02:30:31 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/02/14 09:07:02 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000Core.job [2013/02/14 08:48:16 | 000,409,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/14 00:42:53 | 000,580,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/02/14 00:42:52 | 000,616,498 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/02/14 00:42:52 | 000,122,242 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/02/14 00:42:52 | 000,098,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/02/12 17:17:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/12 00:38:55 | 295,472,861 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/02/11 16:41:42 | 000,007,625 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:03 | 000,084,992 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2013/02/08 09:21:26 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/02/08 09:21:26 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/02/08 09:21:15 | 016,365,936 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/01/30 16:53:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/01/30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/01/21 20:54:13 | 000,001,041 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys ========== Files Created - No Company Name ========== [2013/02/16 20:13:30 | 000,587,671 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\adwcleaner0.exe [2013/02/12 00:38:56 | 000,409,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/12 00:38:55 | 295,472,861 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/02/11 16:41:42 | 000,007,625 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:02 | 000,084,992 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2012/12/07 21:19:13 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2012/12/07 21:19:12 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2012/12/07 21:19:11 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2012/12/07 21:19:10 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2012/12/07 21:19:10 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2012/10/27 18:13:50 | 000,003,584 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/08/27 15:17:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/07/02 22:59:09 | 000,283,097 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012/07/02 19:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012/06/16 15:52:46 | 000,000,130 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\default.rss [2012/06/09 18:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012/06/08 00:59:27 | 000,002,272 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2012/06/08 00:54:38 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2012/05/30 10:52:20 | 004,305,920 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012/05/21 17:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll [2012/02/22 12:05:36 | 015,495,729 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\SMRBackup250.dat [2011/12/08 23:02:17 | 000,087,608 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\inst.exe [2011/12/08 23:02:17 | 000,007,887 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.cat [2011/12/08 23:02:17 | 000,001,144 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.inf [2011/12/08 22:20:53 | 000,001,041 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2011/12/08 20:25:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011/12/08 17:03:53 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011/12/07 22:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > Code:
ATTFilter OTL logfile created on: 2/17/2013 12:06:31 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\15G22J0290K0EU2Y\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.75 Gb Total Physical Memory | 0.42 Gb Available Physical Memory | 24.21% Memory free 6.12 Gb Paging File | 4.80 Gb Available in Paging File | 78.35% Paging File free Paging file location(s): c:\pagefile.sys 2686 2686d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 98.59 Gb Total Space | 56.72 Gb Free Space | 57.53% Space Free | Partition Type: NTFS Drive D: | 191.46 Gb Total Space | 118.91 Gb Free Space | 62.11% Space Free | Partition Type: NTFS Computer Name: BIBA | User Name: 15G22J0290K0EU2Y | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\ProgramData\MobileBrServ\mbbService.exe () PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\ASUS\Eee Manager\EMMessageParser.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Eee Manager\EeeManager.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Message Controller\AsMessageController.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll () MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\ASUS\Message Controller\AsACPINotify.dll () MOD - C:\Program Files\ASUS\Message Controller\AsRemoteControlHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\ImageMgr.dll () MOD - C:\Program Files\ASUS\Message Controller\AsKeyboardHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\MessageParser\AsMultiLang.dll () MOD - C:\Program Files\ASUS\Eee Manager\AsMultiLang.dll () ========== Services (SafeList) ========== SRV - (Guard.Mail.ru) -- File not found SRV - (Dnscache) -- %SystemRoot%\System32\pouae2gyp.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe () SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (IdcSrv) -- C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) SRV - (ETSCSERVICE) -- C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (iwaozptt) -- File not found DRV - (ivtpxjih) -- File not found DRV - (islxmqgh) -- File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (cooonihv) -- File not found DRV - (abbchwwb) -- File not found DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG) DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (IdcFltr) -- C:\Windows\System32\drivers\idcfltr.sys (IdeaCom Technology Inc.) DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys () DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.) DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s1029unic) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation) DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation) DRV - (s1029bus) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation) DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation) DRV - (s1029mgmt) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation) DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation) DRV - (s1029nd5) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation) DRV - (ASInsHelp) -- C:\Windows\System32\drivers\AsInsHelp32.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo!" FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..browser.startup.homepage: "hxxp://office-manager/Account/LogOn" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\15G22J0290K0EU2Y\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/06 18:55:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/12 08:43:15 | 000,000,000 | ---D | M] [2012/08/28 19:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Extensions [2012/12/28 09:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Firefox\Profiles\pz396p4t.default\extensions [2012/12/10 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/12/10 18:04:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/02/06 18:55:08 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/01/18 21:02:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/08/29 11:27:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/01/18 21:02:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/01/18 21:02:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012/01/18 21:02:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/01/18 21:02:19 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml [2012/12/22 17:18:38 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober14387457.xml Hosts file not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry) O4 - HKLM..\Run: [StartCal.exe] C:\Program Files\IdeaCom\TSC\StartCal.exe (IdeaCom Technology Inc.) O4 - HKU\.DEFAULT..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-18..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\update\SearchEngineProtection.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\system32\UDDIjdlcn.dll File not found O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{577a8c28-8370-4d95-a804-69548d509e85}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{716FB368-5896-4B52-8AF2-C05A3D46DE1D}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d4817425-ae18-4a77-9d08-71acc98bd32c}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f759e9d5-c984-4da0-b5a0-a2d9df02b1ff}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\IdcNotify: DllName - (idcnotify.dll) - C:\Windows\System32\idcnotify.dll () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell - "" = AutoRun O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell\AutoRun\command - "" = F:\start.exe O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/17 00:04:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/15 16:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/02/15 16:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013/02/15 13:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/14 00:47:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/02/14 00:47:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/02/14 00:47:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/02/14 00:47:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/02/14 00:47:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/02/14 00:47:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/02/14 00:47:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/02/14 00:46:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/02/13 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Desktop\Scan [2013/02/13 14:05:24 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/02/13 14:02:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/02/13 14:01:59 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/02/13 14:01:19 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013/02/13 14:00:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/02/11 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TuneUp Software [2013/02/11 16:48:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Avg2013 [2013/02/08 09:21:13 | 016,365,936 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/02/07 17:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/02/05 15:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013/01/23 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Documents\Outlook-Dateien [2012/05/08 10:11:07 | 001,638,400 | ---- | C] (LIGHTNING UK!) -- C:\Users\15G22J0290K0EU2Y\AppData\Local\ImgBurn.exe [2011/12/08 23:02:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2013/02/17 00:07:01 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000UA.job [2013/02/16 23:55:02 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/16 23:21:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/16 22:46:49 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/16 22:46:49 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/16 22:41:51 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/02/16 22:41:03 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/16 22:40:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/16 22:40:36 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys [2013/02/16 20:45:08 | 000,327,680 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/02/16 20:13:30 | 000,587,671 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\adwcleaner0.exe [2013/02/16 02:30:31 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/02/14 09:07:02 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000Core.job [2013/02/14 08:48:16 | 000,409,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/14 00:42:53 | 000,580,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/02/14 00:42:52 | 000,616,498 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/02/14 00:42:52 | 000,122,242 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/02/14 00:42:52 | 000,098,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/02/12 17:17:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/12 00:38:55 | 295,472,861 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/02/11 16:41:42 | 000,007,625 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:03 | 000,084,992 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2013/02/08 09:21:26 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/02/08 09:21:26 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/02/08 09:21:15 | 016,365,936 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/01/30 16:53:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/01/30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/01/21 20:54:13 | 000,001,041 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys ========== Files Created - No Company Name ========== [2013/02/16 20:13:30 | 000,587,671 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\adwcleaner0.exe [2013/02/12 00:38:56 | 000,409,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/12 00:38:55 | 295,472,861 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/02/11 16:41:42 | 000,007,625 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:02 | 000,084,992 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2012/12/07 21:19:13 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2012/12/07 21:19:12 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2012/12/07 21:19:11 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2012/12/07 21:19:10 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2012/12/07 21:19:10 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2012/10/27 18:13:50 | 000,003,584 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/08/27 15:17:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/07/02 22:59:09 | 000,283,097 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012/07/02 19:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012/06/16 15:52:46 | 000,000,130 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\default.rss [2012/06/09 18:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012/06/08 00:59:27 | 000,002,272 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2012/06/08 00:54:38 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2012/05/30 10:52:20 | 004,305,920 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012/05/21 17:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll [2012/02/22 12:05:36 | 015,495,729 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\SMRBackup250.dat [2011/12/08 23:02:17 | 000,087,608 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\inst.exe [2011/12/08 23:02:17 | 000,007,887 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.cat [2011/12/08 23:02:17 | 000,001,144 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.inf [2011/12/08 22:20:53 | 000,001,041 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2011/12/08 20:25:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011/12/08 17:03:53 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011/12/07 22:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
18.02.2013, 13:43
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht)Zitat:
__________________ --> PC läuft zu langsam (Schädlingsverdacht) |
|
18.02.2013, 16:36
| #22 |
| | PC läuft zu langsam (Schädlingsverdacht) Hallo, hast Du die Datei bekommen? Gruß karlshagen. |
|
20.02.2013, 11:28
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht) Ja danke, die Datei scheint sauber zu sein Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.02.2013, 13:27
| #24 |
| | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.20.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 15G22J0290K0EU2Y :: BIBA [Administrator] 20.02.2013 13:06:18 mbam-log-2013-02-20 (13-06-18).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 185224 Laufzeit: 19 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cc60062bf139924bb1c7cc9617daa367
# engine=13199
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-20 04:28:02
# local_time=2013-02-20 05:28:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 46142078 113008873 0 0
# scanned=160447
# found=0
# cleaned=0
# scan_time=12217
|
|
22.02.2013, 10:29
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht) Hey, ich glaube ich hab den Schädling mediyes bei dir jetzt erst entdeckt   CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com
%SystemRoot%\system32\*.tsp
C:\Windows\system32\*.dll /360
C:\Windows\SysNative\*.dll /360
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.02.2013, 13:53
| #26 |
| | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter OTL logfile created on: 2/22/2013 1:19:34 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\15G22J0290K0EU2Y\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.75 Gb Total Physical Memory | 0.22 Gb Available Physical Memory | 12.67% Memory free 6.12 Gb Paging File | 3.89 Gb Available in Paging File | 63.50% Paging File free Paging file location(s): c:\pagefile.sys 2686 2686d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 98.59 Gb Total Space | 55.74 Gb Free Space | 56.54% Space Free | Partition Type: NTFS Drive D: | 191.46 Gb Total Space | 121.75 Gb Free Space | 63.59% Space Free | Partition Type: NTFS Drive I: | 3.78 Gb Total Space | 3.60 Gb Free Space | 95.21% Space Free | Partition Type: FAT Drive J: | 537.11 Gb Total Space | 2.07 Gb Free Space | 0.38% Space Free | Partition Type: NTFS Drive K: | 390.63 Gb Total Space | 122.90 Gb Free Space | 31.46% Space Free | Partition Type: NTFS Drive L: | 298.05 Mb Total Space | 7.75 Mb Free Space | 2.60% Space Free | Partition Type: NTFS Drive M: | 194.00 Mb Total Space | 124.86 Mb Free Space | 64.36% Space Free | Partition Type: NTFS Drive O: | 209.87 Gb Total Space | 174.23 Gb Free Space | 83.02% Space Free | Partition Type: NTFS Drive U: | 488.28 Gb Total Space | 472.89 Gb Free Space | 96.85% Space Free | Partition Type: NTFS Computer Name: BIBA | User Name: 15G22J0290K0EU2Y | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_168_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) PRC - C:\ProgramData\MobileBrServ\mbbService.exe () PRC - C:\Program Files\IncrediMail\Bin\IncMail.exe (IncrediMail, Ltd.) PRC - C:\Program Files\IncrediMail\Bin\ImApp.exe (IncrediMail, Ltd.) PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\ASUS\Eee Manager\EMMessageParser.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Eee Manager\EeeManager.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Message Controller\AsMessageController.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll () MOD - C:\Program Files\IncrediMail\Bin\wlessfp1.dll () MOD - C:\Program Files\IncrediMail\Bin\ImLookExU.dll () MOD - C:\Program Files\IncrediMail\Bin\ImComUtlU.dll () MOD - C:\Program Files\IncrediMail\bin\ImAppRU.dll () MOD - C:\Program Files\IncrediMail\bin\AE\ActionEngine.dll () MOD - C:\Program Files\IncrediMail\Bin\pmc.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll () MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\ASUS\Message Controller\AsACPINotify.dll () MOD - C:\Program Files\ASUS\Message Controller\AsRemoteControlHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\ImageMgr.dll () MOD - C:\Program Files\ASUS\Message Controller\AsKeyboardHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\MessageParser\AsMultiLang.dll () MOD - C:\Program Files\ASUS\Eee Manager\AsMultiLang.dll () ========== Services (SafeList) ========== SRV - (Guard.Mail.ru) -- File not found SRV - (Dnscache) -- %SystemRoot%\System32\pouae2gyp.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe () SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (IdcSrv) -- C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) SRV - (ETSCSERVICE) -- C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (iwaozptt) -- File not found DRV - (ivtpxjih) -- File not found DRV - (islxmqgh) -- File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (cooonihv) -- File not found DRV - (aqyj3d4q) -- File not found DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG) DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (IdcFltr) -- C:\Windows\System32\drivers\idcfltr.sys (IdeaCom Technology Inc.) DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys () DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.) DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s1029unic) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation) DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation) DRV - (s1029bus) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation) DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation) DRV - (s1029mgmt) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation) DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation) DRV - (s1029nd5) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation) DRV - (ASInsHelp) -- C:\Windows\System32\drivers\AsInsHelp32.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo!" FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..browser.startup.homepage: "hxxp://office-manager/Account/LogOn" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\15G22J0290K0EU2Y\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 23:21:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/12 08:43:15 | 000,000,000 | ---D | M] [2012/08/28 19:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Extensions [2012/12/28 09:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Firefox\Profiles\pz396p4t.default\extensions [2012/12/10 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/12/10 18:04:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/02/20 23:21:56 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/01/18 21:02:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/08/29 11:27:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/01/18 21:02:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/01/18 21:02:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012/01/18 21:02:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/01/18 21:02:19 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml [2012/12/22 17:18:38 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober14387457.xml Hosts file not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry) O4 - HKLM..\Run: [StartCal.exe] C:\Program Files\IdeaCom\TSC\StartCal.exe (IdeaCom Technology Inc.) O4 - HKU\.DEFAULT..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-18..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\system32\UDDIjdlcn.dll File not found O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{577a8c28-8370-4d95-a804-69548d509e85}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{716FB368-5896-4B52-8AF2-C05A3D46DE1D}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: Domain = goezy.local O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: NameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d4817425-ae18-4a77-9d08-71acc98bd32c}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f759e9d5-c984-4da0-b5a0-a2d9df02b1ff}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\IdcNotify: DllName - (idcnotify.dll) - C:\Windows\System32\idcnotify.dll () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell - "" = AutoRun O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell\AutoRun\command - "" = F:\start.exe O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/22 12:56:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/20 12:40:44 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Malwarebytes [2013/02/20 12:39:24 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Programs [2013/02/17 14:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013/02/17 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013/02/15 16:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/02/15 16:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013/02/15 13:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/14 00:47:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/02/14 00:47:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/02/14 00:47:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/02/14 00:47:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/02/14 00:47:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/02/14 00:47:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/02/14 00:47:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/02/14 00:46:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/02/13 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Desktop\Scan [2013/02/13 14:05:24 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/02/13 14:02:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/02/13 14:01:59 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/02/13 14:01:19 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013/02/13 14:00:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/02/11 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TuneUp Software [2013/02/11 16:48:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013/02/11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Avg2013 [2013/02/08 09:21:13 | 016,365,936 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/02/07 17:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/02/05 15:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013/01/23 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Documents\Outlook-Dateien [2012/05/08 10:11:07 | 001,638,400 | ---- | C] (LIGHTNING UK!) -- C:\Users\15G22J0290K0EU2Y\AppData\Local\ImgBurn.exe [2011/12/08 23:02:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2013/02/22 13:40:22 | 000,001,041 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2013/02/22 13:21:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/22 12:57:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013/02/22 12:55:02 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/22 12:07:05 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000UA.job [2013/02/22 10:49:11 | 000,039,424 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Kea New Zealand - Karlen 36985161 Booking Cancelled.msg [2013/02/22 09:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/22 09:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/22 09:07:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000Core.job [2013/02/22 09:06:54 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/02/22 09:06:18 | 000,000,431 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2013/02/22 09:06:05 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/22 09:05:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/22 09:05:39 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys [2013/02/21 23:30:05 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/02/21 23:30:04 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/02/21 15:41:02 | 004,381,412 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Samsung 3d Fernseher.pdf [2013/02/21 08:12:06 | 000,409,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/18 18:24:56 | 000,033,792 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Türkman.msg [2013/02/18 15:34:10 | 000,616,498 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/02/18 15:34:10 | 000,580,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/02/18 15:34:10 | 000,122,242 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/02/18 15:34:10 | 000,098,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/02/17 14:09:51 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013/02/16 20:45:08 | 000,327,680 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/02/16 02:30:31 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/02/11 16:41:42 | 000,007,625 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:03 | 000,084,992 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2013/02/08 09:21:15 | 016,365,936 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013/01/30 16:53:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/01/30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe ========== Files Created - No Company Name ========== [2013/02/22 10:49:10 | 000,039,424 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Kea New Zealand - Karlen 36985161 Booking Cancelled.msg [2013/02/21 15:40:58 | 004,381,412 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Samsung 3d Fernseher.pdf [2013/02/21 08:11:45 | 000,409,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/18 18:24:54 | 000,033,792 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Türkman.msg [2013/02/11 16:41:42 | 000,007,625 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013/02/09 20:56:02 | 000,084,992 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013/02/09 18:57:42 | 000,555,429 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2012/12/07 21:19:13 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2012/12/07 21:19:12 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2012/12/07 21:19:11 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2012/12/07 21:19:10 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2012/12/07 21:19:10 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2012/10/27 18:13:50 | 000,003,584 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/08/27 15:17:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/07/02 22:59:09 | 000,283,097 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012/07/02 19:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012/06/16 15:52:46 | 000,000,130 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\default.rss [2012/06/09 18:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012/06/08 00:59:27 | 000,002,272 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2012/06/08 00:54:38 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2012/05/30 10:52:20 | 004,305,920 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012/05/21 17:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll [2012/02/22 12:05:36 | 015,495,729 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\SMRBackup250.dat [2011/12/08 23:02:17 | 000,087,608 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\inst.exe [2011/12/08 23:02:17 | 000,007,887 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.cat [2011/12/08 23:02:17 | 000,001,144 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.inf [2011/12/08 22:20:53 | 000,001,041 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2011/12/08 20:25:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011/12/08 17:03:53 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011/12/07 22:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
22.02.2013, 14:18
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht) Sagmal hast du wirklich nen CustomScan gemacht? Irgendwie hab ich da etwas mehr erwartet 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.02.2013, 14:26
| #28 |
| | PC läuft zu langsam (Schädlingsverdacht) Was meinst Du mit CustomScan? |
|
22.02.2013, 14:27
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC läuft zu langsam (Schädlingsverdacht) Was mein ich wohl damit, was stand denn in meiner Anweisung wie du das OTL-Log machen solltest?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.02.2013, 14:43
| #30 |
| | PC läuft zu langsam (Schädlingsverdacht)Code:
ATTFilter OTL logfile created on: 22.02.2013 14:28:05 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\15G22J0290K0EU2Y\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 49,05% Memory free 6,12 Gb Paging File | 5,03 Gb Available in Paging File | 82,15% Paging File free Paging file location(s): c:\pagefile.sys 2686 2686d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 98,59 Gb Total Space | 55,79 Gb Free Space | 56,59% Space Free | Partition Type: NTFS Drive D: | 191,46 Gb Total Space | 121,75 Gb Free Space | 63,59% Space Free | Partition Type: NTFS Drive I: | 3,78 Gb Total Space | 3,60 Gb Free Space | 95,21% Space Free | Partition Type: FAT Drive J: | 537,11 Gb Total Space | 2,07 Gb Free Space | 0,38% Space Free | Partition Type: NTFS Drive K: | 390,63 Gb Total Space | 122,90 Gb Free Space | 31,46% Space Free | Partition Type: NTFS Drive L: | 298,05 Mb Total Space | 7,75 Mb Free Space | 2,60% Space Free | Partition Type: NTFS Drive M: | 194,00 Mb Total Space | 124,86 Mb Free Space | 64,36% Space Free | Partition Type: NTFS Drive O: | 209,87 Gb Total Space | 174,23 Gb Free Space | 83,02% Space Free | Partition Type: NTFS Drive U: | 488,28 Gb Total Space | 472,89 Gb Free Space | 96,85% Space Free | Partition Type: NTFS Computer Name: BIBA | User Name: 15G22J0290K0EU2Y | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\ProgramData\MobileBrServ\mbbService.exe () PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) PRC - C:\Program Files\ASUS\Eee Manager\EMMessageParser.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Eee Manager\EeeManager.exe (ASUSTeK) PRC - C:\Program Files\ASUS\Message Controller\AsMessageController.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll () MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\Program Files\ASUS\Asus WebStorage\EcaremeDLL.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\ASUS\Message Controller\AsACPINotify.dll () MOD - C:\Program Files\ASUS\Message Controller\AsRemoteControlHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\ImageMgr.dll () MOD - C:\Program Files\ASUS\Message Controller\AsKeyboardHooker.dll () MOD - C:\Program Files\ASUS\Eee Manager\MessageParser\AsMultiLang.dll () MOD - C:\Program Files\ASUS\Eee Manager\AsMultiLang.dll () ========== Services (SafeList) ========== SRV - (Guard.Mail.ru) -- File not found SRV - (Dnscache) -- %SystemRoot%\System32\pouae2gyp.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (Mobile Broadband HL Service) -- C:\ProgramData\MobileBrServ\mbbService.exe () SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (IdcSrv) -- C:\Program Files\IdeaCom\TSC\IdcSrv.exe (IdeaCom Technology Inc.) SRV - (ETSCSERVICE) -- C:\Program Files\IdeaCom\TSC\ETSCSERVICE.exe (IdeaCom Technology Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (iwaozptt) -- File not found DRV - (ivtpxjih) -- File not found DRV - (islxmqgh) -- File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (cooonihv) -- File not found DRV - (aqyj3d4q) -- File not found DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (nvamacpi) -- C:\Windows\System32\drivers\nvamacpi.sys (NVIDIA Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG) DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (IdcFltr) -- C:\Windows\System32\drivers\idcfltr.sys (IdeaCom Technology Inc.) DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys () DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.) DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s1029unic) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation) DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation) DRV - (s1029bus) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation) DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation) DRV - (s1029mgmt) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation) DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation) DRV - (s1029nd5) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation) DRV - (ASInsHelp) -- C:\Windows\System32\drivers\AsInsHelp32.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo!" FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..browser.startup.homepage: "hxxp://office-manager/Account/LogOn" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\15G22J0290K0EU2Y\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.20 23:21:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.12 08:43:15 | 000,000,000 | ---D | M] [2012.08.28 19:40:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Extensions [2012.12.28 09:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\mozilla\Firefox\Profiles\pz396p4t.default\extensions [2012.12.10 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012.12.10 18:04:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.02.20 23:21:56 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.01.18 21:02:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.29 11:27:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.01.18 21:02:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.01.18 21:02:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.18 21:02:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.18 21:02:19 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml [2012.12.22 17:18:38 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober14387457.xml Hosts file not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found. O3 - HKU\S-1-5-21-1998982368-3054312690-3844566786-1000\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry) O4 - HKLM..\Run: [StartCal.exe] C:\Program Files\IdeaCom\TSC\StartCal.exe (IdeaCom Technology Inc.) O4 - HKU\.DEFAULT..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-18..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\system32\UDDIjdlcn.dll File not found O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{577a8c28-8370-4d95-a804-69548d509e85}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{716FB368-5896-4B52-8AF2-C05A3D46DE1D}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7862A30D-58BD-4301-9854-D68DEF14A18E}: DhcpNameServer = 10.1.1.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d4817425-ae18-4a77-9d08-71acc98bd32c}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f759e9d5-c984-4da0-b5a0-a2d9df02b1ff}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\IdcNotify: DllName - (idcnotify.dll) - C:\Windows\System32\idcnotify.dll () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell - "" = AutoRun O33 - MountPoints2\{1550962e-d83e-11e1-a9ca-0025d37d7501}\Shell\AutoRun\command - "" = F:\start.exe O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{28e63b4b-bb23-11e1-a36b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b1-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{698150b9-deaa-11df-971b-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell - "" = AutoRun O33 - MountPoints2\{9cdf9d38-bcff-11e1-b74e-90e6ba5b36a3}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.22 12:56:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013.02.20 12:40:44 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Malwarebytes [2013.02.20 12:39:24 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Programs [2013.02.17 14:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.17 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.02.15 16:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.02.15 16:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.02.15 13:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.13 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\Desktop\Scan [2013.02.11 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TuneUp Software [2013.02.11 16:48:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.02.11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\MFAData [2013.02.11 16:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013.02.11 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Avg2013 [2013.02.07 17:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013.02.05 15:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012.05.08 10:11:07 | 001,638,400 | ---- | C] (LIGHTNING UK!) -- C:\Users\15G22J0290K0EU2Y\AppData\Local\ImgBurn.exe [2011.12.08 23:02:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2013.02.22 14:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.22 13:55:01 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.22 13:40:22 | 000,001,041 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2013.02.22 12:57:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\15G22J0290K0EU2Y\Desktop\OTL.exe [2013.02.22 12:07:05 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000UA.job [2013.02.22 10:49:11 | 000,039,424 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Kea New Zealand - Karlen 36985161 Booking Cancelled.msg [2013.02.22 09:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.22 09:11:53 | 000,018,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.22 09:07:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000Core.job [2013.02.22 09:06:54 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013.02.22 09:06:18 | 000,000,431 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2013.02.22 09:06:05 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.22 09:05:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.22 09:05:39 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys [2013.02.21 15:41:02 | 004,381,412 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Samsung 3d Fernseher.pdf [2013.02.21 08:12:06 | 000,409,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.02.18 18:24:56 | 000,033,792 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Türkman.msg [2013.02.18 15:34:10 | 000,616,498 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.02.18 15:34:10 | 000,580,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.02.18 15:34:10 | 000,122,242 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.02.18 15:34:10 | 000,098,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.02.17 14:09:51 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.02.16 20:45:08 | 000,327,680 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013.02.16 02:30:31 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013.02.11 16:41:42 | 000,007,625 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013.02.09 20:56:03 | 000,084,992 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013.02.09 18:57:42 | 000,555,429 | ---- | M] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2013.01.30 16:53:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk ========== Files Created - No Company Name ========== [2013.02.22 10:49:10 | 000,039,424 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Kea New Zealand - Karlen 36985161 Booking Cancelled.msg [2013.02.21 15:40:58 | 004,381,412 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Samsung 3d Fernseher.pdf [2013.02.21 08:11:45 | 000,409,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.02.18 18:24:54 | 000,033,792 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\Türkman.msg [2013.02.11 16:41:42 | 000,007,625 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\Resmon.ResmonCfg [2013.02.09 20:56:02 | 000,084,992 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\20% Off Easy Change.msg [2013.02.09 18:57:42 | 000,555,429 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\Desktop\QuoteDetail6BerthSTPremierUnitedCampervansNZ1302093898STW.pdf [2012.12.07 21:19:13 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2012.12.07 21:19:12 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2012.12.07 21:19:11 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2012.12.07 21:19:10 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2012.12.07 21:19:10 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2012.10.27 18:13:50 | 000,003,584 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.08.27 15:17:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012.07.02 22:59:09 | 000,283,097 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012.07.02 19:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012.06.16 15:52:46 | 000,000,130 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\default.rss [2012.06.09 18:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012.06.08 00:59:27 | 000,002,272 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2012.06.08 00:54:38 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2012.05.30 10:52:20 | 004,305,920 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012.05.21 17:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll [2012.02.22 12:05:36 | 015,495,729 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\SMRBackup250.dat [2011.12.08 23:02:17 | 000,087,608 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\inst.exe [2011.12.08 23:02:17 | 000,007,887 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.cat [2011.12.08 23:02:17 | 000,001,144 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\pcouffin.inf [2011.12.08 22:20:53 | 000,001,041 | ---- | C] () -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\vso_ts_preview.xml [2011.12.08 20:25:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.12.08 17:03:53 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011.12.07 22:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.08.28 19:37:12 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Asus WebStorage [2013.01.12 23:11:05 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\DAEMON Tools Lite [2012.07.03 17:59:26 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\DVDVideoSoft [2012.07.03 17:44:29 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.07 13:25:37 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\elsterformular [2012.12.21 09:12:47 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\ImgBurn [2012.12.22 17:18:39 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Oberon Media [2011.11.28 21:18:31 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\PhotoFiltre [2012.06.20 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Sony [2012.06.20 23:08:20 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Sony Setup [2012.06.08 00:59:47 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\systweak [2013.02.03 14:32:52 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TeamViewer [2013.02.11 17:08:00 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\TuneUp Software [2012.07.06 08:44:00 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Uniblue [2012.12.22 17:18:32 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\VisicomToolBar [2013.02.22 13:40:21 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Vso [2012.07.05 21:42:20 | 000,000,000 | ---D | M] -- C:\Users\15G22J0290K0EU2Y\AppData\Roaming\Win7codecs ========== Purity Check ========== ========== Custom Scans ========== < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 7 "ProviderFileName0" = unimdm.tsp -- [2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 5 "ProviderID4" = 6 "ProviderFilename4" = MICBx19zz.tsp < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters > "ServiceDll" = %SystemRoot%\System32\pouae2gyp.dll "ServiceDllUnloadOnStop" = 1 "extension" = %SystemRoot%\System32\dnsext.dll -- [2009.07.14 02:15:12 | 000,006,656 | ---- | M] (Microsoft Corporation) "CacheHashTableBucketSize" = 1 "CacheHashTableSize" = 180 "MaxCacheEntryTtlLimit" = 65280 "MaxSOACacheEntryTtlLimit" = 301 "EnablePlainTextPassword" = 0 "EnableSecuritySignature" = 1 "OtherDomains" = [binary data] "RequireSecuritySignature" = 0 "ServiceMain" = SetAccessPolicy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DnsCache] < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost > "RPCSS" = RpcEptMapperRpcSs [binary data] "defragsvc" = defragsvc [binary data] -- [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) "LocalSystemNetworkRestricted" = UxSmsWdiSystemHostNetmantrkwks [Binary data over 200 bytes] "LocalService" = nsiWdiServiceHostw32timeEventSy [Binary data over 200 bytes] "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "WerSvcGroup" = wersvc [binary data] -- [2009.07.14 02:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) "LocalServiceNoNetwork" = DPSPLABFEmpssvcWwanSvc [binary data] "termsvcs" = TermService [binary data] "swprv" = swprv [binary data] -- [2009.07.14 02:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) "LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvBthHFSrvLm [Binary data over 200 bytes] "LocalServicePeerNet" = PNRPSvcp2pimsvcp2psvcPnrpAutoReg [binary data] "NetworkServiceAndNoImpersonation" = KtmRm [binary data] "regsvc" = RemoteRegistry [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSFont [Binary data over 200 bytes] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkServiceNetworkRestricted" = PolicyAgent [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "sdrsvc" = sdrsvc [binary data] -- [2010.11.20 13:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) "WbioSvcGroup" = WbioSrvc [binary data] -- [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 02:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "AxInstSVGroup" = AxInstSV [binary data] -- [2010.11.20 13:18:06 | 000,088,064 | ---- | M] (Microsoft Corporation) "secsvcs" = WinDefend [binary data] "bthsvcs" = bthserv [binary data] -- [2009.07.14 02:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] "GPSvcGroup" = GPSvc [binary data] -- [2010.11.20 13:19:09 | 000,593,408 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\AxInstSVGroup] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\defragsvc] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\GPSvcGroup] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\SDRSVC] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport] < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com > [HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com\UpdateClient] < %SystemRoot%\system32\*.tsp > [2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp < C:\Windows\system32\*.dll /360 > [2012.08.23 12:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aaclient.dll [2012.03.08 10:47:00 | 000,176,736 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\system32\AERTACap.dll [2012.03.08 10:47:34 | 000,095,840 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\system32\AERTARen.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll [2012.11.30 05:45:14 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll [2012.11.30 05:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.11.30 05:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll [2012.11.30 05:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll [2012.11.30 03:38:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll [2012.11.30 03:38:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll [2012.11.30 03:38:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll [2012.11.30 03:38:59 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll [2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll [2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll [2012.07.04 22:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll [2012.07.04 22:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browser.dll [2012.12.04 01:12:16 | 001,534,464 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\BrWia09b.dll [2012.06.06 06:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll [2012.06.02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll [2012.06.02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll [2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll [2012.08.02 17:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll [2012.12.10 16:07:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll [2012.10.09 18:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll [2012.10.09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll [2012.11.02 06:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll [2012.03.03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll [2012.07.02 19:28:06 | 000,112,640 | ---- | M] () -- C:\Windows\system32\ff_vfw.dll [2012.04.10 13:40:00 | 002,193,472 | ---- | M] (Fortemedia Corporation) -- C:\Windows\system32\FMAPO.dll [2012.12.07 13:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll [2013.01.08 23:09:18 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll [2013.01.08 22:56:51 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll [2013.01.08 22:53:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll [2012.03.01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll [2012.10.03 17:40:35 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iphlpsvc.dll [2012.06.25 15:12:07 | 000,744,960 | ---- | M] (Intel Corporation) -- C:\Windows\system32\IR41_32.DLL [2013.01.08 22:58:43 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll [2013.01.08 23:11:21 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll [2013.01.08 23:00:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll [2012.08.11 00:56:14 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll [2012.11.30 05:47:44 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll [2012.11.30 05:47:45 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll [2012.05.14 05:33:42 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localspl.dll [2012.08.24 17:56:48 | 001,039,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsasrv.dll [2012.04.03 17:41:58 | 000,709,976 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\system32\MaxxAudioAPOShell.dll [2012.04.03 17:41:54 | 001,185,112 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\system32\MaxxAudioRealtek2.dll [2012.05.21 17:28:58 | 000,155,648 | ---- | M] () -- C:\Windows\system32\mlc.dll [2013.01.08 22:57:49 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll [2013.01.08 23:23:25 | 012,321,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll [2013.01.08 22:56:37 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll [2012.04.07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll [2012.08.23 14:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll [2012.08.23 09:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll [2012.06.06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll [2012.11.01 05:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll [2012.11.20 05:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll [2012.10.03 17:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll [2012.07.04 22:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll [2012.10.03 17:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll [2012.10.03 17:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll [2012.06.22 15:32:30 | 000,405,144 | ---- | M] (Newtonsoft) -- C:\Windows\system32\Newtonsoft.Json.Net20.dll [2012.10.03 17:42:26 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlaapi.dll [2012.10.03 17:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlasvc.dll [2012.12.10 16:07:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll [2012.10.10 20:14:44 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll [2012.10.10 20:14:46 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll [2012.10.02 20:28:53 | 003,965,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcpl.dll [2012.10.10 20:14:42 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll [2012.10.10 20:15:04 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll [2012.10.10 20:15:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll [2012.10.10 20:14:16 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll [2012.10.10 20:14:22 | 001,009,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispco32.dll [2012.10.10 20:14:50 | 000,888,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispgenco32.dll [2012.03.01 00:59:00 | 000,881,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvgenco32.dll [2012.10.02 20:29:41 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvmctray.dll [2012.10.10 20:14:22 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll [2012.10.10 20:14:16 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvopencl.dll [2012.10.02 20:29:41 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvshext.dll [2012.10.02 20:29:22 | 002,853,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvc.dll [2012.10.02 20:29:41 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvcr.dll [2012.10.10 20:14:50 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll [2012.03.01 00:59:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll [2012.05.01 05:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profsvc.dll [2012.05.04 10:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll [2012.04.26 05:45:54 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcorekmts.dll [2012.08.23 11:08:49 | 002,739,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcorets.dll [2012.08.23 12:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp_winip.dll [2012.08.23 14:52:25 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RdpGroupPolicyExtension.dll [2012.08.23 15:48:14 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpudd.dll [2012.04.26 05:45:55 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpwsx.dll [2012.05.09 14:57:36 | 003,166,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\RtkAPO.dll [2012.05.29 15:34:44 | 000,637,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\RtkApoApi.dll [2012.05.31 17:08:16 | 000,087,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\RtkCoInstII.dll [2012.05.09 14:57:36 | 002,415,720 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\RtkPgExt.dll [2012.08.24 17:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll [2012.05.05 08:46:52 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srcore.dll [2012.09.25 23:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll [2012.08.23 14:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll [2012.08.23 14:32:59 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TsUsbGDCoInstaller.dll [2012.08.23 15:10:04 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll [2012.11.09 05:42:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll [2012.06.09 18:21:56 | 000,178,688 | ---- | M] () -- C:\Windows\system32\unrar.dll [2013.01.08 23:01:48 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll [2013.01.08 23:03:57 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll [2012.11.22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll [2013.01.08 22:58:29 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll [2012.06.22 22:28:30 | 001,282,048 | ---- | M] (xy-VSFilter Team) -- C:\Windows\system32\VSFilter.dll [2012.07.26 03:46:47 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wdfres.dll [2012.11.09 05:43:04 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll [2013.01.08 23:03:20 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll [2013.01.04 05:50:52 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsrv.dll [2012.08.24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll [2012.08.23 14:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll [2012.03.01 06:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll [2012.12.07 13:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll [2012.06.02 23:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll [2012.06.02 23:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuaueng.dll [2012.06.02 23:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wucltux.dll [2012.07.26 04:20:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFCoinstaller.dll [2012.07.26 04:20:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFPlatform.dll [2012.07.26 04:20:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFSvc.dll [2012.07.26 04:20:40 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFx.dll [2012.06.02 23:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll [2012.06.02 23:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll [2012.06.02 23:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups2.dll [2012.06.02 14:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll [2012.05.30 10:52:20 | 004,305,920 | ---- | M] () -- C:\Windows\system32\x264vfw.dll [2009.07.14 05:53:46 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2012.01.25 17:20:32 | 000,001,114 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.01.25 17:20:34 | 000,001,118 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.04.02 09:33:05 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.06.07 14:44:12 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job [2012.07.30 08:02:36 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000Core.job [2012.07.30 08:02:37 | 000,000,972 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1998982368-3054312690-3844566786-1000UA.job < C:\Windows\SysNative\*.dll /360 > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
| Themen zu PC läuft zu langsam (Schädlingsverdacht) |
| 32 bit, andere, asus, cpu, eingefangen, entfernen, essen, folge, folgendes, herunterfahren, home, installiert, intel, lange, langsam, microsoft, problem, programm, schädlinge, security, sehr langsam, service, system, trojaner, verdacht, wirklich |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
