| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Attention Required; Google, Youtube und viele andere Websiten sind gesperrtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.03.2013, 12:47
| #1 |
 |  Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Wenn ich Google, Youtube oder was anderes besuchen will, kommt diese Meldung:  Wenn ich dann auf den Knopf (siehe Bild) drücke, kommen diese Surveys. Das einzige, was iich schnell sehen konnte, war dass auf dieser Leiste, wo steht warten auf www.google.de steht auch warten auf www.fileice.net stand. Könntet ihr mir bitte helfen? |
|
30.03.2013, 17:54
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Hat dein Virenscanner jemals angeschlagen? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
07.04.2013, 08:07
| #3 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Ich habe schon mal viel früher den Virenscanner angemacht und habe das hier gelöscht:
__________________Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.03.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC [Administrator] 03.06.2012 18:45:14 mbam-log-2012-06-03 (18-45-14).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 191807 Laufzeit: 1 Stunde(n), 28 Minute(n), 38 Sekunde(n) [Abgebrochen] Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Jonas\AppData\Local\Temp\cs8v0k.exe (Trojan.Winlock.AI) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
07.04.2013, 21:24
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Dass hier jeder dringend Hilfe haben will ist mir klar.  Ist das alles an Funden oder gibt es noch weitere?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.04.2013, 12:58
| #5 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Nein, sonst nichts. |
|
08.04.2013, 13:08
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ --> Attention Required; Google, Youtube und viele andere Websiten sind gesperrt |
|
09.04.2013, 16:40
| #7 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt OTL.txt: Code:
ATTFilter OTL logfile created on: 08.04.2013 19:12:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jonas\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1014,21 Mb Total Physical Memory | 449,75 Mb Available Physical Memory | 44,34% Memory free 1,99 Gb Paging File | 1,16 Gb Available in Paging File | 58,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 201,78 Gb Total Space | 129,47 Gb Free Space | 64,16% Space Free | Partition Type: NTFS Drive D: | 30,00 Gb Total Space | 20,69 Gb Free Space | 68,95% Space Free | Partition Type: NTFS Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jonas\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\FileOpen\Services\FileOpenManagerService32.exe (FileOpen Systems Inc.) PRC - C:\Programme\FileOpen\Services\FileOpenBroker32.exe (FileOpen Systems Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Pegatron\Hotkey\PHControl.exe (Pegatron) PRC - C:\Programme\FSP\FspUip.exe (Sentelic Corporation) PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Programme\Pegatron\Hotkey\FastUserSwitching.exe () PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () ========== Modules (No Company Name) ========== MOD - c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\Notepad++\NppShell_04.dll () MOD - C:\Programme\Pegatron\Hotkey\WLANV.dll () MOD - C:\Programme\Pegatron\Hotkey\TPS.dll () MOD - C:\Programme\FSP\KbdHook.dll () MOD - C:\Programme\FSP\FspLib.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\Pegatron\Hotkey\TPF.dll () MOD - C:\Programme\Pegatron\Hotkey\HKBD.dll () MOD - C:\Programme\Pegatron\Hotkey\PEGAACPIDLL32.dll () MOD - C:\Programme\Pegatron\Hotkey\LCSwit.dll () MOD - C:\Programme\Pegatron\Hotkey\FastUserSwitching.exe () MOD - C:\Programme\Pegatron\Hotkey\FspLib.dll () MOD - C:\Programme\PSPad editor\PSPadShell.dll () ========== Services (SafeList) ========== SRV - (WebOptimizer) -- C:\Windows\system32\dmwu.exe File not found SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe () SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Hamachi2Svc) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (FileOpenManagerService) -- C:\Programme\FileOpen\Services\FileOpenManagerService32.exe (FileOpen Systems Inc.) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe () SRV - (pc essentials) -- C:\Programme\pc essentials\updater.exe () SRV - (BsUpdate) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.) SRV - (BsMain) -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.) SRV - (BsBrowser) -- C:\Programme\BullGuard Ltd\BullGuard\BsBrowser.dll (BullGuard Ltd.) SRV - (BgRaSvc) -- C:\Programme\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe (BullGuard Ltd.) SRV - (BsFire) -- C:\Programme\BullGuard Ltd\BullGuard\BsFire.dll (BullGuard Ltd.) SRV - (BsScanner) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.) SRV - (BsBhvScan) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.) SRV - (BsMailProxy) -- C:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll (BullGuard Ltd.) SRV - (BsFileScan) -- C:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll (BullGuard Ltd.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () ========== Driver Services (SafeList) ========== DRV - (afwcore) -- C:\Windows\System32\drivers\AfwCore.sys (Agnitum Ltd.) DRV - (AFW) -- C:\Windows\System32\drivers\Afw.sys (Agnitum Ltd.) DRV - (NovaShieldFilterDriver) -- C:\Windows\System32\drivers\NSKernel.sys (NovaShield, Inc.) DRV - (NovaShieldTDIDriver) -- C:\Windows\System32\drivers\NSNetmon.sys (NovaShield, Inc.) DRV - (BdSpy) -- C:\Windows\System32\drivers\BdSpy.sys (BullGuard Ltd.) DRV - (Trufos) -- C:\Windows\System32\drivers\Trufos.sys (BitDefender S.R.L.) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation ) DRV - (fspad_wlh32) -- C:\Windows\System32\drivers\fspad_wlh32.sys (Sentelic Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) DRV - (ACPIService) -- C:\Windows\System32\drivers\ATKACPI.SYS () DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=120133&babsrc=SP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e IE - HKCU\..\SearchScopes\{5F3A1B1D-B5C5-4577-9736-AD27A377C04E}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_deDE475 IE - HKCU\..\SearchScopes\{7A98FD23-0238-482A-8127-644B44A7B465}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{ACBB78F7-FB64-4836-9A68-C5EED485C4FA}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{CF405816-FE96-4902-B4B3-0FAE591E3034}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8vftSog1&i=26 IE - HKCU\..\SearchScopes\{E285E30D-1BA8-44F3-8BBC-FF78B6B07AA3}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.selectedEngine: "Claro Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e" FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.2.1 FF - prefs.js..extensions.enabledAddons: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.5 FF - prefs.js..extensions.enabledAddons: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.7 FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10 FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.2.0 FF - prefs.js..extensions.enabledAddons: crossriderapp21058@crossrider.com:0.87.11 FF - prefs.js..extensions.enabledAddons: pricepeep@getpricepeep.com:2.1.0.22 FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6R8vftSog1&&i=26&search=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Users\Jonas\AppData\Local\mpDRM\Binaries\NPMPDRM.dll ( ) FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Jonas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( ) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jonas\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jonas\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [2012.03.17 14:05:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.03 13:34:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pagealicious@pagealicious.com: C:\Program Files\Pagealicious\Pagealicious.xpi [2013.02.18 17:36:14 | 000,036,694 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 14:43:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.02.18 17:33:51 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2012.03.01 18:20:20 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2012.03.17 14:05:22 | 000,000,000 | ---D | M] [2011.07.22 19:17:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions [2013.02.18 17:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions [2012.10.18 10:19:43 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2012.11.04 11:34:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.09.01 11:54:10 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2013.02.18 17:34:34 | 000,000,000 | ---D | M] ("Savings Explorer") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\crossriderapp21058@crossrider.com [2012.02.03 18:26:13 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\ffxtlbr@babylon.com [2013.02.18 17:33:31 | 000,000,000 | ---D | M] (Claro Toolbar) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\ffxtlbr@claro.com [2013.02.18 17:35:30 | 000,000,000 | ---D | M] (Pagealicious) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\Pagealicious [2013.02.18 17:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\2ayl000g.default\extensions\crossriderapp21058@crossrider.com\chrome\content\extensionCode [2013.02.04 22:35:36 | 000,053,941 | ---- | M] () (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\extensions\pricepeep@getpricepeep.com.xpi [2012.08.30 14:43:39 | 000,526,409 | ---- | M] () (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\extensions\toolbar@web.de.xpi [2012.08.28 14:36:14 | 000,318,530 | ---- | M] () (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2012.08.30 14:45:36 | 000,000,853 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\11-suche.xml [2013.02.18 17:33:36 | 000,001,300 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\claro.xml [2012.08.30 14:45:36 | 000,002,209 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\englische-ergebnisse.xml [2012.08.30 14:45:36 | 000,010,506 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\gmx-suche.xml [2012.08.30 14:45:36 | 000,002,368 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\lastminute.xml [2012.06.07 08:09:26 | 000,002,203 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\MyStart Search.xml [2012.08.30 14:45:35 | 000,005,489 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\2ayl000g.default\searchplugins\webde-suche.xml [2012.10.25 15:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.25 15:51:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.10.25 15:51:27 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.08.25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.18 17:33:16 | 000,006,484 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Claro Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.claro-search.com/?q={searchTerms}&affID=120133&babsrc=SP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=883b5e6d0000000000001c4bd6e4a32e CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jonas\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jonas\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jonas\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Jonas\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Angry Birds = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: GeoGebra = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee\4.2.0.0_0\ CHR - Extension: CT Sobrio = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogcpnmcioajbgpnmaeibpnjbepkbhec\1_0\ CHR - Extension: Angry Birds Space Unlocked = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdcmhjnadmfnaiaaeloheclgidakomnn\2.3.1_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\ O1 HOSTS File: ([2013.02.20 17:08:58 | 000,010,201 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 198.167.139.182 google.com O1 - Hosts: 198.167.139.182 www.google.ae O1 - Hosts: 198.167.139.182 www.google.com.af O1 - Hosts: 198.167.139.182 www.google.com.ag O1 - Hosts: 198.167.139.182 www.google.off.ai O1 - Hosts: 198.167.139.182 www.google.am O1 - Hosts: 198.167.139.182 www.google.com.ar O1 - Hosts: 198.167.139.182 www.google.as O1 - Hosts: 198.167.139.182 www.google.at O1 - Hosts: 198.167.139.182 www.google.com.au O1 - Hosts: 198.167.139.182 www.google.az O1 - Hosts: 198.167.139.182 www.google.ba O1 - Hosts: 198.167.139.182 www.google.com.bd O1 - Hosts: 198.167.139.182 www.google.be O1 - Hosts: 198.167.139.182 www.google.bg O1 - Hosts: 198.167.139.182 www.google.com.bh O1 - Hosts: 198.167.139.182 www.google.bi O1 - Hosts: 198.167.139.182 www.google.com.bo O1 - Hosts: 198.167.139.182 www.google.com.br O1 - Hosts: 198.167.139.182 www.google.bs O1 - Hosts: 198.167.139.182 www.google.co.bw O1 - Hosts: 198.167.139.182 www.google.com.bz O1 - Hosts: 198.167.139.182 www.google.ca O1 - Hosts: 198.167.139.182 www.google.cd O1 - Hosts: 198.167.139.182 www.google.cg O1 - Hosts: 313 more lines... O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Programme\Claro LTD\claro\1.8.8.5\bh\claro.dll (Montera Technologeis LTD) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Pagealicious) - {60C07B56-542E-4054-A503-4E9E08DF2F84} - C:\Programme\Pagealicious\Pagealicious.dll (TODO: <Company name>) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Programme\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.) O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Programme\PricePeep\pricepeep.dll (PricePeep) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Programme\Claro LTD\claro\1.8.8.5\claroTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Programme\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [FileOpenBroker] C:\Programme\FileOpen\Services\FileOpenBroker32.exe (FileOpen Systems Inc.) O4 - HKLM..\Run: [fspuip] c:\Program Files\FSP\fspuip.exe (Sentelic Corporation) O4 - HKLM..\Run: [Hotkey] C:\Programme\Pegatron\Hotkey\FastUserSwitching.exe () O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pkg_0ll.exe.lnk = File not found O4 - Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O13 - gopher Prefix: missing O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/armhelper.ocx (ArmHelper Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24BC267C-80AB-44F3-96CC-B5B660E05A41}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D372648-D01A-4949-8ABB-5FF287D19DB7}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\System32\BgGamingMonitor.dll (BullGuard Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.23 08:09:29 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\Programs [2013.03.20 18:52:00 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\magical8bitPlug_for_win [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.08 19:44:09 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3102065283-3266553345-849421369-1000UA.job [2013.04.08 19:39:49 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2013.04.08 19:24:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3102065283-3266553345-849421369-1000Core.job [2013.04.07 09:04:22 | 000,002,330 | ---- | M] () -- C:\Users\Jonas\Desktop\Google Chrome.lnk [2013.03.31 21:06:06 | 000,010,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.31 21:06:06 | 000,010,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 14:14:05 | 000,001,015 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.03.30 14:13:25 | 000,000,983 | ---- | M] () -- C:\Users\Jonas\Desktop\Dropbox.lnk [2013.03.30 14:10:05 | 000,000,004 | ---- | M] () -- C:\ProgramData\WBLD.INI [2013.03.30 14:09:17 | 797,605,888 | -HS- | M] () -- C:\hiberfil.sys [2013.03.30 13:39:55 | 000,274,431 | ---- | M] () -- C:\Users\Jonas\Desktop\Virus.jpg [2013.03.23 08:09:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.30 13:39:55 | 000,274,431 | ---- | C] () -- C:\Users\Jonas\Desktop\Virus.jpg [2013.03.23 08:09:52 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.05 19:19:52 | 000,001,451 | ---- | C] () -- C:\Users\Jonas\AppData\Local\recently-used.xbel [2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll [2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll [2012.06.07 08:14:54 | 000,001,206 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\CamStudio.Producer.ini [2012.06.07 08:14:54 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\CamStudio.Producer.Data.ini [2012.06.07 08:14:00 | 000,004,416 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\CamStudio.cfg [2012.06.07 08:14:00 | 000,000,408 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\CamShapes.ini [2012.06.07 08:14:00 | 000,000,408 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\CamLayout.ini [2012.06.07 08:14:00 | 000,000,096 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\Camdata.ini [2011.09.11 18:40:05 | 000,000,180 | ---- | C] () -- C:\Windows\_delis43.ini [2011.09.11 18:01:53 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe [2011.07.25 14:19:31 | 000,000,680 | RHS- | C] () -- C:\Users\Jonas\ntuser.pol [2011.07.11 19:12:31 | 000,018,944 | ---- | C] () -- C:\Windows\eraser.exe [2011.07.09 14:12:58 | 000,000,075 | ---- | C] () -- C:\Windows\TassWin.INI [2011.07.09 13:55:21 | 000,149,504 | R--- | C] () -- C:\Windows\System32\CETNUASM.DLL [2011.01.18 17:54:52 | 000,005,120 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.26 18:53:26 | 000,001,092 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\wklnhst.dat [2009.12.18 13:08:32 | 000,000,004 | ---- | C] () -- C:\ProgramData\WBLD.INI ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:7D6EC5BE @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:B1FBBD09 < End of report > Code:
ATTFilter OTL Extras logfile created on: 08.04.2013 19:12:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jonas\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16438)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,21 Mb Total Physical Memory | 449,75 Mb Available Physical Memory | 44,34% Memory free
1,99 Gb Paging File | 1,16 Gb Available in Paging File | 58,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 201,78 Gb Total Space | 129,47 Gb Free Space | 64,16% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 20,69 Gb Free Space | 68,95% Space Free | Partition Type: NTFS
Computer Name: JONAS-PC | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F4FF172-B855-4E96-9CD9-1F0D3AD19E4B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C465D422-A97A-441B-A4FB-75CD505ADA5E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D29967A3-00B0-492A-B942-4419287820B9}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000E0A1A-B8B5-44B3-8370-6DA8563226B4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2AF8EA48-7105-4B5E-BAF7-00546BBBE436}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{325909D8-5C33-4F7D-8D01-569DB4A6F565}" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"{34247A01-3C06-4CEF-B8F4-DBC0539CB96F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{35F2F544-C2ED-436A-BA20-56C6C566DB30}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3C98DE40-5D53-4DC7-940D-421DDA0A99CA}" = protocol=6 | dir=in | app=c:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe |
"{3DE11477-FD36-4F37-A419-7FD353EE6CDC}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{51394D7C-1251-46E6-A195-F492F54BAD6E}" = protocol=17 | dir=in | app=c:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe |
"{647EE00C-681D-43AD-BA48-BC63DFCBCD23}" = protocol=17 | dir=in | app=c:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe |
"{68560169-E59F-4608-9901-837017DD3C34}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{790A5BE2-9B43-4AE7-988B-0AD0A7B7FB6E}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{7B255AA4-32E5-4B3C-B55F-7C2256994904}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{7D472E7F-807B-4629-AEA2-99FF174F72AD}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{82ED29F6-1415-4A41-8278-6CA2ED3B63CB}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"{836B6F3B-7D2B-45BF-9855-4A9169A6A39F}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{90DCCFFF-1D8A-4C43-B7D7-84FEDEEBFB61}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A6CC47F8-90B9-4E00-8898-AC87850956FD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9562208-6BE0-435D-A775-7A0D65295D80}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"{C20150C8-2923-4D8E-9F39-0783E23416BC}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{C2E587F4-1302-402C-83E0-A7AD6B48B54E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D9EBD722-95DD-4A9C-A9AB-3FD5C2A6B9CF}" = protocol=6 | dir=in | app=c:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe |
"{F7BA547E-191A-44BF-A11B-46481F0631BB}" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"{FD2A3CCE-7718-45F3-8E68-1CD978D33D62}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{043CAA8A-9943-4E6A-BB1B-86FD229FB4CC}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{3B935FFA-E24C-41AB-8966-0837186FD051}C:\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"TCP Query User{434A8A98-C86A-4763-9B3B-E4116DF0E1F8}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{4A094AA9-F125-4EF8-A1B7-9BEFE46FA554}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{8715BB9D-133E-4476-A255-57FCCBC087F1}C:\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"TCP Query User{9701844B-8AA0-44B7-AC5F-5E02113B1642}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{A8E13F43-1D69-4FA8-9169-7786D2F511D8}C:\udk\udk-2009-11-2\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\udk\udk-2009-11-2\binaries\win32\udk.exe |
"TCP Query User{AE671140-BD8B-4998-8E6A-6B38A4472BB7}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{D82F4D2B-34E4-4EF8-967B-AD5CDB635C1E}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{DDB883BC-FB40-436F-91DE-29F20A7A0047}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1B35C50C-DDDD-47C4-B81D-FA79DA08BCFB}C:\udk\udk-2009-11-2\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\udk\udk-2009-11-2\binaries\win32\udk.exe |
"UDP Query User{55CAFEEF-B74C-491C-8AF9-863B8B469CE1}C:\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"UDP Query User{874DDC5E-7656-4789-A4C6-42374E05F4B0}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{8C55A407-0EFA-4313-96E8-15666C2FF9B0}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{A63772CD-CB37-4D86-BF77-B446D2942DE7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CFEC05A1-0826-4750-BC9B-BBB1101499F3}C:\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"UDP Query User{DBF7A7E0-025F-48D9-9BF2-0C710A90C78B}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{E5A8469D-46C9-44C1-8847-F79AEFC02815}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{EC38BEA6-A6B0-41A1-B582-5429F5588A3A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EFD9EDC8-3321-409A-B80B-607058340908}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{069B290F-5398-4629-A009-85B4BCB4B1B9}" = Claro Chrome Toolbar
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21B64483-4848-11DB-AB11-000374890932}" = Homepage Maker 5
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24F5BFDD-18E0-41F6-8A68-A22C742FC4A1}" = TubeBox!
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{2864C41B-EF2D-4640-95A2-526276524519}" = Borland C++Builder 6
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31D47283-7B4C-46C1-BC62-99CFD66CDD66}" = MAGIX Speed burnR (MSI)
"{32A3A4F4-B792-11D6-A78A-00B0D0160350}" = Java(TM) SE Development Kit 6 Update 35
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{3791BEF3-C86F-448F-B48A-A83F1B2B1886}" = MAGIX Screenshare
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5A627DFB-EA4C-4FFA-B711-69E849FB40D8}" = Hotkey
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69B77D45-F5AD-4AB9-933D-352703324469}_is1" = RAR Password Unlocker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7223945A-F037-4AE1-92F9-BA8304F0E21A}" = TubeBox!
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.8.0
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC184566-C420-4995-934B-97BE1A7DEC06}" = FileOpen Client
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C53F001E-5912-4E76-AC49-9AC20B36B1A2}" = MSM2MSI_gstudio
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Evaluation
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E30FF7-5EAE-4E0E-B394-78214222D60C}" = Windows Internet Explorer Platform Preview
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F369DA4F-7993-4E8D-ADBD-60D82FCF93EC}" = MAGIX Music Maker 17
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"{FFBE334E-06EF-44B5-8CF7-129F7F9526A2}" = Mindjet MindManager Lite 7
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"755087041320E005CB1E8A67C5C55A260EB81B90" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"97CEB8209F0BC014131F0864966F5B9C9345570E" = Windows Driver Package - Broadcom Bluetooth (05/27/2009 6.1.7100.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALDI Foto Service D" = ALDI Foto Service
"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free
"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice
"ALDI Nord Online Druck Service D" = ALDI Nord Online Druck Service
"Alfons Lernwelt" = Alfons Lernwelt
"BabylonToolbar" = Babylon toolbar on IE
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Blender" = Blender
"Borland JBuilder 2.0" = Borland JBuilder 2.0
"BullGuard" = BullGuard
"capella_1200 5.2" = capella 1200 Version 5.2
"capella2002-v4.0" = capella 1200, Version 4.0
"CCleaner" = CCleaner
"claro" = Claro toolbar
"FileZilla Client" = FileZilla Client 3.2.7.1
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"Gamestudio A8" = Gamestudio A8
"Genesis3D11Key" = Genesis3D11
"GIMP-2_is1" = GIMP 2.8.0
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"incredibar" = Incredibar Toolbar on IE and Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InterActual Player" = InterActual Player
"LeechFTP" = LeechFTP AL PLAYE
"LogMeIn Hamachi" = LogMeIn Hamachi
"logoscreensaver" = logoscreensaver Screen Saver
"MAGIX_MSI_mm17" = MAGIX Music Maker 17
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Minecraft Texturepack Editor" = Minecraft Texturepack Editor
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetObjects Fusion 3.0.1" = NetObjects Fusion 3.0.1
"New LEGO Digital Designer" = LEGO Digital Designer
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Pagealicious" = Pagealicious
"PDF-XChange 3_is1" = PDF-XChange 3
"PhotoScape" = PhotoScape
"PriceGong" = PriceGong 2.6.7
"PricePeep" = PricePeep
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"Savings Explorer" = Savings Explorer
"UDK-f9f58a61-e443-4469-a6b7-8cf436caa0e6" = Unreal Development Kit: 2009-11-2
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"Wissen macht Ah! - Bildschirmschoner" = Wissen macht Ah! - Bildschirmschoner Bildschirmschoner
"Your Product1.0" = Your Product
"ZetaProducer10" = Zeta Producer 10 10.7.0 (nur entfernen)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.09.2012 09:41:59 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.09.2012 09:41:59 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4227
Error - 22.09.2012 09:41:59 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4227
Error - 22.09.2012 09:42:00 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.09.2012 09:42:00 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5241
Error - 22.09.2012 09:42:00 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5241
Error - 22.09.2012 09:42:01 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.09.2012 09:42:01 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6240
Error - 22.09.2012 09:42:01 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6240
Error - 22.09.2012 09:42:02 | Computer Name = Jonas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
[ System Events ]
Error - 30.03.2013 07:13:51 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
Error - 30.03.2013 08:09:38 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WebOptimizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 30.03.2013 08:09:47 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 30.03.2013 13:05:29 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst wlidsvc erreicht.
Error - 31.03.2013 04:16:03 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 31.03.2013 09:02:49 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst PlugPlay erreicht.
Error - 07.04.2013 10:06:45 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst PlugPlay erreicht.
Error - 08.04.2013 08:15:42 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst WinDefend erreicht.
Error - 08.04.2013 08:56:32 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman erreicht.
Error - 08.04.2013 13:11:33 | Computer Name = Jonas-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
< End of report >
|
|
09.04.2013, 16:44
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.04.2013, 18:59
| #9 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.04.09.08
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16438
Jonas :: JONAS-PC [administrator]
09.04.2013 19:34:42
mbar-log-2013-04-09 (19-34-42).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31177
Time elapsed: 22 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110211101158} (PUP.215Apps) -> Delete on reboot.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-09 19:02:17
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEVT-00A23T0 rev.01.01A01 232,89GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\fwdoypow.sys
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81C7CA49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81CB64D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\drivers\oukmlnes.sys Das System kann den angegebenen Pfad nicht finden. !
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xA88D069D]
---- User code sections - GMER 2.1 ----
.text c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe[332] USER32.dll!DialogBoxParamW 773B3B9B 5 Bytes JMP 756346C0 c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.text C:\Windows\system32\wininit.exe[500] USER32.dll!DialogBoxParamW 773B3B9B 5 Bytes JMP 756346C0 c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.text C:\Windows\system32\taskhost.exe[548] USER32.dll!DialogBoxParamW 773B3B9B 5 Bytes JMP 756346C0 c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.text C:\Windows\system32\services.exe[556] USER32.dll!DialogBoxParamW 773B3B9B 5 Bytes JMP 756346C0 c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.text C:\Windows\system32\winlogon.exe[592] USER32.dll!DialogBoxParamW 773B3B9B 5 Bytes JMP 756346C0 c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.text ...
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3a147f0
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3a147fa
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd6006445
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd612c05d
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd612c05d@001060d10359 0x38 0x50 0x3E 0xB9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6A754A24-241A-4705-9362-E5ADA199D175}@LeaseObtainedTime 1365523262
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6A754A24-241A-4705-9362-E5ADA199D175}@T1 1365523389
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6A754A24-241A-4705-9362-E5ADA199D175}@T2 1365523485
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6A754A24-241A-4705-9362-E5ADA199D175}@LeaseTerminatesTime 1365523517
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3a147f0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3a147fa (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd6006445 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd612c05d (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd612c05d@001060d10359 0x38 0x50 0x3E 0xB9 ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
09.04.2013, 22:43
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 13:45
| #11 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt aswmbr: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-10 13:45:42
-----------------------------
13:45:42.551 OS Version: Windows 6.1.7601 Service Pack 1
13:45:42.552 Number of processors: 2 586 0x1C0A
13:45:42.554 ComputerName: JONAS-PC UserName: Jonas
13:45:43.812 Initialize success
13:48:43.885 AVAST engine defs: 13040901
13:49:07.320 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:49:07.326 Disk 0 Vendor: WDC_WD2500BEVT-00A23T0 01.01A01 Size: 238475MB BusType: 3
13:49:07.654 Disk 0 MBR read successfully
13:49:07.661 Disk 0 MBR scan
13:49:07.772 Disk 0 unknown MBR code
13:49:07.801 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:49:07.835 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 206627 MB offset 206848
13:49:07.879 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 30720 MB offset 423378944
13:49:07.968 Disk 0 Partition 4 00 12 Compaq diag NTFS 1026 MB offset 486293504
13:49:07.989 Disk 0 scanning sectors +488394752
13:49:08.330 Disk 0 scanning C:\Windows\system32\drivers
13:49:47.734 Service scanning
13:50:50.368 Modules scanning
13:51:35.498 Disk 0 trace - called modules:
13:51:35.514 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
13:51:35.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84529030]
13:51:35.515 3 CLASSPNP.SYS[867cc59e] -> nt!IofCallDriver -> [0x84063898]
13:51:35.515 5 ACPI.sys[864d73d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84455030]
13:51:36.440 AVAST engine scan C:\Windows
13:51:45.152 AVAST engine scan C:\Windows\system32
13:59:13.098 AVAST engine scan C:\Windows\system32\drivers
13:59:35.776 AVAST engine scan C:\Users\Jonas
14:17:09.305 File: C:\Users\Jonas\Downloads\MC\MPAC.exe **INFECTED** Win32:Dropper-gen [Drp]
14:17:09.648 File: C:\Users\Jonas\Downloads\MCP\MPAC.exe **INFECTED** Win32:Dropper-gen [Drp]
14:19:24.759 AVAST engine scan C:\ProgramData
14:21:36.335 Scan finished successfully
14:31:42.234 Disk 0 MBR has been saved successfully to "C:\Users\Jonas\Desktop\MBR.dat"
14:31:42.276 The log file has been saved successfully to "C:\Users\Jonas\Desktop\aswMBR.txt"
Code:
ATTFilter 14:37:42.0670 4192 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:37:43.0745 4192 ============================================================
14:37:43.0746 4192 Current date / time: 2013/04/10 14:37:43.0745
14:37:43.0746 4192 SystemInfo:
14:37:43.0746 4192
14:37:43.0746 4192 OS Version: 6.1.7601 ServicePack: 1.0
14:37:43.0746 4192 Product type: Workstation
14:37:43.0747 4192 ComputerName: JONAS-PC
14:37:43.0747 4192 UserName: Jonas
14:37:43.0747 4192 Windows directory: C:\Windows
14:37:43.0747 4192 System windows directory: C:\Windows
14:37:43.0747 4192 Processor architecture: Intel x86
14:37:43.0747 4192 Number of processors: 2
14:37:43.0747 4192 Page size: 0x1000
14:37:43.0747 4192 Boot type: Normal boot
14:37:43.0747 4192 ============================================================
14:37:46.0101 4192 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:37:46.0114 4192 ============================================================
14:37:46.0114 4192 \Device\Harddisk0\DR0:
14:37:46.0114 4192 MBR partitions:
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x19391800
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193C4000, BlocksNum 0x3C00000
14:37:46.0114 4192 ============================================================
14:37:46.0151 4192 C: <-> \Device\Harddisk0\DR0\Partition2
14:37:46.0214 4192 D: <-> \Device\Harddisk0\DR0\Partition3
14:37:46.0275 4192 ============================================================
14:37:46.0276 4192 Initialize success
14:37:46.0276 4192 ============================================================
14:38:56.0482 4052 Deinitialize success
Geändert von gigamanzone (10.04.2013 um 14:31 Uhr) |
|
10.04.2013, 14:50
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrtZitat:
Und das Log vom tdsskiller ist unvollständig
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 14:57
| #13 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt Mein Freund hat mir das per Email geschickt und sagte, dass das ein Texturpack-Editor für Minecraft wäre. Er hat mir aber eine Infizierte Datei geschickt und so hab ich es bekommen. Und die Logdatei: Code:
ATTFilter 14:37:42.0670 4192 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:37:43.0745 4192 ============================================================
14:37:43.0746 4192 Current date / time: 2013/04/10 14:37:43.0745
14:37:43.0746 4192 SystemInfo:
14:37:43.0746 4192
14:37:43.0746 4192 OS Version: 6.1.7601 ServicePack: 1.0
14:37:43.0746 4192 Product type: Workstation
14:37:43.0747 4192 ComputerName: JONAS-PC
14:37:43.0747 4192 UserName: Jonas
14:37:43.0747 4192 Windows directory: C:\Windows
14:37:43.0747 4192 System windows directory: C:\Windows
14:37:43.0747 4192 Processor architecture: Intel x86
14:37:43.0747 4192 Number of processors: 2
14:37:43.0747 4192 Page size: 0x1000
14:37:43.0747 4192 Boot type: Normal boot
14:37:43.0747 4192 ============================================================
14:37:46.0101 4192 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:37:46.0114 4192 ============================================================
14:37:46.0114 4192 \Device\Harddisk0\DR0:
14:37:46.0114 4192 MBR partitions:
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x19391800
14:37:46.0114 4192 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193C4000, BlocksNum 0x3C00000
14:37:46.0114 4192 ============================================================
14:37:46.0151 4192 C: <-> \Device\Harddisk0\DR0\Partition2
14:37:46.0214 4192 D: <-> \Device\Harddisk0\DR0\Partition3
14:37:46.0275 4192 ============================================================
14:37:46.0276 4192 Initialize success
14:37:46.0276 4192 ============================================================
14:38:56.0482 4052 Deinitialize success
|
|
10.04.2013, 15:40
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Attention Required; Google, Youtube und viele andere Websiten sind gesperrt tdsskiller Log ist immer noch unvollständig. Da fehlt eine ganze Ecke an Infos, hast wohl falsch ausgeführt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 15:48
| #15 |
| | Attention Required; Google, Youtube und viele andere Websiten sind gesperrtCode:
ATTFilter 14:40:39.0725 3728 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:40:40.0051 3728 ============================================================
14:40:40.0051 3728 Current date / time: 2013/04/10 14:40:40.0051
14:40:40.0051 3728 SystemInfo:
14:40:40.0051 3728
14:40:40.0051 3728 OS Version: 6.1.7601 ServicePack: 1.0
14:40:40.0051 3728 Product type: Workstation
14:40:40.0052 3728 ComputerName: JONAS-PC
14:40:40.0052 3728 UserName: Jonas
14:40:40.0052 3728 Windows directory: C:\Windows
14:40:40.0052 3728 System windows directory: C:\Windows
14:40:40.0052 3728 Processor architecture: Intel x86
14:40:40.0052 3728 Number of processors: 2
14:40:40.0052 3728 Page size: 0x1000
14:40:40.0052 3728 Boot type: Normal boot
14:40:40.0052 3728 ============================================================
14:40:41.0490 3728 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:40:41.0496 3728 ============================================================
14:40:41.0496 3728 \Device\Harddisk0\DR0:
14:40:41.0496 3728 MBR partitions:
14:40:41.0496 3728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:40:41.0496 3728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x19391800
14:40:41.0497 3728 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193C4000, BlocksNum 0x3C00000
14:40:41.0497 3728 ============================================================
14:40:41.0518 3728 C: <-> \Device\Harddisk0\DR0\Partition2
14:40:41.0570 3728 D: <-> \Device\Harddisk0\DR0\Partition3
14:40:41.0570 3728 ============================================================
14:40:41.0570 3728 Initialize success
14:40:41.0570 3728 ============================================================
14:40:43.0523 1912 ============================================================
14:40:43.0524 1912 Scan started
14:40:43.0524 1912 Mode: Manual;
14:40:43.0524 1912 ============================================================
14:40:46.0233 1912 ================ Scan system memory ========================
14:40:46.0233 1912 System memory - ok
14:40:46.0235 1912 ================ Scan services =============================
14:40:46.0470 1912 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:40:46.0475 1912 1394ohci - ok
14:40:46.0553 1912 [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:40:46.0559 1912 acedrv11 - ok
14:40:46.0637 1912 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:40:46.0645 1912 ACPI - ok
14:40:46.0706 1912 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:40:46.0709 1912 AcpiPmi - ok
14:40:46.0770 1912 [ C1C7EEF1A53A6B47323187A22559E553 ] ACPIService C:\Windows\system32\DRIVERS\ATKACPI.SYS
14:40:46.0773 1912 ACPIService - ok
14:40:46.0927 1912 [ 0F6D872FD048D437DCBF5C1A80194886 ] AdobeActiveFileMonitor C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
14:40:46.0931 1912 AdobeActiveFileMonitor - ok
14:40:46.0994 1912 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:40:47.0003 1912 adp94xx - ok
14:40:47.0090 1912 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:40:47.0099 1912 adpahci - ok
14:40:47.0152 1912 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:40:47.0158 1912 adpu320 - ok
14:40:47.0214 1912 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:40:47.0217 1912 AeLookupSvc - ok
14:40:47.0284 1912 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
14:40:47.0292 1912 AFD - ok
14:40:47.0341 1912 [ 5C4125D2AF6DDBB6422CE5F6E9BE7098 ] AFW C:\Windows\system32\DRIVERS\afw.sys
14:40:47.0344 1912 AFW - ok
14:40:47.0383 1912 [ C223C5327FF06330B0251F1830FEE1AF ] afwcore C:\Windows\system32\DRIVERS\afwcore.sys
14:40:47.0391 1912 afwcore - ok
14:40:47.0436 1912 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:40:47.0440 1912 agp440 - ok
14:40:47.0487 1912 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:40:47.0491 1912 aic78xx - ok
14:40:47.0540 1912 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:40:47.0544 1912 ALG - ok
14:40:47.0579 1912 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:40:47.0582 1912 aliide - ok
14:40:47.0624 1912 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:40:47.0628 1912 amdagp - ok
14:40:47.0658 1912 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:40:47.0661 1912 amdide - ok
14:40:47.0718 1912 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:40:47.0722 1912 AmdK8 - ok
14:40:47.0744 1912 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:40:47.0747 1912 AmdPPM - ok
14:40:47.0808 1912 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:40:47.0812 1912 amdsata - ok
14:40:47.0861 1912 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:40:47.0867 1912 amdsbs - ok
14:40:47.0897 1912 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:40:47.0901 1912 amdxata - ok
14:40:47.0956 1912 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:40:47.0960 1912 AppID - ok
14:40:48.0024 1912 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:40:48.0027 1912 AppIDSvc - ok
14:40:48.0071 1912 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
14:40:48.0074 1912 Appinfo - ok
14:40:48.0190 1912 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:48.0198 1912 Apple Mobile Device - ok
14:40:48.0250 1912 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:40:48.0254 1912 arc - ok
14:40:48.0277 1912 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:40:48.0281 1912 arcsas - ok
14:40:48.0461 1912 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:40:48.0501 1912 aspnet_state - ok
14:40:48.0561 1912 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:40:48.0564 1912 AsyncMac - ok
14:40:48.0605 1912 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:40:48.0606 1912 atapi - ok
14:40:48.0672 1912 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:40:48.0683 1912 AudioEndpointBuilder - ok
14:40:48.0717 1912 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:40:48.0724 1912 Audiosrv - ok
14:40:48.0762 1912 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:40:48.0766 1912 AxInstSV - ok
14:40:48.0818 1912 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:40:48.0828 1912 b06bdrv - ok
14:40:48.0892 1912 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:40:48.0899 1912 b57nd60x - ok
14:40:48.0963 1912 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:40:48.0977 1912 BDESVC - ok
14:40:49.0021 1912 [ FE7D7035833981F5B4EE746805E9C30E ] BdSpy C:\Windows\system32\DRIVERS\BdSpy.sys
14:40:49.0024 1912 BdSpy - ok
14:40:49.0043 1912 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:40:49.0045 1912 Beep - ok
14:40:49.0111 1912 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:40:49.0123 1912 BFE - ok
14:40:49.0239 1912 [ C4F6B64F61934523E2DAD838D4B23B12 ] BgRaSvc C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
14:40:49.0253 1912 BgRaSvc - ok
14:40:49.0333 1912 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
14:40:49.0400 1912 BITS - ok
14:40:49.0466 1912 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:40:49.0468 1912 blbdrive - ok
14:40:49.0566 1912 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:40:49.0575 1912 Bonjour Service - ok
14:40:49.0673 1912 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:40:49.0677 1912 bowser - ok
14:40:49.0716 1912 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:40:49.0720 1912 BrFiltLo - ok
14:40:49.0755 1912 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:40:49.0757 1912 BrFiltUp - ok
14:40:49.0824 1912 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:40:49.0828 1912 Browser - ok
14:40:50.0035 1912 [ 639838B4BD0ED95F308650B910E3EC82 ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
14:40:50.0105 1912 BrowserProtect - ok
14:40:50.0152 1912 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:40:50.0160 1912 Brserid - ok
14:40:50.0220 1912 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:40:50.0223 1912 BrSerWdm - ok
14:40:50.0278 1912 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:40:50.0281 1912 BrUsbMdm - ok
14:40:50.0348 1912 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:40:50.0351 1912 BrUsbSer - ok
14:40:50.0430 1912 [ CD40B39A3DAC59BD00BA0C76941133D2 ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
14:40:50.0439 1912 BsBhvScan - ok
14:40:50.0494 1912 [ 5F15F8A2FE5D087F6EBDC3961A8B198E ] BsBrowser C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll
14:40:50.0497 1912 BsBrowser - ok
14:40:50.0578 1912 [ 514E96F4037B98067863A65E89349D80 ] BsFileScan C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll
14:40:50.0586 1912 BsFileScan - ok
14:40:50.0664 1912 [ 9C6066552E2BF2360667E15730DC0995 ] BsFire C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll
14:40:50.0675 1912 BsFire - ok
14:40:50.0733 1912 [ 162266BFCEADACEBBB628DFD0C1AB152 ] BsMailProxy C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll
14:40:50.0738 1912 BsMailProxy - ok
14:40:50.0799 1912 [ 60D6ECED581EFC2D237721F72BC6FBAC ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
14:40:50.0804 1912 BsMain - ok
14:40:50.0840 1912 [ 173EE0192B8A172D1E7AEA6F36E1058E ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
14:40:50.0848 1912 BsScanner - ok
14:40:50.0899 1912 [ 7951E867B9C89A2F4156F3AB8FD28E82 ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
14:40:50.0908 1912 BsUpdate - ok
14:40:50.0974 1912 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:40:50.0977 1912 BthEnum - ok
14:40:50.0999 1912 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:40:51.0002 1912 BTHMODEM - ok
14:40:51.0041 1912 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:40:51.0045 1912 BthPan - ok
14:40:51.0100 1912 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:40:51.0110 1912 BTHPORT - ok
14:40:51.0160 1912 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:40:51.0163 1912 bthserv - ok
14:40:51.0232 1912 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:40:51.0235 1912 BTHUSB - ok
14:40:51.0271 1912 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
14:40:51.0274 1912 btusbflt - ok
14:40:51.0305 1912 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:40:51.0309 1912 btwaudio - ok
14:40:51.0347 1912 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
14:40:51.0352 1912 btwavdt - ok
14:40:51.0419 1912 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:40:51.0438 1912 btwdins - ok
14:40:51.0478 1912 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:40:51.0481 1912 btwl2cap - ok
14:40:51.0522 1912 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:40:51.0524 1912 btwrchid - ok
14:40:51.0573 1912 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:40:51.0577 1912 cdfs - ok
14:40:51.0640 1912 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:40:51.0644 1912 cdrom - ok
14:40:51.0695 1912 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:40:51.0699 1912 CertPropSvc - ok
14:40:51.0748 1912 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:40:51.0750 1912 circlass - ok
14:40:51.0804 1912 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:40:51.0812 1912 CLFS - ok
14:40:51.0866 1912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:51.0877 1912 clr_optimization_v2.0.50727_32 - ok
14:40:51.0948 1912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:40:52.0004 1912 clr_optimization_v4.0.30319_32 - ok
14:40:52.0056 1912 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:40:52.0058 1912 CmBatt - ok
14:40:52.0087 1912 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:40:52.0090 1912 cmdide - ok
14:40:52.0145 1912 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
14:40:52.0155 1912 CNG - ok
14:40:52.0202 1912 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:40:52.0205 1912 Compbatt - ok
14:40:52.0263 1912 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:40:52.0266 1912 CompositeBus - ok
14:40:52.0288 1912 COMSysApp - ok
14:40:52.0342 1912 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:40:52.0345 1912 crcdisk - ok
14:40:52.0407 1912 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:40:52.0413 1912 CryptSvc - ok
14:40:52.0473 1912 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:40:52.0497 1912 DcomLaunch - ok
14:40:52.0539 1912 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:40:52.0547 1912 defragsvc - ok
14:40:52.0603 1912 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:40:52.0607 1912 DfsC - ok
14:40:52.0633 1912 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:40:52.0642 1912 Dhcp - ok
14:40:52.0683 1912 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:40:52.0685 1912 discache - ok
14:40:52.0737 1912 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:40:52.0740 1912 Disk - ok
14:40:52.0802 1912 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:40:52.0808 1912 Dnscache - ok
14:40:52.0870 1912 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:40:52.0880 1912 dot3svc - ok
14:40:52.0943 1912 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:40:52.0950 1912 DPS - ok
14:40:53.0006 1912 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:40:53.0008 1912 drmkaud - ok
14:40:53.0075 1912 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:40:53.0097 1912 DXGKrnl - ok
14:40:53.0154 1912 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:40:53.0160 1912 EapHost - ok
14:40:53.0310 1912 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:40:53.0415 1912 ebdrv - ok
14:40:53.0476 1912 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
14:40:53.0483 1912 EFS - ok
14:40:53.0545 1912 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:40:53.0556 1912 elxstor - ok
14:40:53.0608 1912 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:40:53.0611 1912 ErrDev - ok
14:40:53.0711 1912 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:40:53.0722 1912 EventSystem - ok
14:40:53.0768 1912 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:40:53.0773 1912 exfat - ok
14:40:53.0829 1912 Fabs - ok
14:40:53.0847 1912 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:40:53.0855 1912 fastfat - ok
14:40:53.0921 1912 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:40:53.0945 1912 Fax - ok
14:40:53.0986 1912 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:40:53.0989 1912 fdc - ok
14:40:54.0034 1912 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:40:54.0039 1912 fdPHost - ok
14:40:54.0052 1912 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:40:54.0058 1912 FDResPub - ok
14:40:54.0086 1912 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:40:54.0089 1912 FileInfo - ok
14:40:54.0220 1912 [ 2B0BCCF997721163E97889DC56EFDBDE ] FileOpenManagerService C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe
14:40:54.0225 1912 FileOpenManagerService - ok
14:40:54.0251 1912 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:40:54.0255 1912 Filetrace - ok
14:40:54.0377 1912 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:40:54.0511 1912 FirebirdServerMAGIXInstance - ok
14:40:54.0558 1912 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:40:54.0560 1912 flpydisk - ok
14:40:54.0624 1912 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:40:54.0629 1912 FltMgr - ok
14:40:54.0704 1912 [ AA85D09261FBF080CD9415853BD7B559 ] FontCache C:\Windows\system32\FntCache.dll
14:40:54.0746 1912 FontCache - ok
14:40:54.0841 1912 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:40:54.0845 1912 FontCache3.0.0.0 - ok
14:40:54.0885 1912 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:40:54.0887 1912 FsDepends - ok
14:40:54.0940 1912 [ 01BB4A70EA1F47422C1646B06164A8FB ] fspad_wlh32 C:\Windows\system32\DRIVERS\fspad_wlh32.sys
14:40:54.0943 1912 fspad_wlh32 - ok
14:40:54.0984 1912 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:40:54.0986 1912 Fs_Rec - ok
14:40:55.0042 1912 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:40:55.0047 1912 fvevol - ok
14:40:55.0098 1912 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:40:55.0101 1912 gagp30kx - ok
14:40:55.0163 1912 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:40:55.0165 1912 GEARAspiWDM - ok
14:40:55.0225 1912 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:40:55.0245 1912 gpsvc - ok
14:40:55.0313 1912 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:40:55.0316 1912 hamachi - ok
14:40:55.0450 1912 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:40:55.0498 1912 Hamachi2Svc - ok
14:40:55.0543 1912 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:40:55.0546 1912 hcw85cir - ok
14:40:55.0607 1912 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:40:55.0614 1912 HdAudAddService - ok
14:40:55.0647 1912 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:40:55.0651 1912 HDAudBus - ok
14:40:55.0664 1912 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:40:55.0670 1912 HidBatt - ok
14:40:55.0715 1912 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:40:55.0719 1912 HidBth - ok
14:40:55.0753 1912 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:40:55.0757 1912 HidIr - ok
14:40:55.0799 1912 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:40:55.0804 1912 hidserv - ok
14:40:55.0861 1912 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:40:55.0863 1912 HidUsb - ok
14:40:55.0916 1912 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:40:55.0924 1912 hkmsvc - ok
14:40:55.0981 1912 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:40:55.0989 1912 HomeGroupListener - ok
14:40:56.0020 1912 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:40:56.0032 1912 HomeGroupProvider - ok
14:40:56.0082 1912 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:40:56.0085 1912 HpSAMD - ok
14:40:56.0140 1912 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:40:56.0151 1912 HTTP - ok
14:40:56.0194 1912 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:40:56.0196 1912 hwpolicy - ok
14:40:56.0253 1912 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:40:56.0257 1912 i8042prt - ok
14:40:56.0322 1912 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:40:56.0330 1912 iaStorV - ok
14:40:56.0459 1912 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:40:56.0463 1912 IDriverT - ok
14:40:56.0542 1912 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:40:56.0577 1912 idsvc - ok
14:40:56.0745 1912 [ E21A74A91F7AA3BB2E985C4CDDCA63F2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:40:56.0870 1912 igfx - ok
14:40:56.0903 1912 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:40:56.0906 1912 iirsp - ok
14:40:56.0978 1912 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
14:40:56.0999 1912 IKEEXT - ok
14:40:57.0133 1912 [ 09BF2EFC833A4848665E439EB4DB3331 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:40:57.0221 1912 IntcAzAudAddService - ok
14:40:57.0257 1912 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:40:57.0259 1912 intelide - ok
14:40:57.0312 1912 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:40:57.0315 1912 intelppm - ok
14:40:57.0358 1912 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:40:57.0365 1912 IPBusEnum - ok
14:40:57.0425 1912 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:40:57.0429 1912 IpFilterDriver - ok
14:40:57.0506 1912 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:40:57.0518 1912 iphlpsvc - ok
14:40:57.0565 1912 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:40:57.0568 1912 IPMIDRV - ok
14:40:57.0600 1912 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:40:57.0603 1912 IPNAT - ok
14:40:57.0689 1912 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:40:57.0723 1912 iPod Service - ok
14:40:57.0775 1912 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:40:57.0778 1912 IRENUM - ok
14:40:57.0800 1912 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:40:57.0803 1912 isapnp - ok
14:40:57.0853 1912 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:40:57.0859 1912 iScsiPrt - ok
14:40:57.0909 1912 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:40:57.0912 1912 kbdclass - ok
14:40:57.0955 1912 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:40:57.0958 1912 kbdhid - ok
14:40:57.0987 1912 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
14:40:57.0992 1912 KeyIso - ok
14:40:58.0044 1912 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:40:58.0048 1912 KSecDD - ok
14:40:58.0099 1912 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:40:58.0103 1912 KSecPkg - ok
14:40:58.0156 1912 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:40:58.0167 1912 KtmRm - ok
14:40:58.0216 1912 [ 3705B2273E8EFC9A707864AB7324B614 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
14:40:58.0219 1912 L1C - ok
14:40:58.0263 1912 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
14:40:58.0274 1912 LanmanServer - ok
14:40:58.0295 1912 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:40:58.0307 1912 LanmanWorkstation - ok
14:40:58.0358 1912 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:40:58.0361 1912 lltdio - ok
14:40:58.0397 1912 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:40:58.0405 1912 lltdsvc - ok
14:40:58.0437 1912 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:40:58.0443 1912 lmhosts - ok
14:40:58.0506 1912 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:40:58.0511 1912 LSI_FC - ok
14:40:58.0561 1912 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:40:58.0565 1912 LSI_SAS - ok
14:40:58.0604 1912 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:40:58.0607 1912 LSI_SAS2 - ok
14:40:58.0658 1912 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:40:58.0661 1912 LSI_SCSI - ok
14:40:58.0704 1912 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:40:58.0708 1912 luafv - ok
14:40:58.0731 1912 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:40:58.0734 1912 megasas - ok
14:40:58.0799 1912 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:40:58.0806 1912 MegaSR - ok
14:40:58.0839 1912 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:40:58.0845 1912 MMCSS - ok
14:40:58.0870 1912 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:40:58.0873 1912 Modem - ok
14:40:58.0904 1912 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:40:58.0907 1912 monitor - ok
14:40:58.0930 1912 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:40:58.0932 1912 mouclass - ok
14:40:58.0971 1912 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:40:58.0974 1912 mouhid - ok
14:40:59.0030 1912 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:40:59.0033 1912 mountmgr - ok
14:40:59.0124 1912 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:40:59.0128 1912 MozillaMaintenance - ok
14:40:59.0158 1912 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:40:59.0162 1912 mpio - ok
14:40:59.0205 1912 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:40:59.0208 1912 mpsdrv - ok
14:40:59.0294 1912 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:40:59.0315 1912 MpsSvc - ok
14:40:59.0362 1912 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:40:59.0365 1912 MRxDAV - ok
14:40:59.0431 1912 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:40:59.0435 1912 mrxsmb - ok
14:40:59.0489 1912 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:40:59.0495 1912 mrxsmb10 - ok
14:40:59.0519 1912 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:40:59.0523 1912 mrxsmb20 - ok
14:40:59.0570 1912 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:40:59.0573 1912 msahci - ok
14:40:59.0612 1912 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:40:59.0616 1912 msdsm - ok
14:40:59.0658 1912 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:40:59.0666 1912 MSDTC - ok
14:40:59.0727 1912 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:40:59.0730 1912 Msfs - ok
14:40:59.0751 1912 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:40:59.0753 1912 mshidkmdf - ok
14:40:59.0789 1912 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:40:59.0791 1912 msisadrv - ok
14:40:59.0831 1912 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:40:59.0838 1912 MSiSCSI - ok
14:40:59.0851 1912 msiserver - ok
14:40:59.0888 1912 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:40:59.0891 1912 MSKSSRV - ok
14:40:59.0911 1912 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:40:59.0915 1912 MSPCLOCK - ok
14:40:59.0942 1912 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:40:59.0945 1912 MSPQM - ok
14:40:59.0975 1912 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:40:59.0980 1912 MsRPC - ok
14:41:00.0039 1912 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:41:00.0041 1912 mssmbios - ok
14:41:00.0154 1912 MSSQL$SQLEXPRESS - ok
14:41:00.0262 1912 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:41:00.0281 1912 MSSQLServerADHelper100 - ok
14:41:00.0330 1912 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:41:00.0333 1912 MSTEE - ok
14:41:00.0376 1912 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:41:00.0379 1912 MTConfig - ok
14:41:00.0408 1912 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:41:00.0411 1912 Mup - ok
14:41:00.0459 1912 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:41:00.0472 1912 napagent - ok
14:41:00.0511 1912 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:41:00.0518 1912 NativeWifiP - ok
14:41:00.0598 1912 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:41:00.0618 1912 NDIS - ok
14:41:00.0661 1912 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:41:00.0664 1912 NdisCap - ok
14:41:00.0697 1912 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:41:00.0700 1912 NdisTapi - ok
14:41:00.0749 1912 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:41:00.0751 1912 Ndisuio - ok
14:41:00.0792 1912 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:41:00.0796 1912 NdisWan - ok
14:41:00.0844 1912 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:41:00.0847 1912 NDProxy - ok
14:41:00.0865 1912 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:41:00.0868 1912 NetBIOS - ok
14:41:00.0915 1912 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:41:00.0920 1912 NetBT - ok
14:41:00.0942 1912 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
14:41:00.0947 1912 Netlogon - ok
14:41:00.0997 1912 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:41:01.0010 1912 Netman - ok
14:41:01.0062 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:41:01.0107 1912 NetMsmqActivator - ok
14:41:01.0117 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:41:01.0121 1912 NetPipeActivator - ok
14:41:01.0142 1912 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:41:01.0154 1912 netprofm - ok
14:41:01.0166 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:41:01.0170 1912 NetTcpActivator - ok
14:41:01.0184 1912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:41:01.0188 1912 NetTcpPortSharing - ok
14:41:01.0228 1912 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:41:01.0231 1912 nfrd960 - ok
14:41:01.0284 1912 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:41:01.0294 1912 NlaSvc - ok
14:41:01.0386 1912 [ DD8B7B1EEFE8D36CD9F070619CBB66C2 ] NovaShieldFilterDriver C:\Windows\system32\DRIVERS\NSKernel.sys
14:41:01.0391 1912 NovaShieldFilterDriver - ok
14:41:01.0418 1912 [ F137D033742CE16FA8AAF974A899AAF2 ] NovaShieldTDIDriver C:\Windows\system32\DRIVERS\NSNetmon.sys
14:41:01.0420 1912 NovaShieldTDIDriver - ok
14:41:01.0464 1912 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:41:01.0467 1912 Npfs - ok
14:41:01.0515 1912 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:41:01.0522 1912 nsi - ok
14:41:01.0534 1912 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:41:01.0540 1912 nsiproxy - ok
14:41:01.0625 1912 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:41:01.0660 1912 Ntfs - ok
14:41:01.0680 1912 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:41:01.0683 1912 Null - ok
14:41:01.0730 1912 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:41:01.0734 1912 nvraid - ok
14:41:01.0788 1912 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:41:01.0792 1912 nvstor - ok
14:41:01.0841 1912 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:41:01.0845 1912 nv_agp - ok
14:41:01.0877 1912 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:41:01.0880 1912 ohci1394 - ok
14:41:01.0930 1912 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:41:01.0941 1912 p2pimsvc - ok
14:41:01.0969 1912 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:41:01.0981 1912 p2psvc - ok
14:41:02.0020 1912 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:41:02.0024 1912 Parport - ok
14:41:02.0073 1912 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:41:02.0078 1912 partmgr - ok
14:41:02.0109 1912 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:41:02.0111 1912 Parvdm - ok
14:41:02.0344 1912 [ 0C7B85E8655E2774466E941B42AD9121 ] pc essentials C:\Program Files\pc essentials\updater.exe
14:41:02.0513 1912 pc essentials - ok
14:41:02.0591 1912 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:41:02.0600 1912 PcaSvc - ok
14:41:02.0628 1912 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:41:02.0633 1912 pci - ok
14:41:02.0679 1912 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:41:02.0682 1912 pciide - ok
14:41:02.0729 1912 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:41:02.0734 1912 pcmcia - ok
14:41:02.0771 1912 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:41:02.0774 1912 pcw - ok
14:41:02.0810 1912 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:41:02.0822 1912 PEAUTH - ok
14:41:02.0948 1912 [ E0297D369962F00E52BBACE14A554DF5 ] PhotoshopElementsDeviceConnect C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
14:41:02.0952 1912 PhotoshopElementsDeviceConnect - ok
14:41:03.0044 1912 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:41:03.0089 1912 pla - ok
14:41:03.0160 1912 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:41:03.0173 1912 PlugPlay - ok
14:41:03.0212 1912 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:41:03.0220 1912 PNRPAutoReg - ok
14:41:03.0252 1912 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:41:03.0261 1912 PNRPsvc - ok
14:41:03.0308 1912 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:41:03.0318 1912 PolicyAgent - ok
14:41:03.0369 1912 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:41:03.0379 1912 Power - ok
14:41:03.0417 1912 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:41:03.0420 1912 PptpMiniport - ok
14:41:03.0444 1912 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:41:03.0447 1912 Processor - ok
14:41:03.0494 1912 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:41:03.0504 1912 ProfSvc - ok
14:41:03.0520 1912 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:41:03.0525 1912 ProtectedStorage - ok
14:41:03.0571 1912 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:41:03.0575 1912 Psched - ok
14:41:03.0628 1912 [ B5DFB86A6CAEAE9B2BF3DEDB43BE6393 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:41:03.0630 1912 PxHelp20 - ok
14:41:03.0705 1912 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:41:03.0751 1912 ql2300 - ok
14:41:03.0796 1912 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:41:03.0800 1912 ql40xx - ok
14:41:03.0841 1912 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:41:03.0853 1912 QWAVE - ok
14:41:03.0883 1912 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:41:03.0886 1912 QWAVEdrv - ok
14:41:03.0913 1912 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:41:03.0915 1912 RasAcd - ok
14:41:03.0969 1912 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:41:03.0972 1912 RasAgileVpn - ok
14:41:04.0009 1912 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:41:04.0017 1912 RasAuto - ok
14:41:04.0048 1912 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:41:04.0051 1912 Rasl2tp - ok
14:41:04.0112 1912 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:41:04.0124 1912 RasMan - ok
14:41:04.0144 1912 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:41:04.0149 1912 RasPppoe - ok
14:41:04.0163 1912 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:41:04.0168 1912 RasSstp - ok
14:41:04.0226 1912 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:41:04.0231 1912 rdbss - ok
14:41:04.0265 1912 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:41:04.0268 1912 rdpbus - ok
14:41:04.0318 1912 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:41:04.0320 1912 RDPCDD - ok
14:41:04.0374 1912 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:41:04.0377 1912 RDPENCDD - ok
14:41:04.0402 1912 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:41:04.0405 1912 RDPREFMP - ok
14:41:04.0451 1912 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:41:04.0456 1912 RDPWD - ok
14:41:04.0513 1912 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:41:04.0518 1912 rdyboost - ok
14:41:04.0555 1912 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:41:04.0562 1912 RemoteAccess - ok
14:41:04.0602 1912 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:41:04.0614 1912 RemoteRegistry - ok
14:41:04.0654 1912 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:41:04.0658 1912 RFCOMM - ok
14:41:04.0752 1912 [ 999AA77152F16A40A5727FC657EF66C3 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
14:41:04.0759 1912 RichVideo - ok
14:41:04.0810 1912 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:41:04.0818 1912 RpcEptMapper - ok
14:41:04.0863 1912 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:41:04.0871 1912 RpcLocator - ok
14:41:04.0906 1912 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:41:04.0917 1912 RpcSs - ok
14:41:04.0985 1912 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
14:41:04.0992 1912 RsFx0103 - ok
14:41:05.0043 1912 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:41:05.0046 1912 rspndr - ok
14:41:05.0108 1912 [ 44B7739F2D623AD6FB46755BB60351A4 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
14:41:05.0139 1912 rtl8192se - ok
14:41:05.0164 1912 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
14:41:05.0169 1912 SamSs - ok
14:41:05.0221 1912 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:41:05.0224 1912 sbp2port - ok
14:41:05.0258 1912 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:41:05.0268 1912 SCardSvr - ok
14:41:05.0288 1912 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:41:05.0291 1912 scfilter - ok
14:41:05.0352 1912 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:41:05.0386 1912 Schedule - ok
14:41:05.0429 1912 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:41:05.0431 1912 SCPolicySvc - ok
14:41:05.0471 1912 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:41:05.0481 1912 SDRSVC - ok
14:41:05.0521 1912 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:41:05.0523 1912 secdrv - ok
14:41:05.0563 1912 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:41:05.0571 1912 seclogon - ok
14:41:05.0603 1912 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:41:05.0614 1912 SENS - ok
14:41:05.0643 1912 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:41:05.0646 1912 Serenum - ok
14:41:05.0698 1912 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:41:05.0701 1912 Serial - ok
14:41:05.0753 1912 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:41:05.0755 1912 sermouse - ok
14:41:05.0820 1912 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:41:05.0830 1912 SessionEnv - ok
14:41:05.0875 1912 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:41:05.0878 1912 sffdisk - ok
14:41:05.0905 1912 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:41:05.0908 1912 sffp_mmc - ok
14:41:05.0929 1912 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:41:05.0931 1912 sffp_sd - ok
14:41:05.0971 1912 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:41:05.0974 1912 sfloppy - ok
14:41:06.0010 1912 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:41:06.0020 1912 SharedAccess - ok
14:41:06.0073 1912 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:41:06.0086 1912 ShellHWDetection - ok
14:41:06.0141 1912 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:41:06.0145 1912 sisagp - ok
14:41:06.0198 1912 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:41:06.0201 1912 SiSRaid2 - ok
14:41:06.0244 1912 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:41:06.0247 1912 SiSRaid4 - ok
14:41:06.0333 1912 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:41:06.0337 1912 SkypeUpdate - ok
14:41:06.0394 1912 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:41:06.0398 1912 Smb - ok
14:41:06.0463 1912 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:41:06.0471 1912 SNMPTRAP - ok
14:41:06.0488 1912 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:41:06.0491 1912 spldr - ok
14:41:06.0547 1912 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:41:06.0560 1912 Spooler - ok
14:41:06.0693 1912 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:41:06.0784 1912 sppsvc - ok
14:41:06.0843 1912 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:41:06.0852 1912 sppuinotify - ok
14:41:06.0919 1912 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:41:06.0942 1912 SQLAgent$SQLEXPRESS - ok
14:41:07.0038 1912 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:41:07.0062 1912 SQLBrowser - ok
14:41:07.0141 1912 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:41:07.0144 1912 SQLWriter - ok
14:41:07.0203 1912 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:41:07.0210 1912 srv - ok
14:41:07.0255 1912 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:41:07.0262 1912 srv2 - ok
14:41:07.0276 1912 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:41:07.0282 1912 srvnet - ok
14:41:07.0337 1912 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:41:07.0348 1912 SSDPSRV - ok
14:41:07.0363 1912 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:41:07.0374 1912 SstpSvc - ok
14:41:07.0416 1912 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:41:07.0419 1912 stexstor - ok
14:41:07.0475 1912 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:41:07.0497 1912 StiSvc - ok
14:41:07.0543 1912 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
14:41:07.0546 1912 swenum - ok
14:41:07.0570 1912 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:41:07.0583 1912 swprv - ok
14:41:07.0654 1912 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:41:07.0702 1912 SysMain - ok
14:41:07.0751 1912 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:41:07.0760 1912 TabletInputService - ok
14:41:07.0803 1912 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:41:07.0815 1912 TapiSrv - ok
14:41:07.0864 1912 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:41:07.0874 1912 TBS - ok
14:41:07.0949 1912 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:41:07.0984 1912 Tcpip - ok
14:41:08.0041 1912 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:41:08.0056 1912 TCPIP6 - ok
14:41:08.0111 1912 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:41:08.0115 1912 tcpipreg - ok
14:41:08.0171 1912 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:41:08.0173 1912 TDPIPE - ok
14:41:08.0217 1912 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:41:08.0220 1912 TDTCP - ok
14:41:08.0267 1912 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:41:08.0270 1912 tdx - ok
14:41:08.0295 1912 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:41:08.0298 1912 TermDD - ok
14:41:08.0354 1912 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:41:08.0377 1912 TermService - ok
14:41:08.0422 1912 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:41:08.0431 1912 Themes - ok
14:41:08.0450 1912 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:41:08.0455 1912 THREADORDER - ok
14:41:08.0471 1912 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:41:08.0481 1912 TrkWks - ok
14:41:08.0562 1912 [ D391F1171A2E3A7080DF6FAAE7A20C0B ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
14:41:08.0569 1912 Trufos - ok
14:41:08.0663 1912 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:41:08.0668 1912 TrustedInstaller - ok
14:41:08.0723 1912 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:41:08.0726 1912 tssecsrv - ok
14:41:08.0788 1912 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:41:08.0791 1912 TsUsbFlt - ok
14:41:08.0851 1912 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:41:08.0854 1912 tunnel - ok
14:41:08.0894 1912 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:41:08.0899 1912 uagp35 - ok
14:41:08.0941 1912 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:41:08.0947 1912 udfs - ok
14:41:09.0010 1912 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:41:09.0019 1912 UI0Detect - ok
14:41:09.0053 1912 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:41:09.0057 1912 uliagpkx - ok
14:41:09.0085 1912 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
14:41:09.0089 1912 umbus - ok
14:41:09.0136 1912 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:41:09.0152 1912 UmPass - ok
14:41:09.0202 1912 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:41:09.0215 1912 upnphost - ok
14:41:09.0275 1912 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
14:41:09.0279 1912 USBAAPL - ok
14:41:09.0324 1912 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:41:09.0327 1912 usbccgp - ok
14:41:09.0377 1912 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:41:09.0381 1912 usbcir - ok
14:41:09.0407 1912 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:41:09.0410 1912 usbehci - ok
14:41:09.0448 1912 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:41:09.0454 1912 usbhub - ok
14:41:09.0509 1912 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:41:09.0512 1912 usbohci - ok
14:41:09.0552 1912 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:41:09.0555 1912 usbprint - ok
14:41:09.0580 1912 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:41:09.0584 1912 USBSTOR - ok
14:41:09.0617 1912 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:41:09.0620 1912 usbuhci - ok
14:41:09.0690 1912 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:41:09.0694 1912 usbvideo - ok
14:41:09.0745 1912 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:41:09.0755 1912 UxSms - ok
14:41:09.0797 1912 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
14:41:09.0802 1912 VaultSvc - ok
14:41:09.0839 1912 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:41:09.0842 1912 vdrvroot - ok
14:41:09.0897 1912 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:41:09.0920 1912 vds - ok
14:41:09.0963 1912 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:41:09.0966 1912 vga - ok
14:41:10.0012 1912 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:41:10.0014 1912 VgaSave - ok
14:41:10.0067 1912 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:41:10.0072 1912 vhdmp - ok
14:41:10.0115 1912 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:41:10.0119 1912 viaagp - ok
14:41:10.0173 1912 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:41:10.0177 1912 ViaC7 - ok
14:41:10.0213 1912 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:41:10.0216 1912 viaide - ok
14:41:10.0260 1912 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:41:10.0263 1912 volmgr - ok
14:41:10.0298 1912 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:41:10.0306 1912 volmgrx - ok
14:41:10.0350 1912 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:41:10.0357 1912 volsnap - ok
14:41:10.0409 1912 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:41:10.0414 1912 vsmraid - ok
14:41:10.0492 1912 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:41:10.0526 1912 VSS - ok
14:41:10.0564 1912 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:41:10.0567 1912 vwifibus - ok
14:41:10.0589 1912 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:41:10.0593 1912 vwififlt - ok
14:41:10.0630 1912 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:41:10.0633 1912 vwifimp - ok
14:41:10.0679 1912 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:41:10.0693 1912 W32Time - ok
14:41:10.0733 1912 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:41:10.0736 1912 WacomPen - ok
14:41:10.0778 1912 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:41:10.0781 1912 WANARP - ok
14:41:10.0791 1912 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:41:10.0794 1912 Wanarpv6 - ok
14:41:10.0870 1912 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:41:10.0917 1912 wbengine - ok
14:41:10.0969 1912 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:41:10.0980 1912 WbioSrvc - ok
14:41:11.0029 1912 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:41:11.0042 1912 wcncsvc - ok
14:41:11.0071 1912 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:41:11.0081 1912 WcsPlugInService - ok
14:41:11.0108 1912 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:41:11.0111 1912 Wd - ok
14:41:11.0177 1912 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:41:11.0188 1912 Wdf01000 - ok
14:41:11.0222 1912 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:41:11.0232 1912 WdiServiceHost - ok
14:41:11.0242 1912 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:41:11.0255 1912 WdiSystemHost - ok
14:41:11.0364 1912 [ F4A9476AA49B69D28BE439C64F96C714 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
14:41:11.0369 1912 Web Assistant Updater - ok
14:41:11.0420 1912 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
14:41:11.0443 1912 WebClient - ok
14:41:11.0470 1912 WebOptimizer - ok
14:41:11.0515 1912 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:41:11.0526 1912 Wecsvc - ok
14:41:11.0554 1912 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:41:11.0564 1912 wercplsupport - ok
14:41:11.0597 1912 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:41:11.0606 1912 WerSvc - ok
14:41:11.0640 1912 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:41:11.0643 1912 WfpLwf - ok
14:41:11.0672 1912 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:41:11.0675 1912 WIMMount - ok
14:41:11.0762 1912 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:41:11.0774 1912 WinDefend - ok
14:41:11.0800 1912 WinHttpAutoProxySvc - ok
14:41:11.0873 1912 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:41:11.0881 1912 Winmgmt - ok
14:41:11.0961 1912 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:41:12.0006 1912 WinRM - ok
14:41:12.0088 1912 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:41:12.0092 1912 WinUsb - ok
14:41:12.0150 1912 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:41:12.0197 1912 Wlansvc - ok
14:41:12.0323 1912 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:41:12.0369 1912 wlidsvc - ok
14:41:12.0420 1912 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:41:12.0423 1912 WmiAcpi - ok
14:41:12.0482 1912 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:41:12.0486 1912 wmiApSrv - ok
14:41:12.0586 1912 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:41:12.0620 1912 WMPNetworkSvc - ok
14:41:12.0679 1912 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:41:12.0689 1912 WPCSvc - ok
14:41:12.0741 1912 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:41:12.0751 1912 WPDBusEnum - ok
14:41:12.0782 1912 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:41:12.0785 1912 ws2ifsl - ok
14:41:12.0803 1912 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
14:41:12.0814 1912 wscsvc - ok
14:41:12.0828 1912 WSearch - ok
14:41:12.0939 1912 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:41:13.0007 1912 wuauserv - ok
14:41:13.0058 1912 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:41:13.0062 1912 WudfPf - ok
14:41:13.0098 1912 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:41:13.0103 1912 WUDFRd - ok
14:41:13.0161 1912 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:41:13.0174 1912 wudfsvc - ok
14:41:13.0234 1912 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:41:13.0247 1912 WwanSvc - ok
14:41:13.0311 1912 ================ Scan global ===============================
14:41:13.0360 1912 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:41:13.0405 1912 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
14:41:13.0438 1912 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
14:41:13.0490 1912 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:41:13.0530 1912 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:41:13.0541 1912 [Global] - ok
14:41:13.0542 1912 ================ Scan MBR ==================================
14:41:13.0557 1912 [ D4235019B9CC6FCAC77D4C80F1FA6E89 ] \Device\Harddisk0\DR0
14:41:22.0543 1912 \Device\Harddisk0\DR0 - ok
14:41:22.0544 1912 ================ Scan VBR ==================================
14:41:22.0551 1912 [ DA5516775A07F69A332033049865B2DF ] \Device\Harddisk0\DR0\Partition1
14:41:22.0555 1912 \Device\Harddisk0\DR0\Partition1 - ok
14:41:22.0604 1912 [ F63467ABCEFF98E960D5CC660B2146DF ] \Device\Harddisk0\DR0\Partition2
14:41:22.0607 1912 \Device\Harddisk0\DR0\Partition2 - ok
14:41:22.0648 1912 [ FA6707864A6ABB94C0458B46B84C3B9E ] \Device\Harddisk0\DR0\Partition3
14:41:22.0651 1912 \Device\Harddisk0\DR0\Partition3 - ok
14:41:22.0652 1912 ============================================================
14:41:22.0652 1912 Scan finished
14:41:22.0652 1912 ============================================================
14:41:22.0678 1452 Detected object count: 0
14:41:22.0678 1452 Actual detected object count: 0
14:43:44.0832 2476 Deinitialize success
|
|
| Themen zu Attention Required; Google, Youtube und viele andere Websiten sind gesperrt |
| andere, anderes, attention, attention required, drücke, einzige, gesperrt, google, html, konnte, könntet, leiste, meldung, required, schnell, website, websiten, youtube |
Linear-Darstellung
