| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Agent.464.4 auf meinem Rechner, inzwischen in QuarantäneWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.04.2013, 11:16
| #1 |
 |  TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo liebe Leute! Ich habe mich heute erst in diesem Forum angemeldet. Vorweg: ich finde es toll, dass hier so viele Leute anderen Menschen mit ihren digitalen Problemen helfen! Nun zu meinem Problem: mein Antivirenprogramm (Avira Free Antivirius, ja ich weiß, gefällt nicht jedem. Ich weiß aber auch nicht, welches Programm wirklich gut ist, da scheinen die Meinungen auseinander zu gehen) hat bei einem Scan entdeckt: TR/Agent.464.4 Etwas besorgt habe ich angefangen im Netz danach zu suchen und bin dabei auch auf eure Seite gestoßen. Euren Regeln entsprechend habe ich den Trojaner unter Quarantäne stellen lassen. Mithilfe der Suchfunktion dieses Boards habe ich 2 Einträge zu diesem Trojaner gefunden, die empfohlenen Reaktionen gingen auseinander, deshalb starte ich hier ein neues Thema. Wenn dies unnötig war, dann tut mir dies leid! Ich habe die empfohlenen Programme heruntergeladen und die jeweiligen Scans durchgeführt (malwarebytes antimalware, defogger, OTL, GMR). Dies hat mit dem Programm GMR meines Erachtens nicht richtig funktioniert (es wurde stundenlang gescannt, aber keine Protokolldatei erstellt). Vielleicht habe ich aber ja auch etwas falsch gemacht. Über den defogger wurde die deamontoolbar (soweit ich weiß, ein virtuelles CD-Laufwerk-Programm) deinstalliert. Ich habe festgestellt, dass der Internet Explorer nicht mehr funktioniert (wegen des Web-Browserschutzes). Der Avira Browserschutz war kurz vorher auch deaktiviert, da die Toolbar (Ask-Toolbar) deaktiviert wurde (wie das genau geschehen ist, weiß ich nicht, ich weiß auch gar nicht, was eine Toolbar ist und macht :-) ). Die Toolbar und den Browserschutz konnte ich wieder aktivieren, damit läuft Mozilla Firefox wieder, Google Chrome funktionierte (soweit ich weiß) die ganze Zeit, der Internet Explorer nach wie vor nicht. Mein Betriebssystem ist Windows Vista (SP2). Ich bin auch deshalb beunruhigt, da meine Freundin vor ein paar Tagen auf eine "Phishing-Mail" (heißt das so?) hereingefallen ist. Es war eine falsche Paypal-E-Mail, bei der sie leider ihre Kontoverbindung sowie E-Mail-Adresse, Name und Adresse angegeben hat (glücklicherweise keine Passwörter). Ich habe bei der Hotline von Paypal als auch unserer Bank angerufen (bei der wir auch das online-banking nutzen), beide meinten, es könne soweit nichts passieren (außer Lastschriftabbuchungen, die Rückgängig gemacht werden könnten). Ich bin mir nicht so sicher, ob das stimmt :-) Ich hoffe, das sind alle relevanten Informationen, ich hoffe, ich habe nicht zu viel geschwafelt. Ich hänge an meinen Beitrag die Avira-Reportdatei, die OTL Dateien und die Extras Datei an. Wenn noch etwas fehlen sollte, versuche ich natürlich, das Fehlende nachzutragen. Schon im vorraus möchte ich mich herzlich für eure Hilfe Bedanken! Mit besten Grüßen, Ciarán |
|
04.04.2013, 11:27
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
04.04.2013, 11:47
| #3 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo cosinus!
__________________Herzlichen Dank für deine Antwort! Ich hatte versucht, die Protokolldateien direkt in das Forum zu posten, allerdings sagte mir eine Fehlermeldung, dass mein Beitrag zu viele Zeichen enthalte. Deshalb habe ich die Protokolldateien gezippt angehängt. Ich habe es allerdings nicht mit code /code probiert. Wenn es hilft, kann ich natürlich auch mehrere Antworten absenden, jeweils mit eine Protokolldatei? Ich bin im Moment auf der Arbeit, deshalb kann ich die Schritte unter "Wichtig: Bitte alle Logs mit Funden posten" gerade nicth durchgehen. Sobald ich zuhause bin, werde ich dies angehen. Dann poste ich die entsprechenden Dateien hier. Herzlichen Dank schon mal für deine Mühen! Beste Grüße, Ciarán |
|
04.04.2013, 11:50
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Die schon im Anhang befindlichen Logs bitte nicht nochmal posten! Ich wollte nur wissen ob du noch weitere/andere Logs hast, wenn ja diese bitte in CODE-Tags posten
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.04.2013, 11:56
| #5 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Ah! Nein, ich habe nur die Log-Dateien. Ich hoffe das reicht? Beste Grüße! |
|
04.04.2013, 12:06
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne |
|
09.04.2013, 13:50
| #7 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo! Ich war einige Tage anderweitig beansprucht, deshalb kann ich jetzt erst antworten. Sorry! Ich habe GMER laufen lassen. Im "normalen" Windows Modus konnte ich das Log Ergebnis nicht speichern, es ließ sich kein Programm mehr öffnen, ich musste den Laptop über die Powertaste ausschalten. Ich habe dann, wie du es beschrieben hast, den Computer im abgesicherten Modus gestartet. Nun wurde ebenfalls der Scan durchgeführt, allerdings hat GMER mehrfach versucht, das CD-ROM-Laufwerk zu scannen. Nur der Button "Abbrechen" hat Wirkung gezeigt, gmer hat jeweils weitergescannt. Am Ende konnte die Log-Datei erstellt werden. Wenn ich dein letztes Posting richtig gelesen habe, soll ich diese Log-Datei hier nicht posten. Falls du diese Datei doch benötigst, poste ich sie natürlich gerne. Nach GMER habe ich MBAR laufen lassen. MBAR hat nach dem Scan angezeigt: "Congratulations, no cleanup is required! Scan finished: no maleware found!". Der Button Cleanup war für mich nicht anzuwählen, ich konnte das Programm nur über Exit verlassen. Wenn ich andere Postings hier im Forum richtig verstanden habe, dann soll ich angeforderte Log-Dateien posten, auch wenn es keinen Fund oder ähnliches gab. Dies möchte gerne tun. Ich habe zwei mal versucht, die Log-Datei in CODE-Tags in dieses Posting einzufügen. Es funktioniert bei mir nicht. Die Seite tut sehr lange Zeit nichts, danach ist der Trojaner-Board-Reiter in meinem Browser (Firefox) weiß. Deshalb hänge ich diese Log-Datei nun gezippt hier an. Ich hoffe, dass geht in Ordnung, im Moment sehe ich keine andere Möglichkeit dir die Log-Datei zugänglich zu machen. Soweit von mir, ich hoffe, dies hilft weiter. Herzlichen Dank für deine Mühen. Vielleicht hast du ja einen Rat für mich. Beste Grüße, Ciarán |
|
09.04.2013, 14:23
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.04.2013, 22:44
| #9 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo! Beide Programme konnten ohne Probleme durchgeführt werden. Hier die aswMBR Log-Datei und die TDSSKiller Log-Datei in CODE-Tags (ich habe keine Ahnung, warum es mir jetzt möglich ist, mit CODE-Tags zu posten) Danke und beste Grüße, Ciarán Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-09 22:38:32
-----------------------------
22:38:32.186 OS Version: Windows 6.0.6002 Service Pack 2
22:38:32.186 Number of processors: 2 586 0x301
22:38:32.186 ComputerName: CIARAN-PC UserName: Ciaran
22:38:32.919 Initialize success
22:40:02.892 AVAST engine defs: 13040900
22:53:21.877 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
22:53:21.893 Disk 0 Vendor: ST932032 0002 Size: 305245MB BusType: 8
22:53:22.111 Disk 0 MBR read successfully
22:53:22.111 Disk 0 MBR scan
22:53:22.127 Disk 0 unknown MBR code
22:53:22.127 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63
22:53:22.158 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 24579450
22:53:22.173 Disk 0 Partition - 00 0F Extended LBA 140623 MB offset 337140090
22:53:22.205 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 140623 MB offset 337140153
22:53:22.220 Disk 0 scanning sectors +625137345
22:53:22.470 Disk 0 scanning C:\Windows\system32\drivers
22:53:49.707 Service scanning
22:54:26.898 Modules scanning
22:54:32.592 Disk 0 trace - called modules:
22:54:32.623 ntkrnlpa.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix86s.sys
22:54:32.639 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fc12f0]
22:54:32.639 3 CLASSPNP.SYS[8a7a28b3] -> nt!IofCallDriver -> \Device\00000063[0x858e2958]
22:54:34.199 AVAST engine scan C:\Windows
22:54:38.161 AVAST engine scan C:\Windows\system32
23:00:35.123 AVAST engine scan C:\Windows\system32\drivers
23:01:06.666 AVAST engine scan C:\Users\Ciaran
23:23:26.193 AVAST engine scan C:\ProgramData
23:26:52.768 Scan finished successfully
23:27:11.004 Disk 0 MBR has been saved successfully to "C:\Users\Ciaran\Desktop\MBR.dat"
23:27:11.004 The log file has been saved successfully to "C:\Users\Ciaran\Desktop\aswMBR.txt"
Code:
ATTFilter 23:31:41.0967 4716 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:31:42.0123 4716 ============================================================
23:31:42.0123 4716 Current date / time: 2013/04/09 23:31:42.0123
23:31:42.0123 4716 SystemInfo:
23:31:42.0123 4716
23:31:42.0123 4716 OS Version: 6.0.6002 ServicePack: 2.0
23:31:42.0123 4716 Product type: Workstation
23:31:42.0123 4716 ComputerName: CIARAN-PC
23:31:42.0123 4716 UserName: Ciaran
23:31:42.0123 4716 Windows directory: C:\Windows
23:31:42.0123 4716 System windows directory: C:\Windows
23:31:42.0123 4716 Processor architecture: Intel x86
23:31:42.0123 4716 Number of processors: 2
23:31:42.0123 4716 Page size: 0x1000
23:31:42.0123 4716 Boot type: Normal boot
23:31:42.0123 4716 ============================================================
23:31:43.0308 4716 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:31:43.0355 4716 ============================================================
23:31:43.0355 4716 \Device\Harddisk0\DR0:
23:31:43.0371 4716 MBR partitions:
23:31:43.0371 4716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x12A14C00
23:31:43.0386 4716 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141859B9, BlocksNum 0x112A7D08
23:31:43.0386 4716 ============================================================
23:31:43.0480 4716 C: <-> \Device\Harddisk0\DR0\Partition1
23:31:43.0558 4716 D: <-> \Device\Harddisk0\DR0\Partition2
23:31:43.0558 4716 ============================================================
23:31:43.0558 4716 Initialize success
23:31:43.0558 4716 ============================================================
23:32:58.0329 5664 ============================================================
23:32:58.0329 5664 Scan started
23:32:58.0329 5664 Mode: Manual; SigCheck; TDLFS;
23:32:58.0329 5664 ============================================================
23:32:59.0187 5664 ================ Scan system memory ========================
23:32:59.0187 5664 System memory - ok
23:32:59.0187 5664 ================ Scan services =============================
23:32:59.0296 5664 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\AAVUpdateManager\aavus.exe
23:32:59.0421 5664 AAV UpdateService - ok
23:32:59.0577 5664 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:32:59.0608 5664 ACPI - ok
23:32:59.0686 5664 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:32:59.0764 5664 AdobeARMservice - ok
23:32:59.0811 5664 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:32:59.0857 5664 adp94xx - ok
23:32:59.0889 5664 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:32:59.0904 5664 adpahci - ok
23:32:59.0967 5664 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:32:59.0998 5664 adpu160m - ok
23:33:00.0029 5664 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:33:00.0045 5664 adpu320 - ok
23:33:00.0123 5664 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23:33:00.0169 5664 ADSMService ( UnsignedFile.Multi.Generic ) - warning
23:33:00.0169 5664 ADSMService - detected UnsignedFile.Multi.Generic (1)
23:33:00.0201 5664 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:33:00.0325 5664 AeLookupSvc - ok
23:33:00.0388 5664 [ 3CD15EBAA1D68BC18CE14A26683BC1EC ] AF15BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
23:33:00.0481 5664 AF15BDA - ok
23:33:00.0544 5664 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\Windows\system32\drivers\Afc.sys
23:33:00.0559 5664 Afc - ok
23:33:00.0606 5664 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:33:00.0669 5664 AFD - ok
23:33:00.0700 5664 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:33:00.0715 5664 agp440 - ok
23:33:00.0731 5664 [ FBE4016F9EF3AB3DB547E40A936B6CD9 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
23:33:00.0747 5664 ahcix86s - ok
23:33:00.0778 5664 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:33:00.0793 5664 aic78xx - ok
23:33:00.0825 5664 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:33:00.0981 5664 ALG - ok
23:33:01.0012 5664 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
23:33:01.0027 5664 aliide - ok
23:33:01.0059 5664 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:33:01.0074 5664 amdagp - ok
23:33:01.0105 5664 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
23:33:01.0137 5664 amdide - ok
23:33:01.0152 5664 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:33:01.0215 5664 AmdK7 - ok
23:33:01.0246 5664 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:33:01.0308 5664 AmdK8 - ok
23:33:01.0620 5664 [ 6B6DCA316EA487331E8F4A8EAB65C9C6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
23:33:01.0839 5664 amdkmdag - ok
23:33:01.0885 5664 [ E78F5DAA88E4B240E0E1D82ED0E7D96A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:33:01.0932 5664 amdkmdap - ok
23:33:02.0010 5664 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:33:02.0026 5664 AntiVirSchedulerService - ok
23:33:02.0057 5664 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:33:02.0073 5664 AntiVirService - ok
23:33:02.0119 5664 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:33:02.0151 5664 AntiVirWebService - ok
23:33:02.0197 5664 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:33:02.0260 5664 Appinfo - ok
23:33:02.0338 5664 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:33:02.0431 5664 Apple Mobile Device - ok
23:33:02.0478 5664 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
23:33:02.0494 5664 arc - ok
23:33:02.0525 5664 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:33:02.0541 5664 arcsas - ok
23:33:02.0572 5664 [ 104DB777372411C55850C4A2AE6877EF ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
23:33:02.0587 5664 AsDsm - ok
23:33:02.0650 5664 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
23:33:02.0665 5664 ASLDRService - ok
23:33:02.0681 5664 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
23:33:02.0712 5664 ASMMAP - ok
23:33:02.0759 5664 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:33:02.0821 5664 AsyncMac - ok
23:33:02.0853 5664 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:33:02.0884 5664 atapi - ok
23:33:02.0946 5664 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
23:33:03.0087 5664 athr - ok
23:33:03.0211 5664 [ F1C465E3A7A095B3B20B32AD39EA477A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:33:03.0399 5664 Ati External Event Utility - ok
23:33:03.0430 5664 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:33:03.0445 5664 AtiPcie - ok
23:33:03.0477 5664 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23:33:03.0477 5664 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
23:33:03.0477 5664 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
23:33:03.0539 5664 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:33:03.0586 5664 AudioEndpointBuilder - ok
23:33:03.0601 5664 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:33:03.0617 5664 Audiosrv - ok
23:33:03.0664 5664 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:33:03.0679 5664 avgntflt - ok
23:33:03.0711 5664 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:33:03.0726 5664 avipbb - ok
23:33:03.0757 5664 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:33:03.0773 5664 avkmgr - ok
23:33:03.0851 5664 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:33:03.0898 5664 BBSvc - ok
23:33:03.0945 5664 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:33:03.0960 5664 BBUpdate - ok
23:33:03.0991 5664 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:33:04.0055 5664 Beep - ok
23:33:04.0133 5664 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:33:04.0180 5664 BFE - ok
23:33:04.0242 5664 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
23:33:04.0336 5664 BITS - ok
23:33:04.0367 5664 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:33:04.0445 5664 blbdrive - ok
23:33:04.0538 5664 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:33:04.0585 5664 Bonjour Service - ok
23:33:04.0616 5664 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:33:04.0679 5664 bowser - ok
23:33:04.0710 5664 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:33:04.0757 5664 BrFiltLo - ok
23:33:04.0788 5664 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:33:04.0866 5664 BrFiltUp - ok
23:33:04.0913 5664 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:33:04.0960 5664 Browser - ok
23:33:05.0006 5664 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:33:05.0162 5664 Brserid - ok
23:33:05.0194 5664 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:33:05.0272 5664 BrSerWdm - ok
23:33:05.0287 5664 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:33:05.0350 5664 BrUsbMdm - ok
23:33:05.0381 5664 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:33:05.0459 5664 BrUsbSer - ok
23:33:05.0521 5664 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:33:05.0552 5664 BthEnum - ok
23:33:05.0599 5664 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:33:05.0630 5664 BTHMODEM - ok
23:33:05.0646 5664 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:33:05.0677 5664 BthPan - ok
23:33:05.0755 5664 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:33:05.0786 5664 BTHPORT - ok
23:33:05.0818 5664 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
23:33:05.0880 5664 BthServ - ok
23:33:05.0911 5664 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:33:05.0927 5664 BTHUSB - ok
23:33:05.0958 5664 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:33:06.0020 5664 cdfs - ok
23:33:06.0052 5664 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:33:06.0098 5664 cdrom - ok
23:33:06.0145 5664 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:33:06.0192 5664 CertPropSvc - ok
23:33:06.0239 5664 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
23:33:06.0301 5664 circlass - ok
23:33:06.0348 5664 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:33:06.0379 5664 CLFS - ok
23:33:06.0504 5664 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:33:06.0566 5664 clr_optimization_v2.0.50727_32 - ok
23:33:06.0629 5664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:33:06.0738 5664 clr_optimization_v4.0.30319_32 - ok
23:33:06.0785 5664 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:33:06.0832 5664 CmBatt - ok
23:33:06.0863 5664 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:33:06.0894 5664 cmdide - ok
23:33:06.0910 5664 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:33:06.0925 5664 Compbatt - ok
23:33:06.0941 5664 COMSysApp - ok
23:33:06.0956 5664 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:33:06.0972 5664 crcdisk - ok
23:33:07.0003 5664 [ D18893845AE1C5833B5B2EA9B7F5C670 ] CRFILTER C:\Windows\system32\DRIVERS\CRFILTER.sys
23:33:07.0066 5664 CRFILTER - ok
23:33:07.0081 5664 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:33:07.0128 5664 Crusoe - ok
23:33:07.0175 5664 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:33:07.0222 5664 CryptSvc - ok
23:33:07.0300 5664 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:33:07.0378 5664 DcomLaunch - ok
23:33:07.0424 5664 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:33:07.0487 5664 DfsC - ok
23:33:07.0596 5664 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:33:07.0721 5664 DFSR - ok
23:33:07.0768 5664 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:33:07.0830 5664 Dhcp - ok
23:33:07.0908 5664 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:33:07.0939 5664 disk - ok
23:33:07.0986 5664 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:33:08.0017 5664 Dnscache - ok
23:33:08.0064 5664 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:33:08.0111 5664 dot3svc - ok
23:33:08.0158 5664 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:33:08.0204 5664 DPS - ok
23:33:08.0236 5664 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:33:08.0267 5664 drmkaud - ok
23:33:08.0376 5664 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:33:08.0516 5664 DXGKrnl - ok
23:33:08.0548 5664 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:33:08.0594 5664 E1G60 - ok
23:33:08.0641 5664 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:33:08.0688 5664 EapHost - ok
23:33:08.0750 5664 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:33:08.0766 5664 Ecache - ok
23:33:08.0860 5664 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:33:08.0953 5664 ehRecvr - ok
23:33:08.0969 5664 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:33:09.0047 5664 ehSched - ok
23:33:09.0078 5664 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:33:09.0094 5664 ehstart - ok
23:33:09.0156 5664 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:33:09.0172 5664 elxstor - ok
23:33:09.0250 5664 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:33:09.0421 5664 EMDMgmt - ok
23:33:09.0452 5664 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:33:09.0499 5664 ErrDev - ok
23:33:09.0546 5664 [ 27D322191A177793448AFB6B9B11C75A ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:33:09.0593 5664 ETD - ok
23:33:09.0671 5664 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:33:09.0718 5664 EventSystem - ok
23:33:09.0764 5664 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:33:09.0811 5664 exfat - ok
23:33:09.0827 5664 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:33:09.0874 5664 fastfat - ok
23:33:09.0905 5664 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:33:09.0967 5664 fdc - ok
23:33:09.0998 5664 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:33:10.0045 5664 fdPHost - ok
23:33:10.0061 5664 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:33:10.0139 5664 FDResPub - ok
23:33:10.0154 5664 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:33:10.0186 5664 FileInfo - ok
23:33:10.0217 5664 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:33:10.0248 5664 Filetrace - ok
23:33:10.0264 5664 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:33:10.0310 5664 flpydisk - ok
23:33:10.0357 5664 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:33:10.0373 5664 FltMgr - ok
23:33:10.0622 5664 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:33:10.0716 5664 FontCache - ok
23:33:10.0778 5664 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:33:10.0825 5664 FontCache3.0.0.0 - ok
23:33:10.0888 5664 [ 17829180DEEBF703EC7F445AC3ABEA99 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:33:10.0903 5664 fssfltr - ok
23:33:10.0981 5664 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:33:11.0028 5664 fsssvc - ok
23:33:11.0090 5664 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
23:33:11.0106 5664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
23:33:11.0106 5664 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
23:33:11.0122 5664 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
23:33:11.0153 5664 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
23:33:11.0153 5664 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
23:33:11.0184 5664 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:33:11.0246 5664 Fs_Rec - ok
23:33:11.0278 5664 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:33:11.0293 5664 gagp30kx - ok
23:33:11.0309 5664 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:33:11.0324 5664 GEARAspiWDM - ok
23:33:11.0371 5664 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:33:11.0449 5664 gpsvc - ok
23:33:11.0512 5664 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:33:11.0527 5664 gupdate - ok
23:33:11.0543 5664 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:33:11.0558 5664 gupdatem - ok
23:33:11.0621 5664 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:33:11.0683 5664 HdAudAddService - ok
23:33:11.0839 5664 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:11.0917 5664 HDAudBus - ok
23:33:11.0964 5664 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:33:12.0042 5664 HidBth - ok
23:33:12.0073 5664 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:33:12.0151 5664 HidIr - ok
23:33:12.0198 5664 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
23:33:12.0245 5664 hidserv - ok
23:33:12.0276 5664 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:33:12.0323 5664 HidUsb - ok
23:33:12.0354 5664 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:33:12.0416 5664 hkmsvc - ok
23:33:12.0463 5664 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:33:12.0479 5664 HpCISSs - ok
23:33:12.0510 5664 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:33:12.0557 5664 HTTP - ok
23:33:12.0572 5664 hwdatacard - ok
23:33:12.0619 5664 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:33:12.0635 5664 i2omp - ok
23:33:12.0666 5664 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:12.0728 5664 i8042prt - ok
23:33:12.0822 5664 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:33:12.0838 5664 iaStorV - ok
23:33:13.0025 5664 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:33:13.0181 5664 idsvc - ok
23:33:13.0228 5664 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:33:13.0243 5664 iirsp - ok
23:33:13.0352 5664 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:33:13.0415 5664 IKEEXT - ok
23:33:13.0493 5664 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:33:13.0508 5664 intelide - ok
23:33:13.0586 5664 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:33:13.0680 5664 intelppm - ok
23:33:13.0742 5664 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:33:13.0805 5664 IPBusEnum - ok
23:33:13.0820 5664 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:13.0852 5664 IpFilterDriver - ok
23:33:13.0898 5664 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:33:13.0930 5664 iphlpsvc - ok
23:33:13.0945 5664 IpInIp - ok
23:33:13.0961 5664 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:33:13.0992 5664 IPMIDRV - ok
23:33:14.0039 5664 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:33:14.0101 5664 IPNAT - ok
23:33:14.0164 5664 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:33:14.0210 5664 iPod Service - ok
23:33:14.0242 5664 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:33:14.0288 5664 IRENUM - ok
23:33:14.0304 5664 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:33:14.0320 5664 isapnp - ok
23:33:14.0366 5664 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:33:14.0382 5664 iScsiPrt - ok
23:33:14.0398 5664 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:33:14.0429 5664 iteatapi - ok
23:33:14.0444 5664 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:33:14.0460 5664 iteraid - ok
23:33:14.0476 5664 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:14.0491 5664 kbdclass - ok
23:33:14.0507 5664 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:14.0554 5664 kbdhid - ok
23:33:14.0585 5664 [ 7F2B8D0B31FB4A797E5786EF124C5A80 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:33:14.0600 5664 kbfiltr - ok
23:33:14.0632 5664 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:33:14.0694 5664 KeyIso - ok
23:33:14.0756 5664 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:33:14.0788 5664 KSecDD - ok
23:33:14.0834 5664 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:33:14.0897 5664 KtmRm - ok
23:33:14.0959 5664 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
23:33:15.0053 5664 LanmanServer - ok
23:33:15.0068 5664 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:33:15.0115 5664 LanmanWorkstation - ok
23:33:15.0146 5664 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:33:15.0193 5664 lltdio - ok
23:33:15.0224 5664 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:33:15.0271 5664 lltdsvc - ok
23:33:15.0287 5664 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:33:15.0365 5664 lmhosts - ok
23:33:15.0396 5664 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:33:15.0427 5664 LSI_FC - ok
23:33:15.0458 5664 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:33:15.0474 5664 LSI_SAS - ok
23:33:15.0505 5664 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:33:15.0536 5664 LSI_SCSI - ok
23:33:15.0552 5664 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:33:15.0583 5664 luafv - ok
23:33:15.0614 5664 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:33:15.0661 5664 Mcx2Svc - ok
23:33:15.0708 5664 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
23:33:15.0724 5664 megasas - ok
23:33:15.0739 5664 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:33:15.0786 5664 MegaSR - ok
23:33:15.0817 5664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:33:15.0864 5664 MMCSS - ok
23:33:15.0895 5664 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:33:15.0926 5664 Modem - ok
23:33:15.0942 5664 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:33:16.0004 5664 monitor - ok
23:33:16.0020 5664 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:33:16.0051 5664 mouclass - ok
23:33:16.0067 5664 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:33:16.0114 5664 mouhid - ok
23:33:16.0129 5664 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:33:16.0160 5664 MountMgr - ok
23:33:16.0192 5664 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:33:16.0223 5664 MozillaMaintenance - ok
23:33:16.0254 5664 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
23:33:16.0285 5664 mpio - ok
23:33:16.0301 5664 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:33:16.0332 5664 mpsdrv - ok
23:33:16.0394 5664 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:33:16.0457 5664 MpsSvc - ok
23:33:16.0504 5664 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:33:16.0519 5664 Mraid35x - ok
23:33:16.0550 5664 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:33:16.0597 5664 MRxDAV - ok
23:33:16.0644 5664 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:16.0706 5664 mrxsmb - ok
23:33:16.0738 5664 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:16.0784 5664 mrxsmb10 - ok
23:33:16.0816 5664 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:16.0831 5664 mrxsmb20 - ok
23:33:16.0862 5664 [ DE77526BDE93142BDC90CFA9F5CEAD36 ] msahci C:\Windows\system32\drivers\msahci.sys
23:33:16.0878 5664 msahci - ok
23:33:16.0909 5664 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:33:16.0925 5664 msdsm - ok
23:33:16.0940 5664 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:33:16.0987 5664 MSDTC - ok
23:33:17.0018 5664 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:33:17.0065 5664 Msfs - ok
23:33:17.0096 5664 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:33:17.0112 5664 msisadrv - ok
23:33:17.0143 5664 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:33:17.0190 5664 MSiSCSI - ok
23:33:17.0206 5664 msiserver - ok
23:33:17.0252 5664 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:33:17.0284 5664 MSKSSRV - ok
23:33:17.0315 5664 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:17.0362 5664 MSPCLOCK - ok
23:33:17.0377 5664 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:33:17.0440 5664 MSPQM - ok
23:33:17.0502 5664 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:33:17.0533 5664 MsRPC - ok
23:33:17.0564 5664 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:17.0580 5664 mssmbios - ok
23:33:17.0596 5664 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:33:17.0642 5664 MSTEE - ok
23:33:17.0689 5664 [ BB16693616427EAC1A436E106EA8D318 ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
23:33:17.0705 5664 MTsensor - ok
23:33:17.0736 5664 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:33:17.0767 5664 Mup - ok
23:33:17.0814 5664 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:33:17.0876 5664 napagent - ok
23:33:17.0908 5664 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:33:17.0939 5664 NativeWifiP - ok
23:33:17.0986 5664 NAVENG - ok
23:33:18.0001 5664 NAVEX15 - ok
23:33:18.0064 5664 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:33:18.0110 5664 NDIS - ok
23:33:18.0157 5664 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:18.0188 5664 NdisTapi - ok
23:33:18.0204 5664 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:18.0251 5664 Ndisuio - ok
23:33:18.0329 5664 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:18.0376 5664 NdisWan - ok
23:33:18.0407 5664 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:33:18.0438 5664 NDProxy - ok
23:33:18.0454 5664 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:33:18.0500 5664 NetBIOS - ok
23:33:18.0578 5664 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:33:18.0641 5664 netbt - ok
23:33:18.0672 5664 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:33:18.0688 5664 Netlogon - ok
23:33:18.0719 5664 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:33:18.0766 5664 Netman - ok
23:33:18.0844 5664 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:33:18.0906 5664 netprofm - ok
23:33:18.0953 5664 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:19.0015 5664 NetTcpPortSharing - ok
23:33:19.0046 5664 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:33:19.0062 5664 nfrd960 - ok
23:33:19.0078 5664 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:33:19.0156 5664 NlaSvc - ok
23:33:19.0187 5664 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:33:19.0249 5664 Npfs - ok
23:33:19.0280 5664 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:33:19.0327 5664 nsi - ok
23:33:19.0374 5664 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:33:19.0436 5664 nsiproxy - ok
23:33:19.0577 5664 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:33:19.0655 5664 Ntfs - ok
23:33:19.0702 5664 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:33:19.0764 5664 ntrigdigi - ok
23:33:19.0780 5664 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:33:19.0842 5664 Null - ok
23:33:19.0873 5664 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:33:19.0889 5664 nvraid - ok
23:33:19.0904 5664 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:33:19.0920 5664 nvstor - ok
23:33:19.0982 5664 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:33:20.0014 5664 nv_agp - ok
23:33:20.0014 5664 NwlnkFlt - ok
23:33:20.0014 5664 NwlnkFwd - ok
23:33:20.0232 5664 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:33:20.0388 5664 odserv - ok
23:33:20.0435 5664 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:20.0482 5664 ohci1394 - ok
23:33:20.0544 5664 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:20.0575 5664 ose - ok
23:33:20.0653 5664 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:33:20.0762 5664 p2pimsvc - ok
23:33:20.0794 5664 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:33:20.0825 5664 p2psvc - ok
23:33:20.0887 5664 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:33:20.0965 5664 Parport - ok
23:33:21.0028 5664 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:33:21.0059 5664 partmgr - ok
23:33:21.0121 5664 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:33:21.0184 5664 Parvdm - ok
23:33:21.0230 5664 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:33:21.0277 5664 PcaSvc - ok
23:33:21.0324 5664 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
23:33:21.0355 5664 pccsmcfd - ok
23:33:21.0402 5664 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:33:21.0418 5664 pci - ok
23:33:21.0449 5664 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
23:33:21.0464 5664 pciide - ok
23:33:21.0496 5664 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:33:21.0511 5664 pcmcia - ok
23:33:21.0558 5664 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:33:21.0652 5664 PEAUTH - ok
23:33:21.0886 5664 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:33:21.0979 5664 pla - ok
23:33:22.0057 5664 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:33:22.0120 5664 PlugPlay - ok
23:33:22.0166 5664 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:33:22.0213 5664 PNRPAutoReg - ok
23:33:22.0244 5664 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:33:22.0307 5664 PNRPsvc - ok
23:33:22.0369 5664 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:33:22.0432 5664 PolicyAgent - ok
23:33:22.0463 5664 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:33:22.0525 5664 PptpMiniport - ok
23:33:22.0556 5664 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:33:22.0603 5664 Processor - ok
23:33:22.0681 5664 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:33:22.0759 5664 ProfSvc - ok
23:33:22.0775 5664 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:22.0806 5664 ProtectedStorage - ok
23:33:22.0837 5664 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:33:22.0900 5664 PSched - ok
23:33:22.0962 5664 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:33:23.0040 5664 ql2300 - ok
23:33:23.0087 5664 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:33:23.0102 5664 ql40xx - ok
23:33:23.0134 5664 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:33:23.0180 5664 QWAVE - ok
23:33:23.0196 5664 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:33:23.0227 5664 QWAVEdrv - ok
23:33:23.0243 5664 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:33:23.0274 5664 RasAcd - ok
23:33:23.0305 5664 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:33:23.0368 5664 RasAuto - ok
23:33:23.0399 5664 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:23.0446 5664 Rasl2tp - ok
23:33:23.0492 5664 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:33:23.0539 5664 RasMan - ok
23:33:23.0586 5664 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:23.0617 5664 RasPppoe - ok
23:33:23.0648 5664 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:33:23.0664 5664 RasSstp - ok
23:33:23.0711 5664 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:33:23.0773 5664 rdbss - ok
23:33:23.0804 5664 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:23.0898 5664 RDPCDD - ok
23:33:23.0976 5664 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:33:24.0023 5664 rdpdr - ok
23:33:24.0054 5664 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:33:24.0085 5664 RDPENCDD - ok
23:33:24.0148 5664 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:33:24.0194 5664 RDPWD - ok
23:33:24.0226 5664 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:33:24.0272 5664 RemoteAccess - ok
23:33:24.0319 5664 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:33:24.0366 5664 RemoteRegistry - ok
23:33:24.0413 5664 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:33:24.0475 5664 RFCOMM - ok
23:33:24.0506 5664 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:33:24.0569 5664 RpcLocator - ok
23:33:24.0600 5664 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:33:24.0631 5664 RpcSs - ok
23:33:24.0662 5664 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:33:24.0709 5664 rspndr - ok
23:33:24.0725 5664 [ F875E277A79EF9D6F3AC89ABB557A689 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
23:33:24.0787 5664 RTL8169 - ok
23:33:24.0850 5664 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
23:33:24.0896 5664 s0016bus - ok
23:33:24.0912 5664 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
23:33:24.0928 5664 s0016mdfl - ok
23:33:24.0943 5664 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
23:33:24.0959 5664 s0016mdm - ok
23:33:24.0974 5664 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
23:33:24.0990 5664 s0016mgmt - ok
23:33:25.0037 5664 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
23:33:25.0037 5664 s0016nd5 - ok
23:33:25.0068 5664 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
23:33:25.0084 5664 s0016obex - ok
23:33:25.0099 5664 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
23:33:25.0115 5664 s0016unic - ok
23:33:25.0162 5664 [ 6381D7FAC6CE956F37AA76031939F8CC ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
23:33:25.0193 5664 s0017bus - ok
23:33:25.0208 5664 [ 3A0B4FC02D9D79A4F7EE9C13E287C5EB ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
23:33:25.0224 5664 s0017mdfl - ok
23:33:25.0240 5664 [ AA689C79D62CAF565357520CAE065F17 ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
23:33:25.0255 5664 s0017mdm - ok
23:33:25.0286 5664 [ 547B1A09017A4C4CE6B535BA810523DA ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
23:33:25.0302 5664 s0017mgmt - ok
23:33:25.0349 5664 [ 6DB4820821E819CF61546E1F991A298D ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
23:33:25.0364 5664 s0017nd5 - ok
23:33:25.0411 5664 [ D623BF6F04F7603EE1C4B59C737B69A7 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
23:33:25.0427 5664 s0017obex - ok
23:33:25.0458 5664 [ 0C970A53FC43815E948628442F8983AD ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
23:33:25.0474 5664 s0017unic - ok
23:33:25.0520 5664 [ D259D085F215B57B7170DC2D0B646B2A ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
23:33:25.0536 5664 s1039bus - ok
23:33:25.0567 5664 [ 4D2B6621B5913E8B1CBB650A6037B8A2 ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
23:33:25.0598 5664 s1039mdfl - ok
23:33:25.0661 5664 [ 8149799844AB2E91EA92E9CAD4224254 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
23:33:25.0676 5664 s1039mdm - ok
23:33:25.0708 5664 [ 5E91068B3F5E003B83D8A99DC0C76E2C ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
23:33:25.0723 5664 s1039mgmt - ok
23:33:25.0754 5664 [ DF54DBF1C4105D2074D07929F6BA91AA ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
23:33:25.0770 5664 s1039nd5 - ok
23:33:25.0817 5664 [ 1BC084B0708D42E29E2222346149E52F ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
23:33:25.0848 5664 s1039obex - ok
23:33:25.0864 5664 [ 2E8CCB7BF5B1EB34BCF4EBF880B3E11C ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
23:33:25.0879 5664 s1039unic - ok
23:33:25.0895 5664 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:33:25.0910 5664 SamSs - ok
23:33:25.0957 5664 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:33:25.0988 5664 sbp2port - ok
23:33:26.0020 5664 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:33:26.0051 5664 SCardSvr - ok
23:33:26.0144 5664 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:33:26.0238 5664 Schedule - ok
23:33:26.0254 5664 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:33:26.0285 5664 SCPolicySvc - ok
23:33:26.0300 5664 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:33:26.0363 5664 sdbus - ok
23:33:26.0410 5664 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:33:26.0472 5664 SDRSVC - ok
23:33:26.0503 5664 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:33:26.0550 5664 secdrv - ok
23:33:26.0581 5664 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:33:26.0644 5664 seclogon - ok
23:33:26.0659 5664 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
23:33:26.0690 5664 SENS - ok
23:33:26.0737 5664 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:33:26.0800 5664 Serenum - ok
23:33:26.0815 5664 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:33:26.0878 5664 Serial - ok
23:33:26.0909 5664 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:33:26.0956 5664 sermouse - ok
23:33:27.0065 5664 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:33:27.0127 5664 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:33:27.0127 5664 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:33:27.0190 5664 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:33:27.0236 5664 SessionEnv - ok
23:33:27.0283 5664 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:33:27.0330 5664 sffdisk - ok
23:33:27.0361 5664 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:33:27.0392 5664 sffp_mmc - ok
23:33:27.0424 5664 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:33:27.0470 5664 sffp_sd - ok
23:33:27.0502 5664 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:33:27.0548 5664 sfloppy - ok
23:33:27.0580 5664 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:33:27.0642 5664 SharedAccess - ok
23:33:27.0704 5664 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:27.0767 5664 ShellHWDetection - ok
23:33:27.0782 5664 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:33:27.0798 5664 sisagp - ok
23:33:27.0814 5664 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:33:27.0845 5664 SiSRaid2 - ok
23:33:27.0860 5664 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:33:27.0876 5664 SiSRaid4 - ok
23:33:27.0923 5664 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:33:28.0032 5664 SkypeUpdate - ok
23:33:28.0484 5664 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:33:28.0672 5664 slsvc - ok
23:33:28.0718 5664 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:33:28.0750 5664 SLUINotify - ok
23:33:28.0796 5664 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:33:28.0828 5664 Smb - ok
23:33:28.0890 5664 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
23:33:29.0015 5664 smserial - ok
23:33:29.0062 5664 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:33:29.0124 5664 SNMPTRAP - ok
23:33:29.0186 5664 [ 060F51141B20B8156804446A04AB8B2A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:33:29.0296 5664 SNP2UVC - ok
23:33:29.0420 5664 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:33:29.0514 5664 Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
23:33:29.0514 5664 Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
23:33:29.0530 5664 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:33:29.0545 5664 spldr - ok
23:33:29.0592 5664 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:33:29.0654 5664 Spooler - ok
23:33:29.0701 5664 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\System32\Drivers\sptd.sys
23:33:29.0764 5664 sptd - ok
23:33:29.0795 5664 [ B747EA555A72070F258B3E31E1392D62 ] SRS_PremiumSound_Service C:\Windows\system32\drivers\srs_PremiumSound_i386.sys
23:33:29.0842 5664 SRS_PremiumSound_Service - ok
23:33:29.0873 5664 [ 543B82F5846CEF761EE98D727C15D539 ] SRS_VolSync_Service C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
23:33:29.0904 5664 SRS_VolSync_Service - ok
23:33:29.0904 5664 SRTSP - ok
23:33:29.0920 5664 SRTSPX - ok
23:33:29.0982 5664 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:33:30.0029 5664 srv - ok
23:33:30.0060 5664 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:33:30.0107 5664 srv2 - ok
23:33:30.0154 5664 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:33:30.0185 5664 srvnet - ok
23:33:30.0216 5664 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:33:30.0294 5664 SSDPSRV - ok
23:33:30.0341 5664 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:33:30.0356 5664 ssmdrv - ok
23:33:30.0388 5664 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:33:30.0419 5664 SstpSvc - ok
23:33:30.0450 5664 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
23:33:30.0466 5664 ss_bbus - ok
23:33:30.0497 5664 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
23:33:30.0497 5664 ss_bmdfl - ok
23:33:30.0528 5664 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
23:33:30.0544 5664 ss_bmdm - ok
23:33:30.0590 5664 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:33:30.0653 5664 stisvc - ok
23:33:30.0684 5664 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:33:30.0700 5664 swenum - ok
23:33:30.0746 5664 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:33:30.0793 5664 swprv - ok
23:33:30.0793 5664 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:33:30.0809 5664 Symc8xx - ok
23:33:30.0824 5664 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:33:30.0840 5664 Sym_hi - ok
23:33:30.0856 5664 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:33:30.0871 5664 Sym_u3 - ok
23:33:30.0934 5664 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:33:30.0996 5664 SysMain - ok
23:33:31.0058 5664 [ D7E795032847A6E6E9FBC5E296AE0838 ] SystemStore C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
23:33:31.0105 5664 SystemStore ( UnsignedFile.Multi.Generic ) - warning
23:33:31.0105 5664 SystemStore - detected UnsignedFile.Multi.Generic (1)
23:33:31.0136 5664 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:31.0168 5664 TabletInputService - ok
23:33:31.0214 5664 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:33:31.0246 5664 TapiSrv - ok
23:33:31.0277 5664 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:33:31.0308 5664 TBS - ok
23:33:31.0355 5664 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:33:31.0433 5664 Tcpip - ok
23:33:31.0526 5664 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:33:31.0573 5664 Tcpip6 - ok
23:33:31.0604 5664 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:33:31.0651 5664 tcpipreg - ok
23:33:31.0682 5664 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:33:31.0714 5664 TDPIPE - ok
23:33:31.0760 5664 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:33:31.0807 5664 TDTCP - ok
23:33:31.0838 5664 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:33:31.0870 5664 tdx - ok
23:33:31.0932 5664 [ D827A50CEC8A16180EEC4F1951B7A842 ] TeamViewer5 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
23:33:31.0948 5664 TeamViewer5 - ok
23:33:31.0979 5664 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:33:31.0994 5664 TermDD - ok
23:33:32.0072 5664 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:33:32.0150 5664 TermService - ok
23:33:32.0166 5664 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:33:32.0197 5664 Themes - ok
23:33:32.0213 5664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:33:32.0244 5664 THREADORDER - ok
23:33:32.0291 5664 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:33:32.0338 5664 TrkWks - ok
23:33:32.0384 5664 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:32.0462 5664 TrustedInstaller - ok
23:33:32.0494 5664 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:32.0556 5664 tssecsrv - ok
23:33:32.0587 5664 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:33:32.0603 5664 tunmp - ok
23:33:32.0634 5664 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:33:32.0681 5664 tunnel - ok
23:33:32.0712 5664 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:33:32.0743 5664 uagp35 - ok
23:33:32.0790 5664 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:33:32.0821 5664 udfs - ok
23:33:32.0852 5664 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:33:32.0915 5664 UI0Detect - ok
23:33:32.0946 5664 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:33:32.0962 5664 uliagpkx - ok
23:33:32.0977 5664 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:33:33.0008 5664 uliahci - ok
23:33:33.0024 5664 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:33:33.0040 5664 UlSata - ok
23:33:33.0055 5664 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:33:33.0086 5664 ulsata2 - ok
23:33:33.0102 5664 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:33:33.0149 5664 umbus - ok
23:33:33.0180 5664 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:33:33.0227 5664 upnphost - ok
23:33:33.0258 5664 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:33.0305 5664 usbccgp - ok
23:33:33.0336 5664 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:33:33.0414 5664 usbcir - ok
23:33:33.0445 5664 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:33:33.0461 5664 usbehci - ok
23:33:33.0492 5664 [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:33:33.0508 5664 usbfilter - ok
23:33:33.0523 5664 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:33:33.0554 5664 usbhub - ok
23:33:33.0570 5664 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:33:33.0617 5664 usbohci - ok
23:33:33.0632 5664 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:33:33.0695 5664 usbprint - ok
23:33:33.0742 5664 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:33.0788 5664 USBSTOR - ok
23:33:33.0804 5664 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:33.0835 5664 usbuhci - ok
23:33:33.0866 5664 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:33:33.0898 5664 usbvideo - ok
23:33:33.0929 5664 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:33:33.0991 5664 UxSms - ok
23:33:34.0022 5664 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:33:34.0085 5664 vds - ok
23:33:34.0100 5664 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:34.0194 5664 vga - ok
23:33:34.0256 5664 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:33:34.0303 5664 VgaSave - ok
23:33:34.0350 5664 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:33:34.0381 5664 viaagp - ok
23:33:34.0397 5664 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:33:34.0475 5664 ViaC7 - ok
23:33:34.0522 5664 [ 14235AB7040218EF4B3CC86A693C0B2E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
23:33:34.0600 5664 VIAHdAudAddService - ok
23:33:34.0631 5664 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
23:33:34.0662 5664 viaide - ok
23:33:34.0678 5664 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:33:34.0693 5664 volmgr - ok
23:33:34.0740 5664 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:33:34.0756 5664 volmgrx - ok
23:33:34.0865 5664 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:33:34.0896 5664 volsnap - ok
23:33:34.0927 5664 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:33:34.0958 5664 vsmraid - ok
23:33:35.0099 5664 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:33:35.0208 5664 VSS - ok
23:33:35.0239 5664 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:33:35.0270 5664 W32Time - ok
23:33:35.0302 5664 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:33:35.0364 5664 WacomPen - ok
23:33:35.0395 5664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:33:35.0442 5664 Wanarp - ok
23:33:35.0442 5664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:33:35.0473 5664 Wanarpv6 - ok
23:33:35.0551 5664 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:33:35.0598 5664 wcncsvc - ok
23:33:35.0629 5664 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:35.0676 5664 WcsPlugInService - ok
23:33:35.0723 5664 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
23:33:35.0738 5664 Wd - ok
23:33:35.0785 5664 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:33:35.0832 5664 Wdf01000 - ok
23:33:35.0863 5664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:33:35.0910 5664 WdiServiceHost - ok
23:33:35.0910 5664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:33:35.0941 5664 WdiSystemHost - ok
23:33:36.0019 5664 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:33:36.0066 5664 WebClient - ok
23:33:36.0097 5664 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:33:36.0160 5664 Wecsvc - ok
23:33:36.0191 5664 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:33:36.0222 5664 wercplsupport - ok
23:33:36.0284 5664 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:33:36.0331 5664 WerSvc - ok
23:33:36.0409 5664 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:33:36.0456 5664 WinDefend - ok
23:33:36.0456 5664 WinHttpAutoProxySvc - ok
23:33:36.0612 5664 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:33:36.0706 5664 Winmgmt - ok
23:33:36.0893 5664 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:33:37.0002 5664 WinRM - ok
23:33:37.0064 5664 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:33:37.0096 5664 WinUSB - ok
23:33:37.0142 5664 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:33:37.0189 5664 Wlansvc - ok
23:33:37.0330 5664 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:33:37.0423 5664 wlidsvc - ok
23:33:37.0470 5664 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:37.0517 5664 WmiAcpi - ok
23:33:37.0564 5664 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:33:37.0626 5664 wmiApSrv - ok
23:33:37.0751 5664 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:33:37.0844 5664 WMPNetworkSvc - ok
23:33:37.0922 5664 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
23:33:38.0390 5664 WMZuneComm - ok
23:33:38.0453 5664 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:33:38.0515 5664 WPCSvc - ok
23:33:38.0562 5664 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:33:38.0593 5664 WPDBusEnum - ok
23:33:38.0624 5664 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:33:38.0640 5664 WpdUsb - ok
23:33:38.0796 5664 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:33:38.0890 5664 WPFFontCache_v0400 - ok
23:33:38.0921 5664 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:33:38.0983 5664 ws2ifsl - ok
23:33:39.0046 5664 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
23:33:39.0077 5664 wscsvc - ok
23:33:39.0092 5664 WSearch - ok
23:33:39.0170 5664 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:33:39.0295 5664 wuauserv - ok
23:33:39.0358 5664 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:33:39.0404 5664 WudfPf - ok
23:33:39.0420 5664 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:39.0451 5664 WUDFRd - ok
23:33:39.0529 5664 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:33:39.0576 5664 wudfsvc - ok
23:33:39.0623 5664 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
23:33:39.0701 5664 yukonwlh - ok
23:33:39.0919 5664 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
23:33:40.0309 5664 ZuneNetworkSvc - ok
23:33:40.0372 5664 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
23:33:40.0481 5664 ZuneWlanCfgSvc - ok
23:33:40.0528 5664 ================ Scan global ===============================
23:33:40.0559 5664 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:33:40.0652 5664 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:40.0684 5664 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:40.0746 5664 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:33:40.0762 5664 [Global] - ok
23:33:40.0762 5664 ================ Scan MBR ==================================
23:33:40.0777 5664 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
23:33:42.0836 5664 \Device\Harddisk0\DR0 - ok
23:33:42.0836 5664 ================ Scan VBR ==================================
23:33:42.0883 5664 [ 57305CBCB76D4D7D57E2F87F29FE070D ] \Device\Harddisk0\DR0\Partition1
23:33:42.0899 5664 \Device\Harddisk0\DR0\Partition1 - ok
23:33:42.0914 5664 [ E7FD3D3D29794C6D64BA321B8B2E8568 ] \Device\Harddisk0\DR0\Partition2
23:33:42.0930 5664 \Device\Harddisk0\DR0\Partition2 - ok
23:33:42.0930 5664 ============================================================
23:33:42.0930 5664 Scan finished
23:33:42.0930 5664 ============================================================
23:33:42.0946 5748 Detected object count: 7
23:33:42.0946 5748 Actual detected object count: 7
23:34:33.0022 5748 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0022 5748 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0037 5748 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0037 5748 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0037 5748 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0037 5748 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0037 5748 Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748 Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:33.0053 5748 SystemStore ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0053 5748 SystemStore ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:36.0233 5004 Deinitialize success
|
|
09.04.2013, 23:19
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 09:51
| #11 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo! Habe Combofix durchlaufen lassen. Es schien keine Probleme zu geben. Beim Neustart wurden updates durchgeführt. Hier die Combogix Log-Datei (erfreulicherweise in CODE-Tags). Code:
ATTFilter Combofix Logfile: Danke und Beste Grüße! Ciarán |
|
10.04.2013, 10:54
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2013, 12:06
| #13 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hey! Habe die drei beschriebenen Schritte durchgeführt. Diese scheinen alle ohne Probleme gelaufen zu sein. Ich poste nun die LOG-Dateien in diesem Beitrag. Als ich mein Avira Antivirenprogramm wieder eingeschaltet habe, ist mir aufgefallen, dass der Browserschutz nicht aktiviert ist. Ich scheine ihn nicht einfach wieder einschalten zu können. Ich weiß nicht, ob das mit dem ursprünglichen Problem oder den durchgeführten Diagnose-Schritten zu tun hat. Kannst du dazu etwas sagen? Danke und beste Grüße, Ciarán Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Ciaran on 10.04.2013 at 12:14:58,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\apnupdater
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthost.tool
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthost.tool.1
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Ciaran\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"
~~~ FireFox
Successfully deleted: [File] C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\prefs.js
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("extensions.asktb.ff-original-keyword-url", "");
Emptied folder: C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\minidumps [87 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2013 at 12:19:16,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.200 - Datei am 10/04/2013 um 12:22:37 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Ciaran - CIARAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Ciaran\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\Ciaran\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Ciaran\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\extensions\DTToolbar@toolbarnet.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.43
Datei : C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [10252 octets] - [10/04/2013 12:22:37]
########## EOF - C:\AdwCleaner[S1].txt - [10313 octets] ##########
[/code] OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.04.2013 12:48:09 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ciaran\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,48% Memory free 6,20 Gb Paging File | 5,08 Gb Available in Paging File | 81,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 58,23 Gb Free Space | 39,07% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 137,26 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Computer Name: CIARAN-PC | User Name: Ciaran | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Ciaran\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Divx\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe () PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE (VIA) PRC - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Program files\P4G\BatteryLife.exe (ATK) PRC - C:\Program Files\AAVUpdateManager\aavus.exe () PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll () MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files\Divx\DivX Update\DivXUpdate.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3364.37083__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3364.37101__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3364.37180__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3364.37160__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3364.37091__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3364.37141__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3364.37192__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3364.37147__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3364.37178__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3364.37192__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3364.37130__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3364.37104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3364.37155__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3364.37139__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3364.37138__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3364.37108__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3364.37107__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3364.37207__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3364.37174__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3364.37188__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3364.37078__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3364.37168__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3364.37080__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3364.37172__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3364.37082__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3364.37087__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3364.37081__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3364.37080__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3364.37079__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3364.37173__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll () MOD - C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Program files\P4G\OvrClk.dll () MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Program files\P4G\DevMng.dll () MOD - C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll () MOD - C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll () MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () MOD - C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll () MOD - C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll () MOD - C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll () MOD - C:\Program Files\ATKGFNEX\AGFNEX.dll () ========== Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (SystemStore) -- C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe () SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation) SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SRS_VolSync_Service) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (AAV UpdateService) -- C:\Program Files\AAVUpdateManager\aavus.exe () SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe () SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () ========== Driver Services (SafeList) ========== DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS File not found DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (catchme) -- C:\Users\Ciaran\AppData\Local\Temp\catchme.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (s1039bus) -- C:\Windows\System32\drivers\s1039bus.sys (MCCI Corporation) DRV - (s1039mdm) -- C:\Windows\System32\drivers\s1039mdm.sys (MCCI Corporation) DRV - (s1039mgmt) -- C:\Windows\System32\drivers\s1039mgmt.sys (MCCI Corporation) DRV - (s1039obex) -- C:\Windows\System32\drivers\s1039obex.sys (MCCI Corporation) DRV - (s1039mdfl) -- C:\Windows\System32\drivers\s1039mdfl.sys (MCCI Corporation) DRV - (s1039unic) -- C:\Windows\System32\drivers\s1039unic.sys (MCCI Corporation) DRV - (s1039nd5) -- C:\Windows\System32\drivers\s1039nd5.sys (MCCI Corporation) DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech ) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc) DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (SRS_PremiumSound_Service) -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.) DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.) DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation) DRV - (s0017unic) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation) DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation) DRV - (s0017bus) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation) DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation) DRV - (s0017mgmt) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation) DRV - (s0017nd5) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation) DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation) DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.) DRV - (CRFILTER) -- C:\Windows\System32\drivers\CRFILTER.sys (Generic) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com/ IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{A98C4578-F989-4B25-BB0C-F3A0772DECBA}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=D2161909-5D4E-4BC5-A87F-50D961941D05&apn_sauid=7268D777-BCED-446F-B977-F47FC413F014 IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{E71B1DBB-62F3-495B-BDBF-1274689FDE93}: "URL" = hxxp://de.forestle.org/search.php?q={searchTerms}&meta= IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\Divx\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VLC Player\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.03.18 23:34:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 14:40:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.21 01:34:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.17 22:05:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.03.21 01:34:39 | 000,000,000 | ---D | M] [2013.03.08 14:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013.03.08 14:40:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.03.08 14:40:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.03.08 14:40:40 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.19 22:46:58 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 11:23:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.19 22:46:58 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.19 22:46:58 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.19 22:46:58 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.19 22:46:58 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VLC Player\VLC\npvlc.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\ CHR - Extension: Google Mail = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013.04.10 10:22:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\Quick Time\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40EB3047-0DCF-4601-867B-E58510BC3B92}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F573B0FD-F7F2-4836-AFEE-901BE2AE956D}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Ciaran\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Ciaran\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /r \??\G:) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.10 12:14:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.04.10 12:14:38 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.10 12:14:38 | 000,000,000 | ---D | C] -- \JRT [2013.04.10 12:12:45 | 000,551,587 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Ciaran\Desktop\JRT.exe [2013.04.10 10:35:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.04.10 10:35:39 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.04.10 10:35:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.04.10 10:35:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.04.10 10:35:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.04.10 10:35:37 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.04.10 10:35:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.04.10 10:35:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.04.10 10:25:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.04.10 10:25:38 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2013.04.10 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\AppData\Local\temp [2013.04.10 10:10:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.04.10 10:10:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.04.10 10:10:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.04.10 10:10:04 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.04.10 10:10:04 | 000,000,000 | ---D | C] -- \ComboFix [2013.04.10 10:09:20 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.04.10 10:09:20 | 000,000,000 | ---D | C] -- \Qoobox [2013.04.10 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.04.10 09:59:38 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.04.10 09:59:38 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.04.10 09:59:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013.04.10 09:56:50 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.04.10 09:56:45 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.04.10 09:48:51 | 005,050,680 | R--- | C] (Swearware) -- C:\Users\Ciaran\Desktop\ComboFix.exe [2013.04.09 20:45:29 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ciaran\Desktop\tdsskiller.exe [2013.04.09 20:42:03 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Ciaran\Desktop\aswMBR.exe [2013.04.06 14:29:06 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Ralph [2013.04.02 12:07:46 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Reportdateien [2013.04.02 12:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.04.02 12:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.04.02 10:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.04.02 10:27:50 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\AppData\Local\DoNotTrackPlus [2013.03.29 00:26:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ciaran\Desktop\OTL.exe [2013.03.29 00:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\gmer [2013.03.28 23:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Defogger [2013.03.27 18:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.27 18:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.27 18:33:06 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.03.27 18:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malewarebytes [2013.03.24 22:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.03.22 00:17:42 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\mbar [2013.03.20 23:08:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2013.03.19 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Ryan [2013.03.19 11:34:35 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.03.19 11:34:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.03.19 11:34:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.03.19 11:34:12 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll ========== Files - Modified Within 30 Days ========== [2013.04.10 12:42:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.10 12:25:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.10 12:25:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.10 12:25:29 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.10 12:25:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.10 12:23:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013.04.10 12:12:45 | 000,551,587 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Ciaran\Desktop\JRT.exe [2013.04.10 12:07:14 | 000,613,083 | ---- | M] () -- C:\Users\Ciaran\Desktop\adwcleaner.exe [2013.04.10 10:44:15 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2013.04.10 10:42:28 | 000,396,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.04.10 10:22:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.04.10 09:49:01 | 005,050,680 | R--- | M] (Swearware) -- C:\Users\Ciaran\Desktop\ComboFix.exe [2013.04.09 20:45:36 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ciaran\Desktop\tdsskiller.exe [2013.04.09 20:43:01 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Ciaran\Desktop\aswMBR.exe [2013.04.06 14:23:10 | 000,632,502 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.06 14:23:10 | 000,599,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.06 14:23:10 | 000,127,714 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.06 14:23:10 | 000,105,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.04.02 10:38:13 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.29 21:56:04 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.29 13:45:03 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2013.03.29 13:45:03 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2013.03.29 13:45:03 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2013.03.29 00:26:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ciaran\Desktop\OTL.exe [2013.03.29 00:00:33 | 000,377,856 | ---- | M] () -- C:\Users\Ciaran\Desktop\gmer_2.1.19155.exe [2013.03.28 23:46:50 | 000,000,020 | ---- | M] () -- C:\Users\Ciaran\defogger_reenable [2013.03.27 18:33:08 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.24 22:44:19 | 000,002,080 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.19 21:47:47 | 335,949,404 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.03.19 11:34:04 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.03.19 11:34:03 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll [2013.03.19 11:34:03 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.03.19 11:34:03 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.03.19 11:34:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.03.19 11:34:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.03.19 11:28:13 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.03.19 11:28:13 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.03.12 01:10:56 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.03.11 15:25:50 | 003,603,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.03.11 15:25:50 | 003,551,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe ========== Files Created - No Company Name ========== [2013.04.10 12:07:13 | 000,613,083 | ---- | C] () -- C:\Users\Ciaran\Desktop\adwcleaner.exe [2013.04.10 10:10:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.04.10 10:10:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.04.10 10:10:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.04.10 10:10:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.04.10 10:10:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.03.29 00:00:31 | 000,377,856 | ---- | C] () -- C:\Users\Ciaran\Desktop\gmer_2.1.19155.exe [2013.03.28 23:46:31 | 000,000,020 | ---- | C] () -- C:\Users\Ciaran\defogger_reenable [2013.03.27 18:33:08 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.24 22:44:19 | 000,002,080 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.19 21:47:47 | 335,949,404 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.11.06 14:42:41 | 000,093,338 | ---- | C] () -- C:\Users\Ciaran\image201211060002.jpg [2011.09.22 14:11:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011.01.28 18:15:01 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.04.29 20:23:58 | 000,001,356 | ---- | C] () -- C:\Users\Ciaran\AppData\Local\d3d9caps.dat [2009.10.30 18:12:53 | 000,206,336 | ---- | C] () -- C:\Users\Ciaran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.07 18:51:38 | 001,048,576 | RH-- | C] () -- \K50AB.BIN [2009.04.27 04:26:42 | 000,000,014 | ---- | C] () -- \K40AB_K50AB_VISTA.10 [2009.04.23 04:10:21 | 001,048,576 | RH-- | C] () -- \K40AB.BIN [2009.03.04 09:47:39 | 000,000,012 | ---- | C] () -- \RECOVERY.DAT [2008.04.16 13:27:17 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008.04.16 13:27:14 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2012.11.10 00:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/code] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.04.2013 12:48:09 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ciaran\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,48% Memory free
6,20 Gb Paging File | 5,08 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 58,23 Gb Free Space | 39,07% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 137,26 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Computer Name: CIARAN-PC | User Name: Ciaran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2891030391-3306484332-1369553764-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{066CC7D3-9989-4048-8200-9FB4B448C366}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{092327B9-4AF6-4208-9433-81E9A0142FFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E2D0FA0-C669-4C35-BEE8-1C89F7F2AF84}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{14F2C201-16E1-4F26-8AF6-A89B71CD8555}" = lport=139 | protocol=6 | dir=in | app=system |
"{2B30542B-E5A3-4A04-B2D9-80CAD936BAFF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4C910879-A740-4526-9550-4AAC2F805B5F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{57C20144-351F-4A86-997C-C278247838AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{57E4FF1F-DB5C-46F4-AC6F-CC7C8887D1D8}" = rport=139 | protocol=6 | dir=out | app=system |
"{69F257A0-EFE7-4C4C-BD7F-8D81A9D49CF5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E20C36A-C08D-4F91-830A-6F9B961FAA70}" = rport=445 | protocol=6 | dir=out | app=system |
"{77FAD8C8-F16B-4E3B-9943-F17D65B80086}" = rport=138 | protocol=17 | dir=out | app=system |
"{80448A4F-6330-4C2E-AC85-3332569735AF}" = lport=137 | protocol=17 | dir=in | app=system |
"{808F0564-A39E-4FB3-B96B-CC05B7AF2648}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{869AA81C-1E6B-4B46-9A88-9BB80999D30A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C713E3E-0E9F-48AA-945E-9AA7B23A3DA0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B030B835-D8E7-4A48-B11B-CB0EB0930FD8}" = rport=137 | protocol=17 | dir=out | app=system |
"{BFE41885-9D86-47A6-8770-D3E655E284F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C7A4C67B-621E-4B56-8551-16875026F89E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF7D6523-8468-4925-A45C-3D339CFD70EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0628A5C-3A0B-452C-A63A-ADCC55E641A0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F4536782-E193-4A68-9521-7D1F4454962A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013465FC-B6E7-4EDF-B51E-34D007986FF4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0BF4D5D8-4EAB-44A6-95EE-62C98A157B02}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{1101E55F-B19C-40DA-A306-02AD3D23CBD1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14B43885-672A-45ED-8272-1A09C09505F0}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{15A3F4DC-678A-44E4-BE92-D1A43DF859F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C08B71E-B92D-4267-AFFA-6B9CA589B731}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DB94DF7-C3EA-4209-8244-76EC060EC333}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2498F7F4-3C3E-42C3-A5F6-9D237BA6B73C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D01CF99-8E9E-43C9-A182-D39FE64EE29D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F9E7732-B23E-4F15-AA44-0275F86BFDBD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3446709B-3E0D-4F9F-959F-41313DCE3918}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{3737E934-83CE-4018-8C98-1FBC01B5ADD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3871B283-4518-4C38-8CEE-5643017FA897}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{3CEA9948-654B-4C96-AFAB-1853F743A4B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E7DCD4B-8127-46F4-AE7F-7DA37E5F102A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{46199A49-1BD0-4B79-A106-B4D7B635D57C}" = protocol=17 | dir=in | app=c:\program files\samsung new pc studio\npsasvr.exe |
"{474B94F1-EEDE-4D03-A512-27EECBCD7DD2}" = protocol=17 | dir=in | app=c:\program files\samsung new pc studio\npsvsvr.exe |
"{640BA70B-1427-449D-951C-8A934B08D899}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{649F7FDA-61F2-4061-9991-8B239152F29A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6606B620-B17F-454D-80CA-71146F24255F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66A62501-10C8-4DF7-90AC-F8500D3D6991}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{683CE5E4-7E91-42E6-9BE2-C46461927FC5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A2E09A9-D6D1-4D75-BC38-ABC583F14293}" = protocol=6 | dir=in | app=c:\program files\samsung new pc studio\npsvsvr.exe |
"{6B65A2A1-0896-484E-91CB-E4DDC2A97226}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E16466A-6FFD-4190-95D9-29DA518E7DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{730A0AFB-CD57-44A6-BA30-411C79CBA4B5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74EEE04A-5204-4441-A81E-0EF6071FDB1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78561487-8B08-43B5-9682-B7DC045C3038}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FA0AE4D-AC2B-411F-AD79-D4F41DF0815C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{827140EB-E242-4EAB-BD47-85094C2116F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85BFD068-3303-41B1-ABCC-13AEFFA7F540}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{866784AB-995B-4F22-A3CB-B8B6FB7871EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89AEA788-0AA3-494B-B3D8-5607F46E617F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A678385-7224-46CF-ACFF-AEA3A0A6F734}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E2A3F8B-4124-43B7-A616-F6F46ABBFCD6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8E65CFC4-9788-4ED0-8DF2-04C357299D46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{934C2A29-00E7-4FFE-BA41-A83381D392BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95EEF184-57B5-4A5E-896A-736E9E22B11B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{98A3824F-6726-45F5-857B-2FD35545D263}" = protocol=6 | dir=in | app=c:\program files\samsung new pc studio\npsasvr.exe |
"{9A37F96C-F7AC-4185-8EEB-6621E6DCC589}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9BBB385D-CF79-42C5-AF7B-E46878993684}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA4E9561-125E-4C8E-AD4F-6D8063119A33}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C3FA4D4B-C194-441A-90A0-AC6B4DBDB2A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4DECFFD-8AF8-459C-92B3-526E662D81AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C539B2D0-9944-4469-B12B-1E2F2E46208B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFB417E9-71AF-4763-9152-9903020FA7A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8540353-E265-490F-9A7F-200A8E77ACFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEFD38C5-929A-43F2-B848-4752A0035464}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA6572FC-D81F-47EB-8CD1-C01E05A464D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F059DD0D-965B-4B31-BBC9-01AD2A54049A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F54EB867-44AB-4E7E-A80F-0EF970A50ABA}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"TCP Query User{26F34563-FE4F-4A12-A743-178731997886}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{54B689B1-4735-448D-890B-3F67B251FA5F}C:\program files\spssinc\statistics17\statistics.exe" = protocol=6 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe |
"TCP Query User{84BD0A34-645F-4A45-8EA8-83D46A2B437E}C:\program files\vlc player\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc player\vlc\vlc.exe |
"TCP Query User{91B6F119-1AAC-4EE8-BE97-CB06ED9F4E7D}C:\users\ciaran\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\ciaran\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{A7E39133-CCB6-4A61-946D-8477D3755280}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{0284DF1D-BC53-4B30-A907-37EA8B95C844}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{23B30D88-BB43-4D99-88FF-CDA0D58E2EB1}C:\program files\spssinc\statistics17\statistics.exe" = protocol=17 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe |
"UDP Query User{6B719CE3-C13F-4CDC-8E90-E4837771A8F2}C:\program files\vlc player\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc player\vlc\vlc.exe |
"UDP Query User{77DEF1D7-AD49-4ECC-AD8F-37D4FF41F8CD}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{D5989CAD-9FB3-4AF7-AC0B-98E97CCA7D9F}C:\users\ciaran\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\ciaran\temp\teamviewer\version4\teamviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{17B2670B-DB33-4F5E-9273-0E5CDF39DA5F}" = Windows Phone Intro Video (DEU)
"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation
"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian
"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Steuer 2010
"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean
"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista
"{B82157D3-6D31-4650-93B4-FC39BB08D6CE}" = AAVUpdateManager
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility
"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek
"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish
"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8C04BEB-2F74-4321-AF24-83B70953005A}" = TubeBox
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish
"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.027
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2C7A130-9C68-41C4-A8E7-985DFFBD01DF}" = BILD-Steuer 2011
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7DB6677-661D-4835-AAD8-1B7F4C98D7CE}" = Switcher 2.0.0
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSW" = BrettspielWelt
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zune" = Zune
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.04.2013 06:26:26 | Computer Name = Ciaran-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 10.04.2013 06:26:27 | Computer Name = Ciaran-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 10.04.2013 06:28:41 | Computer Name = Ciaran-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
[/code] |
|
10.04.2013, 12:25
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2013, 19:17
| #15 |
| | TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne Hallo! Habe den Quikscan mit Malwarebytes ausgeführt. Keine Probleme, Log-Datei füge ich hier an. Den ESET-Scanner habe ich auch laufen lassen. Ist auch erfolgreich durchgelaufen. Allerdings kann ich keine Log-Datei finden. In dem Programme ESET-Ordner ist keine, ich habe den Computer durchsuchen lassen, nichts gefunden. :-( Ich habe, eher zufällig, den einen angezeigten Fund bei ESET in eine Textdatei kopiert. Vielleicht hilft das ja? Wenn nicht, dann mache ich den Scan natürlich noch mal. Danke und beste Grüße, Ciarán ESET-Anzeige: C:\Users\Ciaran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1268506a-4af0c71e multiple threats Malewarebytes Quickscan: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.13.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Ciaran :: CIARAN-PC [Administrator] 14.04.2013 13:13:53 mbam-log-2013-04-14 (13-13-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 216654 Laufzeit: 8 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
| Themen zu TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne |
| antimalware, ask-toolbar, avira, dateien, e-banking, explorer, falsch, falsche, festgestellt, firefox, forum, free, google, internet, internet explorer, malwarebytes, mozilla, phishing-mail, probleme, programm, programme, rückgängig, scan, seite, suche, trojaner, vista, windows |
Linear-Darstellung
