| |
| |||||||
Log-Analyse und Auswertung: appround.net Virus 2Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.04.2013, 07:23
| #16 |
 |  appround.net Virus 2 Ich glaube, ich habe an dir vorbeigeredet und möchte sagen sorry. Mode: Manual steht ja immernoch da, aber mit etwas dahinter. Ich dachte "Mode: Manual" wäre das eigentliche Problem und das ich das nicht wegkriege. Scans wie diesen habe ich jetzt so an die 10 auf meinem Rechner  Wollte verdeutlichen, dass ich das Manual auch nicht wegkriege, wenn ich an den Parametern nichts tue, aber das was dahinter steht ist wohl entscheidend. Wie gesagt, entschuldige mein Spacko Hin- und Her. Viele Grüße. Code:
ATTFilter 08:12:47.0723 6088 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:12:47.0973 6088 ============================================================
08:12:47.0973 6088 Current date / time: 2013/04/23 08:12:47.0973
08:12:47.0973 6088 SystemInfo:
08:12:47.0973 6088
08:12:47.0973 6088 OS Version: 6.1.7601 ServicePack: 1.0
08:12:47.0973 6088 Product type: Workstation
08:12:47.0973 6088 ComputerName: LAPTOP
08:12:47.0973 6088 UserName: Wazkov
08:12:47.0973 6088 Windows directory: C:\Windows
08:12:47.0973 6088 System windows directory: C:\Windows
08:12:47.0973 6088 Running under WOW64
08:12:47.0973 6088 Processor architecture: Intel x64
08:12:47.0973 6088 Number of processors: 2
08:12:47.0973 6088 Page size: 0x1000
08:12:47.0973 6088 Boot type: Normal boot
08:12:47.0973 6088 ============================================================
08:12:48.0987 6088 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:12:49.0003 6088 ============================================================
08:12:49.0003 6088 \Device\Harddisk0\DR0:
08:12:49.0003 6088 MBR partitions:
08:12:49.0003 6088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
08:12:49.0003 6088 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x23A97AB0
08:12:49.0003 6088 ============================================================
08:12:49.0034 6088 C: <-> \Device\Harddisk0\DR0\Partition2
08:12:49.0034 6088 ============================================================
08:12:49.0034 6088 Initialize success
08:12:49.0034 6088 ============================================================
08:12:53.0932 3560 ============================================================
08:12:53.0932 3560 Scan started
08:12:53.0932 3560 Mode: Manual; SigCheck; TDLFS;
08:12:53.0932 3560 ============================================================
08:12:54.0712 3560 ================ Scan system memory ========================
08:12:54.0712 3560 System memory - ok
08:12:54.0712 3560 ================ Scan services =============================
08:12:54.0946 3560 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:12:55.0040 3560 1394ohci - ok
08:12:55.0087 3560 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:12:55.0102 3560 ACPI - ok
08:12:55.0133 3560 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:12:55.0149 3560 AcpiPmi - ok
08:12:55.0336 3560 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:12:55.0367 3560 AdobeFlashPlayerUpdateSvc - ok
08:12:55.0414 3560 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:12:55.0445 3560 adp94xx - ok
08:12:55.0508 3560 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:12:55.0539 3560 adpahci - ok
08:12:55.0539 3560 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:12:55.0570 3560 adpu320 - ok
08:12:55.0586 3560 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:12:55.0633 3560 AeLookupSvc - ok
08:12:55.0679 3560 [ 0F0BE586C0081BF740B65FB51D8DF0A5 ] AF9035BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
08:12:55.0695 3560 AF9035BDA - ok
08:12:55.0789 3560 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:12:55.0820 3560 AFD - ok
08:12:55.0882 3560 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:12:55.0913 3560 agp440 - ok
08:12:55.0945 3560 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:12:55.0960 3560 ALG - ok
08:12:56.0023 3560 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:12:56.0054 3560 aliide - ok
08:12:56.0101 3560 [ 53E74B13EEF0E3ED256F4B8028F91274 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:12:56.0116 3560 AMD External Events Utility - ok
08:12:56.0179 3560 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:12:56.0194 3560 amdide - ok
08:12:56.0225 3560 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:12:56.0241 3560 AmdK8 - ok
08:12:56.0397 3560 [ 09A3D41550116E898C4C6F2B941E6D07 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
08:12:56.0491 3560 amdkmdag - ok
08:12:56.0537 3560 [ 5E9D3213040458690EBB61C37EC685BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:12:56.0569 3560 amdkmdap - ok
08:12:56.0600 3560 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:12:56.0615 3560 AmdPPM - ok
08:12:56.0678 3560 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:12:56.0709 3560 amdsata - ok
08:12:56.0725 3560 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:12:56.0740 3560 amdsbs - ok
08:12:56.0756 3560 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:12:56.0771 3560 amdxata - ok
08:12:56.0849 3560 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:12:56.0943 3560 AppID - ok
08:12:56.0974 3560 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:12:57.0005 3560 AppIDSvc - ok
08:12:57.0068 3560 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:12:57.0099 3560 Appinfo - ok
08:12:57.0271 3560 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:12:57.0302 3560 Apple Mobile Device - ok
08:12:57.0349 3560 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:12:57.0395 3560 AppMgmt - ok
08:12:57.0442 3560 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:12:57.0458 3560 arc - ok
08:12:57.0473 3560 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:12:57.0489 3560 arcsas - ok
08:12:57.0598 3560 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:12:57.0614 3560 aspnet_state - ok
08:12:57.0645 3560 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
08:12:57.0661 3560 aswFsBlk - ok
08:12:57.0692 3560 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
08:12:57.0707 3560 aswMonFlt - ok
08:12:57.0754 3560 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
08:12:57.0801 3560 aswRdr - ok
08:12:57.0879 3560 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
08:12:57.0910 3560 aswRvrt - ok
08:12:58.0019 3560 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
08:12:58.0082 3560 aswSnx - ok
08:12:58.0097 3560 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
08:12:58.0113 3560 aswSP - ok
08:12:58.0129 3560 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
08:12:58.0144 3560 aswTdi - ok
08:12:58.0176 3560 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
08:12:58.0191 3560 aswVmm - ok
08:12:58.0222 3560 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:12:58.0254 3560 AsyncMac - ok
08:12:58.0300 3560 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:12:58.0332 3560 atapi - ok
08:12:58.0425 3560 [ 08BAAA2432E81031A6C3B11AD5A67E2B ] athr C:\Windows\system32\DRIVERS\athrx.sys
08:12:58.0472 3560 athr - ok
08:12:58.0519 3560 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
08:12:58.0566 3560 AtiHdmiService - ok
08:12:58.0597 3560 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
08:12:58.0612 3560 AtiPcie - ok
08:12:58.0690 3560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:12:58.0737 3560 AudioEndpointBuilder - ok
08:12:58.0753 3560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:12:58.0800 3560 AudioSrv - ok
08:12:58.0893 3560 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
08:12:58.0909 3560 avast! Antivirus - ok
08:12:58.0971 3560 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:12:59.0002 3560 AxInstSV - ok
08:12:59.0049 3560 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:12:59.0065 3560 b06bdrv - ok
08:12:59.0112 3560 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:12:59.0143 3560 b57nd60a - ok
08:12:59.0205 3560 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:12:59.0236 3560 BCM43XX - ok
08:12:59.0252 3560 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:12:59.0268 3560 BDESVC - ok
08:12:59.0299 3560 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:12:59.0346 3560 Beep - ok
08:12:59.0424 3560 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:12:59.0486 3560 BFE - ok
08:12:59.0626 3560 [ 633CD23C2EFAD807AC8B54978A56CFDA ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
08:12:59.0658 3560 BingDesktopUpdate - ok
08:12:59.0720 3560 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:12:59.0814 3560 BITS - ok
08:12:59.0829 3560 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:12:59.0845 3560 blbdrive - ok
08:12:59.0938 3560 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:12:59.0985 3560 Bonjour Service - ok
08:13:00.0032 3560 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:13:00.0048 3560 bowser - ok
08:13:00.0079 3560 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:13:00.0094 3560 BrFiltLo - ok
08:13:00.0110 3560 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:13:00.0126 3560 BrFiltUp - ok
08:13:00.0188 3560 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:13:00.0235 3560 Browser - ok
08:13:00.0250 3560 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:13:00.0266 3560 Brserid - ok
08:13:00.0282 3560 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:13:00.0313 3560 BrSerWdm - ok
08:13:00.0328 3560 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:13:00.0344 3560 BrUsbMdm - ok
08:13:00.0344 3560 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:13:00.0360 3560 BrUsbSer - ok
08:13:00.0375 3560 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:13:00.0406 3560 BTHMODEM - ok
08:13:00.0422 3560 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:13:00.0469 3560 bthserv - ok
08:13:00.0500 3560 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:13:00.0531 3560 cdfs - ok
08:13:00.0594 3560 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:13:00.0640 3560 cdrom - ok
08:13:00.0703 3560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:13:00.0765 3560 CertPropSvc - ok
08:13:00.0765 3560 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:13:00.0796 3560 circlass - ok
08:13:00.0828 3560 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:13:00.0843 3560 CLFS - ok
08:13:00.0906 3560 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:13:00.0937 3560 clr_optimization_v2.0.50727_32 - ok
08:13:00.0968 3560 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:13:00.0984 3560 clr_optimization_v2.0.50727_64 - ok
08:13:01.0062 3560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:13:01.0093 3560 clr_optimization_v4.0.30319_32 - ok
08:13:01.0108 3560 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:13:01.0124 3560 clr_optimization_v4.0.30319_64 - ok
08:13:01.0155 3560 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:13:01.0171 3560 CmBatt - ok
08:13:01.0202 3560 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:13:01.0218 3560 cmdide - ok
08:13:01.0264 3560 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
08:13:01.0296 3560 CNG - ok
08:13:01.0342 3560 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:13:01.0374 3560 Compbatt - ok
08:13:01.0436 3560 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:13:01.0452 3560 CompositeBus - ok
08:13:01.0467 3560 COMSysApp - ok
08:13:01.0483 3560 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:13:01.0498 3560 crcdisk - ok
08:13:01.0561 3560 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:13:01.0608 3560 CryptSvc - ok
08:13:01.0686 3560 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:13:01.0701 3560 CSC - ok
08:13:01.0795 3560 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:13:01.0826 3560 CscService - ok
08:13:01.0904 3560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:13:01.0966 3560 DcomLaunch - ok
08:13:01.0998 3560 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:13:02.0029 3560 defragsvc - ok
08:13:02.0091 3560 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:13:02.0169 3560 DfsC - ok
08:13:02.0232 3560 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:13:02.0263 3560 Dhcp - ok
08:13:02.0294 3560 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:13:02.0341 3560 discache - ok
08:13:02.0450 3560 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:13:02.0481 3560 Disk - ok
08:13:02.0528 3560 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:13:02.0544 3560 Dnscache - ok
08:13:02.0622 3560 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:13:02.0684 3560 dot3svc - ok
08:13:02.0715 3560 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:13:02.0746 3560 DPS - ok
08:13:02.0793 3560 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:13:02.0809 3560 drmkaud - ok
08:13:02.0871 3560 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
08:13:02.0902 3560 DsiWMIService - ok
08:13:02.0980 3560 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:13:03.0012 3560 DXGKrnl - ok
08:13:03.0058 3560 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:13:03.0090 3560 EapHost - ok
08:13:03.0199 3560 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:13:03.0246 3560 ebdrv - ok
08:13:03.0292 3560 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:13:03.0324 3560 EFS - ok
08:13:03.0370 3560 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:13:03.0402 3560 ehRecvr - ok
08:13:03.0417 3560 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:13:03.0448 3560 ehSched - ok
08:13:03.0480 3560 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:13:03.0511 3560 elxstor - ok
08:13:03.0589 3560 [ 49EEF52BFB986A2B5D70F4EC12637D7B ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
08:13:03.0620 3560 ePowerSvc - ok
08:13:03.0682 3560 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:13:03.0729 3560 ErrDev - ok
08:13:03.0807 3560 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:13:03.0854 3560 EventSystem - ok
08:13:03.0963 3560 [ 23B79B19F49A037EBA4A9A3BB03ED91D ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
08:13:03.0979 3560 ewusbnet - ok
08:13:04.0010 3560 [ E2CBB821C7CAE0EF8B56DE28ED85C740 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
08:13:04.0026 3560 ew_hwusbdev - ok
08:13:04.0041 3560 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:13:04.0072 3560 exfat - ok
08:13:04.0104 3560 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:13:04.0135 3560 fastfat - ok
08:13:04.0197 3560 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:13:04.0228 3560 Fax - ok
08:13:04.0244 3560 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:13:04.0260 3560 fdc - ok
08:13:04.0306 3560 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:13:04.0353 3560 fdPHost - ok
08:13:04.0369 3560 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:13:04.0400 3560 FDResPub - ok
08:13:04.0447 3560 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:13:04.0462 3560 FileInfo - ok
08:13:04.0509 3560 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:13:04.0540 3560 Filetrace - ok
08:13:04.0618 3560 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:13:04.0650 3560 FLEXnet Licensing Service - ok
08:13:04.0665 3560 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:13:04.0681 3560 flpydisk - ok
08:13:04.0759 3560 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:13:04.0790 3560 FltMgr - ok
08:13:04.0946 3560 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
08:13:04.0977 3560 FontCache - ok
08:13:05.0040 3560 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:13:05.0055 3560 FontCache3.0.0.0 - ok
08:13:05.0071 3560 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:13:05.0086 3560 FsDepends - ok
08:13:05.0133 3560 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:13:05.0149 3560 Fs_Rec - ok
08:13:05.0212 3560 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:13:05.0228 3560 fvevol - ok
08:13:05.0275 3560 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:13:05.0290 3560 gagp30kx - ok
08:13:05.0431 3560 [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
08:13:05.0446 3560 GameConsoleService - ok
08:13:05.0509 3560 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:13:05.0509 3560 GEARAspiWDM - ok
08:13:05.0649 3560 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:13:05.0727 3560 gpsvc - ok
08:13:05.0836 3560 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
08:13:05.0867 3560 Greg_Service - ok
08:13:06.0039 3560 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:13:06.0055 3560 gupdate - ok
08:13:06.0055 3560 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:13:06.0070 3560 gupdatem - ok
08:13:06.0101 3560 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:13:06.0117 3560 hcw85cir - ok
08:13:06.0164 3560 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:13:06.0196 3560 HdAudAddService - ok
08:13:06.0212 3560 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:13:06.0243 3560 HDAudBus - ok
08:13:06.0243 3560 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:13:06.0258 3560 HidBatt - ok
08:13:06.0274 3560 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:13:06.0290 3560 HidBth - ok
08:13:06.0321 3560 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:13:06.0383 3560 HidIr - ok
08:13:06.0414 3560 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:13:06.0446 3560 hidserv - ok
08:13:06.0539 3560 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:13:06.0586 3560 HidUsb - ok
08:13:06.0633 3560 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:13:06.0680 3560 hkmsvc - ok
08:13:06.0773 3560 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:13:06.0789 3560 HomeGroupListener - ok
08:13:06.0836 3560 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:13:06.0867 3560 HomeGroupProvider - ok
08:13:06.0882 3560 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:13:06.0898 3560 HpSAMD - ok
08:13:07.0023 3560 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:13:07.0070 3560 HTTP - ok
08:13:07.0101 3560 [ 08B1A06A55F068A17A51BA26618CF50F ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
08:13:07.0132 3560 huawei_enumerator - ok
08:13:07.0148 3560 [ 6E5CD3984742A922D0C183C7E82C3C94 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
08:13:07.0179 3560 hwdatacard - ok
08:13:07.0226 3560 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:13:07.0257 3560 hwpolicy - ok
08:13:07.0319 3560 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:13:07.0350 3560 i8042prt - ok
08:13:07.0413 3560 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:13:07.0428 3560 iaStorV - ok
08:13:07.0538 3560 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:13:07.0569 3560 idsvc - ok
08:13:07.0803 3560 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:13:07.0881 3560 igfx - ok
08:13:07.0928 3560 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:13:07.0943 3560 iirsp - ok
08:13:07.0990 3560 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:13:08.0068 3560 IKEEXT - ok
08:13:08.0162 3560 [ 3EDD3CE185DA3E6AAEC22ADCFD7B1D54 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:13:08.0224 3560 IntcAzAudAddService - ok
08:13:08.0240 3560 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:13:08.0271 3560 intelide - ok
08:13:08.0302 3560 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:13:08.0318 3560 intelppm - ok
08:13:08.0364 3560 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:13:08.0396 3560 IPBusEnum - ok
08:13:08.0474 3560 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:13:08.0505 3560 IpFilterDriver - ok
08:13:08.0598 3560 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:13:08.0630 3560 iphlpsvc - ok
08:13:08.0708 3560 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:13:08.0723 3560 IPMIDRV - ok
08:13:08.0754 3560 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:13:08.0801 3560 IPNAT - ok
08:13:08.0879 3560 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:13:08.0910 3560 iPod Service - ok
08:13:08.0926 3560 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:13:08.0957 3560 IRENUM - ok
08:13:09.0004 3560 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:13:09.0020 3560 isapnp - ok
08:13:09.0051 3560 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:13:09.0082 3560 iScsiPrt - ok
08:13:09.0129 3560 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
08:13:09.0144 3560 k57nd60a - ok
08:13:09.0191 3560 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:13:09.0222 3560 kbdclass - ok
08:13:09.0285 3560 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:13:09.0300 3560 kbdhid - ok
08:13:09.0332 3560 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:13:09.0347 3560 KeyIso - ok
08:13:09.0378 3560 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:13:09.0394 3560 KSecDD - ok
08:13:09.0456 3560 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:13:09.0472 3560 KSecPkg - ok
08:13:09.0503 3560 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:13:09.0550 3560 ksthunk - ok
08:13:09.0566 3560 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:13:09.0628 3560 KtmRm - ok
08:13:09.0644 3560 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
08:13:09.0659 3560 L1E - ok
08:13:09.0722 3560 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:13:09.0768 3560 LanmanServer - ok
08:13:09.0815 3560 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:13:09.0862 3560 LanmanWorkstation - ok
08:13:09.0878 3560 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:13:09.0924 3560 lltdio - ok
08:13:09.0956 3560 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:13:10.0002 3560 lltdsvc - ok
08:13:10.0049 3560 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:13:10.0096 3560 lmhosts - ok
08:13:10.0127 3560 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:13:10.0143 3560 LSI_FC - ok
08:13:10.0143 3560 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:13:10.0158 3560 LSI_SAS - ok
08:13:10.0174 3560 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:13:10.0190 3560 LSI_SAS2 - ok
08:13:10.0205 3560 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:13:10.0221 3560 LSI_SCSI - ok
08:13:10.0252 3560 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:13:10.0299 3560 luafv - ok
08:13:10.0346 3560 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:13:10.0377 3560 Mcx2Svc - ok
08:13:10.0392 3560 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:13:10.0408 3560 megasas - ok
08:13:10.0424 3560 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:13:10.0455 3560 MegaSR - ok
08:13:10.0533 3560 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:13:10.0548 3560 Microsoft Office Groove Audit Service - ok
08:13:10.0580 3560 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:13:10.0626 3560 MMCSS - ok
08:13:10.0658 3560 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:13:10.0689 3560 Modem - ok
08:13:10.0720 3560 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:13:10.0736 3560 monitor - ok
08:13:10.0767 3560 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:13:10.0782 3560 mouclass - ok
08:13:10.0814 3560 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:13:10.0829 3560 mouhid - ok
08:13:10.0876 3560 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:13:10.0892 3560 mountmgr - ok
08:13:10.0970 3560 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:13:10.0985 3560 MozillaMaintenance - ok
08:13:11.0001 3560 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:13:11.0032 3560 mpio - ok
08:13:11.0048 3560 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:13:11.0094 3560 mpsdrv - ok
08:13:11.0157 3560 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:13:11.0204 3560 MpsSvc - ok
08:13:11.0266 3560 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:13:11.0282 3560 MRxDAV - ok
08:13:11.0328 3560 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:13:11.0344 3560 mrxsmb - ok
08:13:11.0391 3560 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:13:11.0406 3560 mrxsmb10 - ok
08:13:11.0422 3560 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:13:11.0438 3560 mrxsmb20 - ok
08:13:11.0484 3560 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:13:11.0500 3560 msahci - ok
08:13:11.0547 3560 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:13:11.0562 3560 msdsm - ok
08:13:11.0578 3560 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:13:11.0594 3560 MSDTC - ok
08:13:11.0625 3560 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:13:11.0672 3560 Msfs - ok
08:13:11.0687 3560 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:13:11.0718 3560 mshidkmdf - ok
08:13:11.0734 3560 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:13:11.0750 3560 msisadrv - ok
08:13:11.0765 3560 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:13:11.0812 3560 MSiSCSI - ok
08:13:11.0812 3560 msiserver - ok
08:13:11.0843 3560 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:13:11.0874 3560 MSKSSRV - ok
08:13:11.0890 3560 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:13:11.0921 3560 MSPCLOCK - ok
08:13:11.0937 3560 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:13:11.0984 3560 MSPQM - ok
08:13:12.0030 3560 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:13:12.0062 3560 MsRPC - ok
08:13:12.0108 3560 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:13:12.0124 3560 mssmbios - ok
08:13:12.0140 3560 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:13:12.0171 3560 MSTEE - ok
08:13:12.0186 3560 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:13:12.0202 3560 MTConfig - ok
08:13:12.0218 3560 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:13:12.0233 3560 Mup - ok
08:13:12.0280 3560 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:13:12.0327 3560 napagent - ok
08:13:12.0374 3560 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:13:12.0389 3560 NativeWifiP - ok
08:13:12.0452 3560 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:13:12.0483 3560 NDIS - ok
08:13:12.0514 3560 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:13:12.0561 3560 NdisCap - ok
08:13:12.0576 3560 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:13:12.0623 3560 NdisTapi - ok
08:13:12.0670 3560 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:13:12.0717 3560 Ndisuio - ok
08:13:12.0764 3560 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:13:12.0810 3560 NdisWan - ok
08:13:12.0857 3560 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:13:12.0888 3560 NDProxy - ok
08:13:12.0935 3560 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:13:12.0935 3560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:13:12.0935 3560 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:13:12.0966 3560 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:13:13.0013 3560 NetBIOS - ok
08:13:13.0060 3560 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:13:13.0107 3560 NetBT - ok
08:13:13.0107 3560 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:13:13.0138 3560 Netlogon - ok
08:13:13.0154 3560 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:13:13.0216 3560 Netman - ok
08:13:13.0263 3560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:13:13.0278 3560 NetMsmqActivator - ok
08:13:13.0278 3560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:13:13.0294 3560 NetPipeActivator - ok
08:13:13.0356 3560 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:13:13.0403 3560 netprofm - ok
08:13:13.0419 3560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:13:13.0434 3560 NetTcpActivator - ok
08:13:13.0434 3560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:13:13.0450 3560 NetTcpPortSharing - ok
08:13:13.0497 3560 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:13:13.0512 3560 nfrd960 - ok
08:13:13.0575 3560 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:13:13.0606 3560 NlaSvc - ok
08:13:13.0637 3560 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
08:13:13.0653 3560 NMSAccess - ok
08:13:13.0684 3560 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:13:13.0731 3560 Npfs - ok
08:13:13.0746 3560 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:13:13.0809 3560 nsi - ok
08:13:13.0824 3560 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:13:13.0856 3560 nsiproxy - ok
08:13:13.0934 3560 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:13:13.0980 3560 Ntfs - ok
08:13:14.0043 3560 [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
08:13:14.0043 3560 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning
08:13:14.0043 3560 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)
08:13:14.0074 3560 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
08:13:14.0090 3560 NTIDrvr - ok
08:13:14.0121 3560 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:13:14.0168 3560 Null - ok
08:13:14.0199 3560 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:13:14.0214 3560 nvraid - ok
08:13:14.0230 3560 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:13:14.0246 3560 nvstor - ok
08:13:14.0261 3560 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:13:14.0277 3560 nv_agp - ok
08:13:14.0355 3560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:13:14.0370 3560 odserv - ok
08:13:14.0417 3560 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:13:14.0433 3560 ohci1394 - ok
08:13:14.0526 3560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:13:14.0542 3560 ose - ok
08:13:14.0589 3560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:13:14.0604 3560 p2pimsvc - ok
08:13:14.0636 3560 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:13:14.0651 3560 p2psvc - ok
08:13:14.0698 3560 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:13:14.0714 3560 Parport - ok
08:13:14.0760 3560 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:13:14.0776 3560 partmgr - ok
08:13:14.0807 3560 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:13:14.0823 3560 PcaSvc - ok
08:13:14.0870 3560 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:13:14.0885 3560 pci - ok
08:13:14.0901 3560 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:13:14.0916 3560 pciide - ok
08:13:14.0963 3560 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:13:14.0979 3560 pcmcia - ok
08:13:14.0994 3560 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:13:15.0010 3560 pcw - ok
08:13:15.0041 3560 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:13:15.0088 3560 PEAUTH - ok
08:13:15.0150 3560 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:13:15.0182 3560 PeerDistSvc - ok
08:13:15.0260 3560 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:13:15.0275 3560 PerfHost - ok
08:13:15.0354 3560 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:13:15.0417 3560 pla - ok
08:13:15.0463 3560 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:13:15.0495 3560 PlugPlay - ok
08:13:15.0526 3560 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:13:15.0526 3560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:13:15.0526 3560 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:13:15.0541 3560 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:13:15.0557 3560 PNRPAutoReg - ok
08:13:15.0573 3560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:13:15.0604 3560 PNRPsvc - ok
08:13:15.0651 3560 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:13:15.0697 3560 PolicyAgent - ok
08:13:15.0729 3560 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:13:15.0775 3560 Power - ok
08:13:15.0838 3560 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:13:15.0869 3560 PptpMiniport - ok
08:13:15.0900 3560 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:13:15.0931 3560 Processor - ok
08:13:15.0994 3560 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:13:16.0009 3560 ProfSvc - ok
08:13:16.0025 3560 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:13:16.0041 3560 ProtectedStorage - ok
08:13:16.0087 3560 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:13:16.0119 3560 Psched - ok
08:13:16.0165 3560 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:13:16.0212 3560 ql2300 - ok
08:13:16.0228 3560 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:13:16.0243 3560 ql40xx - ok
08:13:16.0275 3560 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:13:16.0307 3560 QWAVE - ok
08:13:16.0322 3560 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:13:16.0338 3560 QWAVEdrv - ok
08:13:16.0369 3560 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:13:16.0400 3560 RasAcd - ok
08:13:16.0447 3560 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:13:16.0478 3560 RasAgileVpn - ok
08:13:16.0510 3560 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:13:16.0572 3560 RasAuto - ok
08:13:16.0619 3560 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:13:16.0666 3560 Rasl2tp - ok
08:13:16.0712 3560 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:13:16.0759 3560 RasMan - ok
08:13:16.0837 3560 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:13:16.0868 3560 RasPppoe - ok
08:13:16.0900 3560 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:13:16.0946 3560 RasSstp - ok
08:13:16.0993 3560 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:13:17.0040 3560 rdbss - ok
08:13:17.0071 3560 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:13:17.0087 3560 rdpbus - ok
08:13:17.0102 3560 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:13:17.0134 3560 RDPCDD - ok
08:13:17.0196 3560 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:13:17.0212 3560 RDPDR - ok
08:13:17.0227 3560 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:13:17.0258 3560 RDPENCDD - ok
08:13:17.0290 3560 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:13:17.0321 3560 RDPREFMP - ok
08:13:17.0383 3560 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:13:17.0399 3560 RdpVideoMiniport - ok
08:13:17.0461 3560 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:13:17.0492 3560 RDPWD - ok
08:13:17.0555 3560 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:13:17.0570 3560 rdyboost - ok
08:13:17.0617 3560 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:13:17.0648 3560 RemoteAccess - ok
08:13:17.0680 3560 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:13:17.0726 3560 RemoteRegistry - ok
08:13:17.0789 3560 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
08:13:17.0804 3560 RimUsb - ok
08:13:17.0820 3560 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:13:17.0867 3560 RpcEptMapper - ok
08:13:17.0882 3560 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:13:17.0898 3560 RpcLocator - ok
08:13:17.0960 3560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:13:18.0007 3560 RpcSs - ok
08:13:18.0023 3560 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:13:18.0070 3560 rspndr - ok
08:13:18.0085 3560 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:13:18.0101 3560 SamSs - ok
08:13:18.0148 3560 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:13:18.0163 3560 sbp2port - ok
08:13:18.0241 3560 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:13:18.0272 3560 SBSDWSCService - ok
08:13:18.0366 3560 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:13:18.0413 3560 SCardSvr - ok
08:13:18.0444 3560 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:13:18.0491 3560 scfilter - ok
08:13:18.0553 3560 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:13:18.0600 3560 Schedule - ok
08:13:18.0647 3560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:13:18.0694 3560 SCPolicySvc - ok
08:13:18.0740 3560 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:13:18.0756 3560 SDRSVC - ok
08:13:18.0787 3560 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:13:18.0818 3560 secdrv - ok
08:13:18.0881 3560 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:13:18.0912 3560 seclogon - ok
08:13:18.0943 3560 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:13:18.0974 3560 SENS - ok
08:13:19.0006 3560 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:13:19.0021 3560 SensrSvc - ok
08:13:19.0037 3560 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:13:19.0052 3560 Serenum - ok
08:13:19.0084 3560 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:13:19.0099 3560 Serial - ok
08:13:19.0130 3560 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:13:19.0146 3560 sermouse - ok
08:13:19.0208 3560 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:13:19.0255 3560 SessionEnv - ok
08:13:19.0286 3560 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:13:19.0302 3560 sffdisk - ok
08:13:19.0318 3560 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:13:19.0333 3560 sffp_mmc - ok
08:13:19.0349 3560 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:13:19.0364 3560 sffp_sd - ok
08:13:19.0396 3560 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:13:19.0411 3560 sfloppy - ok
08:13:19.0442 3560 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:13:19.0489 3560 SharedAccess - ok
08:13:19.0536 3560 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:13:19.0583 3560 ShellHWDetection - ok
08:13:19.0598 3560 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:13:19.0614 3560 SiSRaid2 - ok
08:13:19.0630 3560 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:13:19.0645 3560 SiSRaid4 - ok
08:13:19.0739 3560 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:13:19.0754 3560 SkypeUpdate - ok
08:13:19.0786 3560 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:13:19.0817 3560 Smb - ok
08:13:19.0848 3560 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:13:19.0864 3560 SNMPTRAP - ok
08:13:19.0879 3560 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:13:19.0895 3560 spldr - ok
08:13:19.0957 3560 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:13:19.0988 3560 Spooler - ok
08:13:20.0082 3560 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:13:20.0176 3560 sppsvc - ok
08:13:20.0207 3560 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:13:20.0254 3560 sppuinotify - ok
08:13:20.0300 3560 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:13:20.0316 3560 srv - ok
08:13:20.0332 3560 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:13:20.0363 3560 srv2 - ok
08:13:20.0378 3560 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:13:20.0394 3560 srvnet - ok
08:13:20.0425 3560 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:13:20.0472 3560 SSDPSRV - ok
08:13:20.0472 3560 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:13:20.0519 3560 SstpSvc - ok
08:13:20.0550 3560 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
08:13:20.0550 3560 StarOpen ( UnsignedFile.Multi.Generic ) - warning
08:13:20.0550 3560 StarOpen - detected UnsignedFile.Multi.Generic (1)
08:13:20.0597 3560 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:13:20.0597 3560 stexstor - ok
08:13:20.0675 3560 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:13:20.0706 3560 stisvc - ok
08:13:20.0737 3560 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
08:13:20.0753 3560 StorSvc - ok
08:13:20.0784 3560 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:13:20.0800 3560 swenum - ok
08:13:20.0846 3560 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:13:20.0893 3560 swprv - ok
08:13:20.0940 3560 [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:13:20.0956 3560 SynTP - ok
08:13:21.0034 3560 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:13:21.0080 3560 SysMain - ok
08:13:21.0127 3560 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:13:21.0143 3560 TabletInputService - ok
08:13:21.0174 3560 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:13:21.0205 3560 TapiSrv - ok
08:13:21.0236 3560 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:13:21.0283 3560 TBS - ok
08:13:21.0361 3560 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:13:21.0408 3560 Tcpip - ok
08:13:21.0470 3560 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:13:21.0502 3560 TCPIP6 - ok
08:13:21.0564 3560 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:13:21.0580 3560 tcpipreg - ok
08:13:21.0611 3560 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:13:21.0626 3560 TDPIPE - ok
08:13:21.0673 3560 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:13:21.0689 3560 TDTCP - ok
08:13:21.0751 3560 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:13:21.0798 3560 tdx - ok
08:13:21.0829 3560 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:13:21.0845 3560 TermDD - ok
08:13:21.0907 3560 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:13:21.0954 3560 TermService - ok
08:13:22.0016 3560 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
08:13:22.0032 3560 TGCM_ImportWiFiSvc - ok
08:13:22.0048 3560 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:13:22.0079 3560 Themes - ok
08:13:22.0094 3560 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:13:22.0141 3560 THREADORDER - ok
08:13:22.0157 3560 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:13:22.0204 3560 TrkWks - ok
08:13:22.0297 3560 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:13:22.0328 3560 TrustedInstaller - ok
08:13:22.0391 3560 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:13:22.0422 3560 tssecsrv - ok
08:13:22.0469 3560 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:13:22.0484 3560 TsUsbFlt - ok
08:13:22.0640 3560 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:13:22.0687 3560 tunnel - ok
08:13:22.0718 3560 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:13:22.0734 3560 uagp35 - ok
08:13:22.0796 3560 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
08:13:22.0828 3560 UBHelper - ok
08:13:22.0874 3560 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:13:22.0937 3560 udfs - ok
08:13:22.0968 3560 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:13:22.0999 3560 UI0Detect - ok
08:13:22.0999 3560 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:13:23.0015 3560 uliagpkx - ok
08:13:23.0077 3560 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:13:23.0093 3560 umbus - ok
08:13:23.0124 3560 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:13:23.0140 3560 UmPass - ok
08:13:23.0218 3560 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:13:23.0264 3560 UmRdpService - ok
08:13:23.0374 3560 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
08:13:23.0389 3560 Updater Service - ok
08:13:23.0420 3560 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:13:23.0467 3560 upnphost - ok
08:13:23.0514 3560 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:13:23.0545 3560 USBAAPL64 - ok
08:13:23.0592 3560 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:13:23.0623 3560 usbccgp - ok
08:13:23.0670 3560 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:13:23.0701 3560 usbcir - ok
08:13:23.0701 3560 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:13:23.0732 3560 usbehci - ok
08:13:23.0795 3560 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
08:13:23.0810 3560 usbfilter - ok
08:13:23.0904 3560 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:13:23.0935 3560 usbhub - ok
08:13:23.0966 3560 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:13:23.0982 3560 usbohci - ok
08:13:24.0044 3560 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:13:24.0060 3560 usbprint - ok
08:13:24.0122 3560 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:13:24.0154 3560 usbscan - ok
08:13:24.0185 3560 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:13:24.0200 3560 USBSTOR - ok
08:13:24.0216 3560 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:13:24.0232 3560 usbuhci - ok
08:13:24.0294 3560 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:13:24.0325 3560 usbvideo - ok
08:13:24.0341 3560 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:13:24.0388 3560 UxSms - ok
08:13:24.0403 3560 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:13:24.0419 3560 VaultSvc - ok
08:13:24.0450 3560 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:13:24.0497 3560 vdrvroot - ok
08:13:24.0559 3560 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:13:24.0622 3560 vds - ok
08:13:24.0637 3560 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:13:24.0668 3560 vga - ok
08:13:24.0668 3560 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:13:24.0715 3560 VgaSave - ok
08:13:24.0778 3560 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:13:24.0809 3560 vhdmp - ok
08:13:24.0856 3560 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:13:24.0887 3560 viaide - ok
08:13:24.0902 3560 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:13:24.0918 3560 volmgr - ok
08:13:24.0980 3560 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:13:25.0012 3560 volmgrx - ok
08:13:25.0027 3560 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:13:25.0043 3560 volsnap - ok
08:13:25.0090 3560 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:13:25.0105 3560 vsmraid - ok
08:13:25.0199 3560 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:13:25.0277 3560 VSS - ok
08:13:25.0292 3560 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:13:25.0324 3560 vwifibus - ok
08:13:25.0324 3560 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:13:25.0355 3560 vwififlt - ok
08:13:25.0386 3560 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:13:25.0402 3560 vwifimp - ok
08:13:25.0433 3560 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:13:25.0480 3560 W32Time - ok
08:13:25.0511 3560 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:13:25.0526 3560 WacomPen - ok
08:13:25.0589 3560 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:13:25.0636 3560 WANARP - ok
08:13:25.0636 3560 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:13:25.0682 3560 Wanarpv6 - ok
08:13:25.0745 3560 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:13:25.0792 3560 WatAdminSvc - ok
08:13:25.0854 3560 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:13:25.0901 3560 wbengine - ok
08:13:25.0932 3560 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:13:25.0948 3560 WbioSrvc - ok
08:13:26.0010 3560 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:13:26.0026 3560 wcncsvc - ok
08:13:26.0041 3560 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:13:26.0072 3560 WcsPlugInService - ok
08:13:26.0088 3560 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:13:26.0104 3560 Wd - ok
08:13:26.0166 3560 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:13:26.0197 3560 Wdf01000 - ok
08:13:26.0213 3560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:13:26.0244 3560 WdiServiceHost - ok
08:13:26.0244 3560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:13:26.0275 3560 WdiSystemHost - ok
08:13:26.0322 3560 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:13:26.0353 3560 WebClient - ok
08:13:26.0369 3560 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:13:26.0416 3560 Wecsvc - ok
08:13:26.0431 3560 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:13:26.0478 3560 wercplsupport - ok
08:13:26.0494 3560 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:13:26.0540 3560 WerSvc - ok
08:13:26.0572 3560 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:13:26.0603 3560 WfpLwf - ok
08:13:26.0618 3560 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:13:26.0634 3560 WIMMount - ok
08:13:26.0665 3560 WinDefend - ok
08:13:26.0681 3560 WinHttpAutoProxySvc - ok
08:13:26.0728 3560 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:13:26.0790 3560 Winmgmt - ok
08:13:26.0884 3560 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:13:26.0977 3560 WinRM - ok
08:13:27.0040 3560 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:13:27.0055 3560 WinUsb - ok
08:13:27.0118 3560 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:13:27.0164 3560 Wlansvc - ok
08:13:27.0289 3560 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:13:27.0336 3560 wlidsvc - ok
08:13:27.0383 3560 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:13:27.0414 3560 WmiAcpi - ok
08:13:27.0461 3560 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:13:27.0476 3560 wmiApSrv - ok
08:13:27.0508 3560 WMPNetworkSvc - ok
08:13:27.0539 3560 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:13:27.0554 3560 WPCSvc - ok
08:13:27.0601 3560 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:13:27.0617 3560 WPDBusEnum - ok
08:13:27.0648 3560 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:13:27.0679 3560 ws2ifsl - ok
08:13:27.0695 3560 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:13:27.0726 3560 wscsvc - ok
08:13:27.0773 3560 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
08:13:27.0820 3560 WSDPrintDevice - ok
08:13:27.0835 3560 WSearch - ok
08:13:27.0944 3560 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:13:27.0991 3560 wuauserv - ok
08:13:28.0038 3560 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:13:28.0085 3560 WudfPf - ok
08:13:28.0147 3560 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:13:28.0163 3560 WUDFRd - ok
08:13:28.0178 3560 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:13:28.0194 3560 wudfsvc - ok
08:13:28.0225 3560 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:13:28.0256 3560 WwanSvc - ok
08:13:28.0303 3560 ================ Scan global ===============================
08:13:28.0319 3560 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:13:28.0366 3560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:13:28.0397 3560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:13:28.0428 3560 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:13:28.0444 3560 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:13:28.0459 3560 [Global] - ok
08:13:28.0459 3560 ================ Scan MBR ==================================
08:13:28.0475 3560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:13:28.0834 3560 \Device\Harddisk0\DR0 - ok
08:13:28.0834 3560 ================ Scan VBR ==================================
08:13:28.0834 3560 [ 357D6835F8567B58B27F3AFDBD536B17 ] \Device\Harddisk0\DR0\Partition1
08:13:28.0834 3560 \Device\Harddisk0\DR0\Partition1 - ok
08:13:28.0880 3560 [ BD98E6E99C84ECB77890D9648AE5AE54 ] \Device\Harddisk0\DR0\Partition2
08:13:28.0880 3560 \Device\Harddisk0\DR0\Partition2 - ok
08:13:28.0880 3560 ============================================================
08:13:28.0880 3560 Scan finished
08:13:28.0880 3560 ============================================================
08:13:28.0880 1724 Detected object count: 4
08:13:28.0880 1724 Actual detected object count: 4
08:13:30.0799 1724 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:13:30.0799 1724 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:13:30.0799 1724 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:13:30.0799 1724 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:13:30.0799 1724 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:13:30.0799 1724 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:13:30.0799 1724 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
08:13:30.0799 1724 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:13:38.0365 5148 Deinitialize success
|
|
23.04.2013, 10:39
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | appround.net Virus 2 JRT - Junkware Removal Tool
__________________Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ |
|
24.04.2013, 17:29
| #18 |
| | appround.net Virus 2Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Professional x64
Ran by Wazkov on 24.04.2013 at 17:53:16,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\surf canyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\utorrentbar_deautoupdatehelper_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\utorrentbar_deautoupdatehelper_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\utorrentbar_detoolbarhelper_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\utorrentbar_detoolbarhelper_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajam_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\wajamupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2851647
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Wazkov\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Wazkov\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Wazkov\AppData\Roaming\toolplugin"
Successfully deleted: [Folder] "C:\Users\Wazkov\AppData\Roaming\vsharecomplete"
Successfully deleted: [Folder] "C:\Users\Wazkov\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Wazkov\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Wazkov\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\vshare.tv plugin"
Successfully deleted: [Folder] "C:\Program Files (x86)\vsharecomplete"
Successfully deleted: [Folder] "C:\Users\Wazkov\AppData\Roaming\microsoft\windows\start menu\programs\dealply"
~~~ FireFox
Successfully deleted: [File] C:\Users\Wazkov\AppData\Roaming\mozilla\firefox\profiles\v80o94z6.default-1346864359568\user.js
Emptied folder: C:\Users\Wazkov\AppData\Roaming\mozilla\firefox\profiles\v80o94z6.default-1346864359568\minidumps [121 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.04.2013 at 18:00:23,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.202 - Datei am 24/04/2013 um 18:03:15 erstellt
# Aktualisiert am 23/04/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Wazkov - LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Wazkov\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
Ordner Gelöscht : C:\Program Files (x86)\uTorrentBar_DE
Ordner Gelöscht : C:\Users\Wazkov\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Wazkov\AppData\LocalLow\uTorrentBar_DE
Ordner Gelöscht : C:\Users\Wazkov\AppData\Roaming\Mozilla\Firefox\Profiles\v80o94z6.default-1346864359568\extensions\amo@dealplyshopping.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\uTorrentBar_DE
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : HKLM\Software\uTorrentBar_DE
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF69201-DE56-4DB7-8C8D-FC9CC344F684}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C444571-6A2F-4973-B094-A1BCE88D25FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\toolplugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Wazkov\AppData\Roaming\Mozilla\Firefox\Profiles\v80o94z6.default-1346864359568\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\hzvxrpbv.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [7048 octets] - [24/04/2013 18:03:15]
########## EOF - C:\AdwCleaner[S1].txt - [7108 octets] ##########
Code:
ATTFilter OTL logfile created on: 24.04.2013 18:11:22 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wazkov\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 65,91% Memory free 7,99 Gb Paging File | 6,52 Gb Available in Paging File | 81,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285,30 Gb Total Space | 30,28 Gb Free Space | 10,62% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Wazkov | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Wazkov\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Users\Wazkov\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll () MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.) SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) SRV - (GameConsoleService) -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys () DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech ) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{A886440A-0BF1-46DE-B710-2DDD2A783A54}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_lm82&r=27361110s0b6l0450z135f45l1b30n IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=skyp&ocid=skydhp IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\SearchScopes\{A886440A-0BF1-46DE-B710-2DDD2A783A54}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE404 IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\SearchScopes\{D4A6CCA0-764F-4C80-8DDD-E9C7B6B27959}: "URL" = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20110729,16987,0,8,0 IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.sz.de" FF - prefs.js..extensions.enabledAddons: lyrmix%40lyrmix.net:1.111 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.03.22 14:58:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 08:04:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.24 18:03:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyrmix@lyrmix.net: C:\Program Files (x86)\Lyrmix\FF\ [2013.04.23 08:00:36 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 08:04:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.24 18:03:30 | 000,000,000 | ---D | M] [2010.11.03 11:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wazkov\AppData\Roaming\mozilla\Extensions [2013.04.24 18:03:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wazkov\AppData\Roaming\mozilla\Firefox\Profiles\v80o94z6.default-1346864359568\extensions [2013.04.13 08:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.13 08:04:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.04.23 08:00:36 | 000,000,000 | ---D | M] ("Lyrmix") -- C:\PROGRAM FILES (X86)\LYRMIX\FF [2013.04.13 08:04:58 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.06.18 14:28:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.31 12:12:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.18 14:28:10 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.18 14:28:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 14:28:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 14:28:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (VshareComplete) - {08337871-0e50-4031-9110-3bd21ca3c065} - C:\Users\Wazkov\AppData\Roaming\VshareComplete\64\VshareComplete64.dll File not found O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Lyrmix) - {A8E06666-F1AE-4436-80C1-A1A1A865F236} - C:\Program Files (x86)\Lyrmix\lyrmix.dll (Lyrix Engineering) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Mobile Connection Manager] C:\Program Files (x86)\o2\Mobile Connection Manager\emmsn.exe (Telefónica I+D) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [Akamai NetSession Interface] C:\Users\Wazkov\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk () O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [Spotify] "C:\Users\Wazkov\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found O4 - HKU\S-1-5-21-609013171-3702366753-2972859162-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Wazkov\Desktop\PartyPoker.lnk () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Wazkov\Desktop\PartyPoker.lnk () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.17.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C8845FF-D4C1-4E52-AF9B-6D0D3B308A00}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C92BA8F-1C87-4942-AA31-042EBC62A703}: DhcpNameServer = 192.168.70.2 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.04.08 15:38:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O33 - MountPoints2\{0062957e-a57b-11e0-8e5f-001e101f2b52}\Shell - "" = AutoRun O33 - MountPoints2\{0062957e-a57b-11e0-8e5f-001e101f2b52}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{16528763-ca4b-11e0-9d29-001e101fb4df}\Shell - "" = AutoRun O33 - MountPoints2\{16528763-ca4b-11e0-9d29-001e101fb4df}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{4b681a9a-a272-11e0-aaed-00262da3fd87}\Shell - "" = AutoRun O33 - MountPoints2\{4b681a9a-a272-11e0-aaed-00262da3fd87}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d0f4c61b-a284-11e0-ab79-00262da3fd87}\Shell - "" = AutoRun O33 - MountPoints2\{d0f4c61b-a284-11e0-ab79-00262da3fd87}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{f81adc83-ee7c-11e0-a717-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{f81adc83-ee7c-11e0-a717-001e101f1838}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.24 17:52:51 | 000,535,764 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Wazkov\Desktop\JRT.exe [2013.04.24 17:50:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.04.24 17:49:20 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.23 08:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lyrmix [2013.04.20 17:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop [2013.04.20 17:12:57 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.04.20 17:12:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.04.20 17:12:57 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.04.20 17:12:57 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.20 17:12:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.20 17:12:56 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.04.20 17:12:56 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.04.20 17:12:56 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.04.20 17:12:56 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.04.20 17:12:56 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.04.20 17:12:56 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.20 17:12:56 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.04.20 17:12:56 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.04.20 17:12:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.20 17:12:56 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.04.20 17:12:56 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.20 17:12:56 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.04.20 17:12:56 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.20 17:12:56 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.04.20 17:12:56 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.04.20 17:12:56 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.20 17:12:56 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.04.20 17:12:56 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.04.20 17:12:56 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.04.20 17:12:56 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.04.20 17:12:56 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.04.20 17:12:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.04.20 17:12:56 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.04.20 17:12:56 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.04.20 17:12:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.04.20 17:12:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.04.20 17:12:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.04.20 17:12:56 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.04.20 17:12:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.04.20 17:12:56 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.04.20 17:12:56 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.20 17:12:56 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.04.20 17:12:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.04.20 17:12:56 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.04.20 17:12:56 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.04.20 17:12:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.04.20 17:12:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.20 17:12:56 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.04.20 17:12:56 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.04.20 17:12:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.04.20 17:12:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.20 17:12:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.04.20 17:12:56 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.04.20 17:12:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.04.20 17:12:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.04.20 17:12:56 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.04.20 17:12:56 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.04.20 17:12:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.20 17:12:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.04.20 17:12:56 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.04.20 17:12:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.20 17:12:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.04.20 17:12:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.20 17:12:56 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.04.20 17:12:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.04.20 17:12:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.04.20 17:12:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.20 17:12:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.20 17:12:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.04.20 17:12:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.04.20 17:12:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.04.20 17:12:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.04.20 17:12:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.04.20 17:09:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013.04.20 17:09:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013.04.20 17:09:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013.04.20 17:09:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013.04.20 17:09:19 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013.04.20 17:09:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.04.20 17:09:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013.04.20 17:09:14 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.04.20 17:09:13 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.04.20 17:09:13 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013.04.20 17:09:13 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013.04.20 17:09:13 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.04.20 17:09:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013.04.20 17:09:12 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013.04.20 17:09:12 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.04.20 17:09:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013.04.20 17:09:12 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013.04.20 17:09:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013.04.20 17:09:12 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013.04.20 17:09:11 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.04.20 17:09:11 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.04.20 17:09:10 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.04.20 17:09:08 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.20 17:09:07 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.20 17:04:52 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.04.20 17:04:51 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.04.20 17:04:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.04.20 17:04:51 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.04.20 17:04:38 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.04.20 17:04:38 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.04.20 17:04:26 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.04.20 17:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.04.20 17:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.04.20 17:04:25 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.04.20 17:04:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.04.20 17:04:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.04.20 17:04:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.04.20 17:04:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.04.20 17:04:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.04.20 17:04:24 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.04.20 17:04:24 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.04.20 17:04:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.04.20 17:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.04.20 17:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.04.20 17:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.04.20 17:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.04.20 17:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.04.20 17:04:22 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.04.20 17:04:22 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.04.20 17:04:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.04.20 17:04:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.04.20 17:04:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.04.20 17:04:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.04.20 17:04:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.04.20 17:04:21 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.04.20 17:04:21 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.04.20 17:04:20 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.04.20 17:04:20 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.04.20 17:04:19 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.04.20 17:04:19 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.04.20 17:04:19 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.04.20 17:04:18 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.04.20 17:04:17 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.04.20 17:04:17 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.04.20 17:04:16 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.04.20 17:03:20 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.04.20 17:03:12 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013.04.20 17:03:12 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013.04.19 17:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.04.16 17:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.04.15 10:30:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Wazkov\Desktop\OTL.exe [2013.04.13 16:48:29 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Roaming\0C1I1L1R1J0M1P0I1G [2013.04.13 16:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoolLyrics [2013.04.13 16:46:41 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\Qtrax [2013.04.13 16:46:36 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Local\Downloaded Installations [2013.04.13 16:44:31 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.13 16:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.13 08:04:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.10 05:36:03 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 05:36:01 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 05:36:00 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 05:35:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 05:35:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 05:35:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.04.08 15:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [2013.04.08 15:57:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk [2013.04.08 15:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DWG TrueView 2014 [2013.04.08 15:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared [2013.04.08 15:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared [2013.04.08 15:57:27 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Local\Autodesk [2013.04.08 15:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk [2013.04.08 15:43:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2013.04.08 15:43:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2013.04.08 15:43:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2013.04.08 15:43:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2013.04.08 15:43:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2013.04.08 15:43:12 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2013.04.08 15:43:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2013.04.08 15:43:12 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2013.04.08 15:43:10 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2013.04.08 15:43:10 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2013.04.08 15:43:08 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2013.04.08 15:43:08 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2013.04.08 15:43:08 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2013.04.08 15:43:08 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2013.04.08 15:43:07 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2013.04.08 15:43:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2013.04.08 15:41:13 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Roaming\Autodesk [2013.04.08 15:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk [2013.04.08 15:34:29 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Local\Akamai [2013.03.31 14:32:28 | 000,000,000 | ---D | C] -- C:\Users\Wazkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.03.31 14:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.01.20 17:12:34 | 024,043,023 | ---- | C] (Portable ) -- C:\Program Files\Virtual DJ v7.0 PRO Portable (Registred).exe [2011.07.01 12:05:36 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\msvcp71.dll [2011.07.01 12:05:36 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\msvcr71.dll [2011.07.01 12:05:36 | 000,020,480 | ---- | C] (Exact Software Belgium) -- C:\ProgramData\ProAcc.ver [2011.07.01 12:05:34 | 000,335,872 | ---- | C] (Solid Data) -- C:\ProgramData\OutcomeCompanies.dll [2011.07.01 12:05:34 | 000,188,416 | ---- | C] (Solid Data NV) -- C:\ProgramData\ModelGen.exe [2011.07.01 12:05:34 | 000,024,576 | ---- | C] (Solid Data) -- C:\ProgramData\SDCoreSystem.dll [2011.07.01 11:35:10 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp71.dll [2011.07.01 11:35:10 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr71.dll [2011.07.01 11:35:08 | 000,335,872 | ---- | C] (Solid Data) -- C:\Program Files\OutcomeCompanies.dll [2011.07.01 11:35:08 | 000,024,576 | ---- | C] (Solid Data) -- C:\Program Files\SDCoreSystem.dll [2011.07.01 11:35:07 | 000,188,416 | ---- | C] (Solid Data NV) -- C:\Program Files\ModelGen.exe ========== Files - Modified Within 30 Days ========== [2013.04.24 18:14:27 | 000,023,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 18:14:27 | 000,023,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 18:05:38 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Lyrmix Update.job [2013.04.24 18:05:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.24 18:04:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.24 18:04:51 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys [2013.04.24 18:02:32 | 000,619,461 | ---- | M] () -- C:\Users\Wazkov\Desktop\adwcleaner.exe [2013.04.24 17:52:57 | 000,535,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Wazkov\Desktop\JRT.exe [2013.04.24 17:27:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.24 17:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.20 17:12:57 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.04.20 17:12:57 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.04.20 17:12:57 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.04.20 17:12:57 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.20 17:12:56 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.20 17:12:56 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.04.20 17:12:56 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.04.20 17:12:56 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.04.20 17:12:56 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.04.20 17:12:56 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.04.20 17:12:56 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.20 17:12:56 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.04.20 17:12:56 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.04.20 17:12:56 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.20 17:12:56 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.04.20 17:12:56 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.20 17:12:56 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.04.20 17:12:56 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.20 17:12:56 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.04.20 17:12:56 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.04.20 17:12:56 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.20 17:12:56 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.04.20 17:12:56 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.04.20 17:12:56 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.04.20 17:12:56 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.04.20 17:12:56 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.04.20 17:12:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.04.20 17:12:56 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.04.20 17:12:56 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.04.20 17:12:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.04.20 17:12:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.04.20 17:12:56 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.04.20 17:12:56 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.04.20 17:12:56 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.04.20 17:12:56 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.04.20 17:12:56 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.20 17:12:56 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.04.20 17:12:56 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.04.20 17:12:56 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.04.20 17:12:56 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.04.20 17:12:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.04.20 17:12:56 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.20 17:12:56 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.04.20 17:12:56 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.04.20 17:12:56 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.04.20 17:12:56 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.20 17:12:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.04.20 17:12:56 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.04.20 17:12:56 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.04.20 17:12:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.04.20 17:12:56 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.04.20 17:12:56 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.04.20 17:12:56 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.20 17:12:56 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.04.20 17:12:56 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.04.20 17:12:56 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.20 17:12:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.04.20 17:12:56 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.20 17:12:56 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.04.20 17:12:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.04.20 17:12:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.04.20 17:12:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.20 17:12:56 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.20 17:12:56 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.04.20 17:12:56 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.20 17:12:56 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.20 17:12:56 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.04.20 17:12:56 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.04.20 17:12:56 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.04.20 17:12:56 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.04.17 16:48:14 | 000,001,574 | ---- | M] () -- C:\Users\Wazkov\Desktop\20130417_1440_2524903014.zip - Verknüpfung.lnk [2013.04.16 17:30:35 | 000,013,543 | ---- | M] () -- C:\Users\Wazkov\Desktop\gmer.7z [2013.04.16 17:30:30 | 000,012,452 | ---- | M] () -- C:\Users\Wazkov\Desktop\Extras.7z [2013.04.16 17:30:22 | 000,012,733 | ---- | M] () -- C:\Users\Wazkov\Desktop\OTL.7z [2013.04.16 17:30:02 | 000,037,158 | ---- | M] () -- C:\Users\Wazkov\Desktop\Desktop.7z [2013.04.15 19:36:50 | 000,377,856 | ---- | M] () -- C:\Users\Wazkov\Desktop\gmer_2.1.19163.exe [2013.04.15 19:10:47 | 000,000,000 | ---- | M] () -- C:\Users\Wazkov\defogger_reenable [2013.04.15 19:09:48 | 000,050,477 | ---- | M] () -- C:\Users\Wazkov\Desktop\Defogger.exe [2013.04.15 10:40:21 | 001,650,980 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.15 10:40:21 | 000,711,114 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.15 10:40:21 | 000,664,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.15 10:40:21 | 000,154,174 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.15 10:40:21 | 000,126,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.15 10:30:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wazkov\Desktop\OTL.exe [2013.04.13 16:44:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.13 16:44:03 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2013.04.13 16:44:03 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.04.13 16:44:03 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.13 16:44:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.13 16:44:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.13 16:40:17 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.13 16:40:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.11 13:22:24 | 000,518,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.09 15:50:34 | 001,628,874 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.08 15:59:01 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\DWG TrueView 2014.lnk [2013.03.31 14:31:33 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk ========== Files Created - No Company Name ========== [2013.04.24 18:02:25 | 000,619,461 | ---- | C] () -- C:\Users\Wazkov\Desktop\adwcleaner.exe [2013.04.23 08:00:43 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\Lyrmix Update.job [2013.04.20 17:12:56 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.20 17:12:56 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.17 16:48:14 | 000,001,574 | ---- | C] () -- C:\Users\Wazkov\Desktop\20130417_1440_2524903014.zip - Verknüpfung.lnk [2013.04.16 17:30:35 | 000,013,543 | ---- | C] () -- C:\Users\Wazkov\Desktop\gmer.7z [2013.04.16 17:30:30 | 000,012,452 | ---- | C] () -- C:\Users\Wazkov\Desktop\Extras.7z [2013.04.16 17:30:22 | 000,012,733 | ---- | C] () -- C:\Users\Wazkov\Desktop\OTL.7z [2013.04.16 17:30:01 | 000,037,158 | ---- | C] () -- C:\Users\Wazkov\Desktop\Desktop.7z [2013.04.15 19:36:48 | 000,377,856 | ---- | C] () -- C:\Users\Wazkov\Desktop\gmer_2.1.19163.exe [2013.04.15 19:10:47 | 000,000,000 | ---- | C] () -- C:\Users\Wazkov\defogger_reenable [2013.04.15 19:09:47 | 000,050,477 | ---- | C] () -- C:\Users\Wazkov\Desktop\Defogger.exe [2013.04.08 15:59:01 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\DWG TrueView 2014.lnk [2012.11.18 11:02:31 | 000,007,680 | ---- | C] () -- C:\Users\Wazkov\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.20 11:22:28 | 000,038,499 | ---- | C] () -- C:\Users\Wazkov\AppData\Roaming\Microsoft Excel 97-2003.ADR [2012.02.20 11:22:24 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2012.01.14 21:05:39 | 000,000,222 | ---- | C] () -- C:\Windows\wininit.ini [2011.07.18 14:00:26 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI [2011.07.02 20:26:01 | 000,017,408 | ---- | C] () -- C:\Users\Wazkov\AppData\Local\WebpageIcons.db [2011.07.01 12:05:36 | 011,909,120 | ---- | C] () -- C:\ProgramData\ProAcc.lbr [2011.07.01 12:05:36 | 000,911,360 | ---- | C] () -- C:\ProgramData\ProAcc2104.oif [2011.07.01 12:05:36 | 000,911,360 | ---- | C] () -- C:\ProgramData\ProAcc2103.oif [2011.07.01 12:05:36 | 000,030,720 | ---- | C] () -- C:\ProgramData\BeheerConstantenForf.lbr [2011.07.01 12:05:35 | 000,911,360 | ---- | C] () -- C:\ProgramData\ProAcc2101.oif [2011.07.01 12:05:35 | 000,890,880 | ---- | C] () -- C:\ProgramData\ProAcc2100.oif [2011.07.01 12:05:34 | 046,213,120 | ---- | C] () -- C:\ProgramData\ForfRep.lbr [2011.07.01 12:05:34 | 009,159,680 | ---- | C] () -- C:\ProgramData\Intrastat.oif [2011.07.01 12:05:34 | 000,911,360 | ---- | C] () -- C:\ProgramData\ProAcc2102.oif [2011.07.01 12:05:34 | 000,665,600 | ---- | C] () -- C:\ProgramData\EDIVAT.lbr [2011.07.01 12:05:34 | 000,189,440 | ---- | C] () -- C:\ProgramData\Label.ahr [2011.07.01 12:05:34 | 000,128,000 | ---- | C] () -- C:\ProgramData\EDIVAT.df1 [2011.07.01 12:05:34 | 000,128,000 | ---- | C] () -- C:\ProgramData\Docum_nl_fr_en.ahr [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Forfait.df1 [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Docum14.ahr [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Docum13_nl.ahr [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Docum13_fr.ahr [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Docum13_en.ahr [2011.07.01 12:05:34 | 000,107,520 | ---- | C] () -- C:\ProgramData\Docum_en.ahr [2011.07.01 12:05:34 | 000,087,040 | ---- | C] () -- C:\ProgramData\Docum_nl.ahr [2011.07.01 12:05:34 | 000,087,040 | ---- | C] () -- C:\ProgramData\Docum_fr.ahr [2011.07.01 12:05:34 | 000,051,200 | ---- | C] () -- C:\ProgramData\PageSetups.lbr [2011.07.01 12:05:34 | 000,030,720 | ---- | C] () -- C:\ProgramData\Rappel.ahr [2011.07.01 12:05:34 | 000,030,720 | ---- | C] () -- C:\ProgramData\PROOPTIONS.lbr [2011.07.01 12:05:34 | 000,000,349 | ---- | C] () -- C:\ProgramData\OMNIS7.exe.config [2011.07.01 11:35:10 | 000,030,720 | ---- | C] () -- C:\Program Files\BeheerConstantenForf.lbr [2011.07.01 11:35:08 | 046,213,120 | ---- | C] () -- C:\Program Files\ForfRep.lbr [2011.07.01 11:35:08 | 009,159,680 | ---- | C] () -- C:\Program Files\Intrastat.oif [2011.07.01 11:35:08 | 000,665,600 | ---- | C] () -- C:\Program Files\EDIVAT.lbr [2011.07.01 11:35:08 | 000,189,440 | ---- | C] () -- C:\Program Files\Label.ahr [2011.07.01 11:35:08 | 000,128,000 | ---- | C] () -- C:\Program Files\EDIVAT.df1 [2011.07.01 11:35:08 | 000,128,000 | ---- | C] () -- C:\Program Files\Docum_nl_fr_en.ahr [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Forfait.df1 [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Docum14.ahr [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Docum13_nl.ahr [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Docum13_fr.ahr [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Docum13_en.ahr [2011.07.01 11:35:08 | 000,107,520 | ---- | C] () -- C:\Program Files\Docum_en.ahr [2011.07.01 11:35:08 | 000,087,040 | ---- | C] () -- C:\Program Files\Docum_nl.ahr [2011.07.01 11:35:08 | 000,087,040 | ---- | C] () -- C:\Program Files\Docum_fr.ahr [2011.07.01 11:35:08 | 000,051,200 | ---- | C] () -- C:\Program Files\PageSetups.lbr [2011.07.01 11:35:08 | 000,030,720 | ---- | C] () -- C:\Program Files\Rappel.ahr [2011.07.01 11:35:08 | 000,030,720 | ---- | C] () -- C:\Program Files\PROOPTIONS.lbr [2011.07.01 11:35:08 | 000,000,349 | ---- | C] () -- C:\Program Files\OMNIS7.exe.config [2010.11.03 13:41:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > [/CODE] |
|
24.04.2013, 17:33
| #19 |
| | appround.net Virus 2 OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.04.2013 18:11:22 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wazkov\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 65,91% Memory free
7,99 Gb Paging File | 6,52 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,30 Gb Total Space | 30,28 Gb Free Space | 10,62% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Wazkov | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-609013171-3702366753-2972859162-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1152C5A5-9D4D-4B21-8951-3141E6FAB252}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{195D92D3-9F52-4861-8F03-CB31171124A5}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B69ACE2-46DB-41F2-B5AD-F58E13EA1B71}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1E4404BA-63BE-4142-9039-02287016F3CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1F94882C-C0BD-4A68-B26C-D430DE15EE75}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{226033E1-DE95-4CB5-9F27-68D8C61FB62D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BEB0AD1-5108-4F51-A9A5-A0850294C54A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{309AF59B-D76C-44E4-94AE-C86EA5985D35}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{339C067C-2B0C-4A36-9892-E68E9BCC749C}" = rport=138 | protocol=17 | dir=out | app=system |
"{395ACA71-EED2-41BC-8EE8-96AFC8BF7CF1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E1ECF3F-1A86-4350-9588-5DAFED84352E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41BA2D06-A2B7-4D4E-B811-A46673ED7E7E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4EE9B28C-BD30-452B-8D85-605A2325B723}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{55F706FD-7229-4F91-8BE1-EC74C10B4B09}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CAA2216-9A45-43F9-AE35-E0E3095D8A72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60EB63BD-01DD-4536-B4B0-13622EF893ED}" = rport=139 | protocol=6 | dir=out | app=system |
"{6297528F-7DBA-40E1-98A6-F44EC3AD2E54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77E23A5A-3D09-4F69-8905-3CB86A46FD61}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{884C3F07-E2DD-4FD5-B680-F861AE150201}" = lport=137 | protocol=17 | dir=in | app=system |
"{89309941-F533-4E5C-8B11-3CCE1188E476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A8D711B-66C4-4F53-9CA5-718F1BDEBF73}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8D50A1CE-79A0-4082-82DA-36DA86E62D56}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9BFDB604-FE35-456F-A0D6-19AC491337F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{A01D715E-6FB4-4199-8A5D-78FBE873CE5D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6CA9058-841E-400A-8EBF-967B63A3E40D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AB08B51A-9B6E-48AE-908C-C286634CAE65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE8625D5-2E2F-45E1-9DE8-56241746506A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B8B5848B-8D3B-4C40-8EF6-A296CA1EDD1D}" = lport=445 | protocol=6 | dir=in | app=system |
"{C460D9E1-6D3A-4834-BD86-E8257C1D56C2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CCE1E146-EA95-48E4-80DD-DC5E4C63391D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D99EAB26-103D-45A1-AD40-1810D08CD9D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E762E868-FB9D-4124-A022-1C79D7965D62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED13B527-BFAE-4394-BC1B-D26A820F5452}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB40A6C6-C3F0-4739-A591-701080E0C90E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011EA7D1-E5B1-425F-B212-79C0995CA91D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{01C61A62-3DB5-451F-9E9B-A5998EE6CB8D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{05F0F3CE-F97B-4E4B-A633-B607A65ABD16}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{091E314A-60BB-4746-B27B-854500F7B39A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{097AE602-E95D-4359-8262-C67101C75DA4}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{0B5F0809-6317-448C-BDB1-368E9F3D4877}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0EA51E8F-C113-4AA7-B172-3DA3744438E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{11EF4961-7B2E-4C1F-AF51-D2DB5507DD03}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{17F6CE24-666D-4DC1-A91E-AC8959A17982}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{189F2287-A688-4AE1-ADB7-72FBEE480BA7}" = protocol=6 | dir=in | app=c:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe |
"{1974CE15-F7CB-4A20-981F-511F7DE8BBE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1AD9F2AC-4C00-46A6-B85A-C195F9B3D5CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{375BB166-43F2-4BCB-B6C3-0DA0A82841A0}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{3B1C48BE-E444-4639-A144-DBE7B7FD5D7F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B91B7E5-BBCD-4629-80A1-5F73C65C42BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43EFC9F0-E1FE-4F8F-A18C-675FED0EEB7B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{570E419D-B09A-463E-A190-DE5030EE5459}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5A7BC002-0ECF-438B-856C-A2391B0F73F6}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3000 j310 series\bin\hpnetworkcommunicator.exe |
"{5D9CC822-DA81-4582-A310-EDC6347F53FD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E6C5902-1208-47E0-8A10-9F8BBE21BADF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{61A25A16-0729-41AB-8992-254C9B652849}" = protocol=6 | dir=out | app=system |
"{6DD11FC2-6309-4D56-97D0-FD94FABFE19B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7BEF9D5A-C5BE-45DE-9056-184A4C4BD8FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{86F8A7E4-E24F-4744-8B26-EE739F3D1B39}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{964E5771-3622-43F4-9111-476204174EA7}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3000 j310 series\bin\hpnetworkcommunicator.exe |
"{96EC58C7-0334-4883-B8C6-E1B5D591AA9D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98B22578-3CE0-4353-83CA-69C5C4F69895}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3000 j310 series\bin\devicesetup.exe |
"{9AE3897E-4818-4F9C-8681-946C98B3E3DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C53AE28-4090-40EA-A74C-0DB2CACFA304}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A09BD579-7D7C-4000-AA09-3BF892814340}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A1959797-503B-4C06-940D-73BD39E3286E}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A52E6696-0DD4-4F2D-943B-2B050519A303}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A584A980-6A91-4B9B-9929-55B6CAEAFE34}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3000 j310 series\bin\devicesetup.exe |
"{A861C696-DFEE-4DE4-B76C-CEA51B190F30}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A86EE598-573F-4093-A038-6ADF288A9056}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{ACC1E247-B888-4658-B1ED-1F51C109EDD7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CC6D6FC3-6002-4B15-BAFA-E19F5AE2CF87}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CE9ED2B4-6BB3-442D-A810-EB38CD12DBA8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D475DC74-E7C3-4756-8197-1CF572FDB448}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DAE94794-2861-4885-BE13-188159EAAF8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E060DC6D-33D3-4925-9CE0-3C608B62466F}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{E1545D65-F3ED-4F5A-9F32-163CA38E554C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E3173261-4D59-446D-8847-41EECBEE2399}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB2F97F7-DEB3-4B40-AF7F-042DBD1CECB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F15E77BF-8B1B-4B3B-BF10-AD588E1E75B3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F5253B79-A323-4258-A9B7-7AF1D2662173}" = protocol=17 | dir=in | app=c:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe |
"{F62BFB81-ECA6-4ABF-BC82-D1BDCFE4A84E}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{FD03AE8E-E2CA-4B08-BEAB-A9DA367F6AC4}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"TCP Query User{004B677C-7A29-4E14-968F-F9CF809F57FE}C:\users\wazkov\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\wazkov\appdata\roaming\spotify\spotify.exe |
"TCP Query User{12470422-0A92-44BD-9570-C2E197BACD00}C:\users\wazkov\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\wazkov\appdata\local\akamai\netsession_win.exe |
"TCP Query User{22BCC067-4F03-4FC9-8EF8-32C674CC794B}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{2899C54C-6970-4413-B4FC-7CFC477E4E51}C:\users\wazkov\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\wazkov\appdata\local\akamai\netsession_win.exe |
"TCP Query User{5200FE10-2AA0-4B65-90CB-E8A340660525}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{5252F6C0-23E8-457F-904F-F3A0273BA315}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{52ADC610-4294-402B-B7CE-D7201E8095F7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{7499F4D7-0AFE-4E2C-8B38-0137B226E90A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{75D47E61-421A-4A12-9F8F-4B42C6A7C135}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{870C7287-3F43-4608-9205-5D5D260206FE}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A4B0DB59-0EC6-4112-A54D-54F7DEC2076F}C:\program files (x86)\microsoft office\office12\outlook.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"TCP Query User{B1594B4C-61A6-421B-B0F9-A9E196B725D7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{DD3141D7-46C3-4C2D-BF64-3664B0BA6528}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{E87CF375-1E4C-4119-8C62-76E5EFAE9C74}C:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{EED58055-6810-46E2-A198-A63F3BC90104}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0AAD579C-A328-454B-A203-9A9AE11D50DE}C:\users\wazkov\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\wazkov\appdata\roaming\spotify\spotify.exe |
"UDP Query User{1FED52A4-A165-493D-A668-B0B3A377630B}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{21B56D36-518E-428B-8702-ADC6B3309764}C:\program files (x86)\microsoft office\office12\outlook.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"UDP Query User{3F707335-616E-4F5C-857D-B8A102CA86BE}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{56352A59-C325-4719-A316-A2BB755D1C5E}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{58C521CD-B2CF-4080-9CD3-C5A29FCF2919}C:\users\wazkov\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\wazkov\appdata\local\akamai\netsession_win.exe |
"UDP Query User{593CD072-4A56-4E9C-9C96-A03526B6C756}C:\users\wazkov\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\wazkov\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7EF0B8B6-D459-49DA-A441-EDB6CB4DF061}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{974A33F1-417F-4E82-B9D9-4E660FFC4FFB}C:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\wazkov\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{A2382369-B676-4DD0-B3BD-6EF0BB992BB0}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A7539402-364D-42A0-8864-53BE962E894D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B3D229D5-C473-411E-975F-A87CFC5FD894}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{C08802D9-8B6F-4A98-ABC8-8FC20AA04374}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{C611B97A-CB1B-4955-A139-1062540923F0}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{F16EFE81-798A-496C-8DBE-C72A1721EFEF}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{377672F0-6B8A-467D-8DDC-79338BCCD531}" = 64 Bit HP CIO Components Installer
"{42281103-DF49-8A45-C960-977096F29F45}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-D028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C71F039-AD9F-496E-985E-0A6DC3A41717}" = HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F43CF39-8B2F-546B-57E3-4803E935C465}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DWG TrueView 2014" = Autodesk DWG TrueView 2014
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15424D99-B708-54FD-94EC-997BE1976918}" = CCC Help Japanese
"{1DCEE28F-CEDA-ADBA-DE41-1377ADD42DD3}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24041742-5275-464C-9A87-45C8028B4F38}" = ProAcc
"{2552055A-7121-346E-F287-C0E7CC1BB36E}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{327AD686-FD94-F270-C0C9-D379ACC3CCA3}" = CCC Help Russian
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CABCB73-0ABE-9578-A11C-6888ECF5D6D7}" = CCC Help Portuguese
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3DCF232A-B152-4375-B840-F19D866A316D}" = Catalyst Control Center Graphics Full New
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F34DE3B-887D-72A9-FCFE-2676B2EDBE67}" = CCC Help Thai
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B30D670-AA94-3DAC-965D-CA8FED631DA3}" = Catalyst Control Center Graphics Previews Common
"{5F65AB3C-FCF3-E10B-3203-26F3C133F036}" = CCC Help Chinese Standard
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{64CFDAC9-C358-88FE-E0E3-B33ED5C8AB2C}" = CCC Help Norwegian
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{654A65DA-7173-4B51-ACEB-F855201EE033}" = HP Deskjet 3000 J310 series Hilfe
"{702A9675-C93C-6914-7B90-8056525349A7}" = Catalyst Control Center Graphics Light
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7661AFE4-1F7A-8B5C-D395-3A8B682F106A}" = CCC Help Korean
"{77D3B22B-CB40-19AE-5A7D-9256E9862010}" = Catalyst Control Center Core Implementation
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7A555AD4-057E-EB0B-3C2D-82658AA1B190}" = CCC Help English
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing-Desktop
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{81FC1368-171E-4151-E3E1-D63C8CF1F150}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570AE7F-183B-44A6-AC03-416C0B8B1000}" = SA31xx Device Manager & Media Converter
"{85DD738D-6572-53AA-E570-50D0D0842722}" = Catalyst Control Center Graphics Full Existing
"{86141D3B-58F6-D4E9-809E-05032F1C09BE}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{97DA45B6-451C-A4B8-897F-106E2B3B6E2F}" = CCC Help Dutch
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A26840C5-95D5-BB10-700A-304AA9F4AF92}" = CCC Help Greek
"{A385939C-3DE9-5568-D8B0-3972BA293DC7}" = CCC Help German
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B284EA3C-8391-5648-BFC4-800A44D01ADA}" = ccc-core-static
"{B2F1B278-B685-1112-F051-AD05C5946C0D}" = CCC Help French
"{B3A0945A-1A84-BD5C-D33A-F4DC811FCCCC}" = CCC Help Chinese Traditional
"{B4060669-4633-038A-8A50-E05D1F54929E}" = CCC Help Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 7.1
"{BC171806-3828-33E5-289C-9609C5BC59DF}" = Catalyst Control Center Localization All
"{BDE26FB2-E880-BFF9-3A85-18D70FC44D8D}" = Catalyst Control Center InstallProxy
"{C31501D8-8267-A455-D269-85FBDBE2BFC3}" = CCC Help Italian
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C75A193A-D403-5707-7D32-166DF4EA47DD}" = CCC Help Spanish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D4905980-7A59-8CE0-1336-EBC0338DAC1B}" = CCC Help Hungarian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E572B060-C98B-4984-A48E-E4FA56265903}" = SA31xx Device Manager & Media Converter
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F98098D2-8822-1B1D-6771-945669046216}" = CCC Help Danish
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Cinergy T-Stick MKII" = Cinergy T-Stick MKII V9.06.3.01
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FC Screensaver_is1" = FC Screensaver
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"HP Photo Creations" = HP Photo Creations
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.05.00.00
"Identity Card" = Identity Card
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"LManager" = Launch Manager
"lyrmix@lyrmix.net" = Lyrmix
"Metaboli" = Metaboli
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"o2DE" = Mobile Connection Manager
"Packard Bell Game Console" = Packard Bell Game Console
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"PartyPoker" = PartyPoker
"Tropico3" = Tropico 3 1.00
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"vShare.tv plugin" = vShare.tv plugin 1.3
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT078791" = Bejeweled 2 Deluxe
"WT078806" = Insaniquarium Deluxe
"WT078833" = Zuma Deluxe
"WT078960" = Blasterball 3
"WT078964" = Bob the Builder Can-Do-Zoo
"WT079020" = Faerie Solitaire
"WT079024" = FATE - The Traitor Soul
"WT079064" = Jewel Quest
"WT079068" = Jewel Quest Solitaire 3
"WT079108" = Penguins!
"WT079116" = Polar Bowler
"WT079120" = Polar Golfer
"WT079124" = Polar Pool
"WT079177" = Virtual Villagers - A New Home
"WT079184" = Yahtzee
"WT079363" = Build-a-lot 2
"WT079366" = Chicken Invaders 3 - Revenge of the Yolk
"WT079395" = Escape Rosecliff Island
"WT079397" = Mahjongg Artifacts
"WT079421" = Virtual Families
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-609013171-3702366753-2972859162-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"ClickMeIn Packages" = ClickMeIn Packages
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ OSession Events ]
Error - 25.11.2011 05:39:24 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8022
seconds with 4440 seconds of active time. This session ended with a crash.
Error - 29.08.2012 14:34:07 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.12.2012 17:44:23 | Computer Name = Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 24.04.2013 12:05:00 | Computer Name = Laptop | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\system32\athExt.dll Fehlercode: 126
Error - 24.04.2013 12:06:27 | Computer Name = Laptop | Source = DCOM | ID = 10016
Description =
< End of report >
[/CODE] Ich hoffe, alles ist dabei. Vielen Dank für die schnellen Antworten. |
|
24.04.2013, 21:04
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | appround.net Virus 2Zitat:
Sieht sonst aber ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.04.2013, 15:51
| #21 |
| | appround.net Virus 2 Hallo, hier die beiden Logdateien: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.25.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Wazkov :: LAPTOP [Administrator] 25.04.2013 18:38:01 mbam-log-2013-04-25 (18-38-01).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 450468 Laufzeit: 1 Stunde(n), 19 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Wazkov\Downloads\setup_codec_3dx.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4119ae938130224bb619b8d110fc2a75
# engine=13697
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-25 08:58:50
# local_time=2013-04-25 10:58:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 51972 118553380 0 0
# scanned=233353
# found=0
# cleaned=0
# scan_time=8685
Das Programm nach dem Du gefragt hast, habe ich von einem Kollegen. sein Rechner-USBStick-mein Rechner. Nutze ich nie, kann ich sofort löschen, wenn Du mir sagt, dass sei besser oder sieht nicht ganz koscher aus. appround.net taucht übrings immernoch auf beim Surfen, gefühlt nach jedem 5. bis 10. Anklicken von Seiten. Gruß, Tim |
|
26.04.2013, 15:52
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | appround.net Virus 2 Nur ein Setup-Überbleibsel. In welchen Browsern taucht die appround auf?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.04.2013, 16:49
| #23 |
| | appround.net Virus 2 Firefox. Habe es eben mal mit IE versucht, da ist appround nicht aufgetaucht. |
|
26.04.2013, 22:40
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | appround.net Virus 2 So, hab jetzt mein Hauptsystem wieder zurück, hab eben auf ne andere Festplatte umgestellt alles... Du hast meine Frage welche Datei das ist noch nicht beantwortet. => C:\Program Files\Virtual DJ v7.0 PRO Portable (Registred).exe Zum appround: Erstell dir mal ein neues Profil und teste => Firefox-Profile erstellen und löschen | Hilfe zu Firefox
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.04.2013, 07:59
| #25 |
| | appround.net Virus 2 Moin, wie gesagt, das Programm habe ich von einem Kollegen auf einem Stick bekommen. Kann ich sofort löschen, nutze ich so gut wie nie. Kurze Info bitte, wenn ich dabei etwas beachten soll. Ich habe mein altes Firefox-Profil komplett gelöscht. Nach 10 min. wildem Internetsurfen taucht Appround nicht mehr auf und alles kommt mir wesentlich schneller vor, als noch im alten Profil. Vielen Dank dafür. |
|
27.04.2013, 16:51
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | appround.net Virus 2Zitat:
Also lösch die Datei bitte umgehend Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2013, 16:59
| #27 |
| | appround.net Virus 2 Hallo, das Programm ist gelöscht. Scans von Malwarebytes (quick scan) und Avast haben nichts gefunden. Ich war die letzten Tage etwas im Stress und habe bis zum 13.5 eigentlich keine Zeit (Messe und Hochzeit im Ausland). Danach werde ich noch einmal alles durchlaufen lassen und melde mich dann. Schon einmal Dankeschön für die Hilfe. Bis jetzt läuft alles einwandfrei. |
|
03.05.2013, 14:30
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | appround.net Virus 2 Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => http://www.trojaner-board.de/lob-kritik-wuensche/ Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.07.2013, 21:20
| #29 |
| | appround.net Virus 2 Moin, erstmal VIELEN DANK für die Hilfe!!! War seit dem letzten Mal nur im Stress. Habe mich jetzt an alle Anweisungen soweit gehalten, Kiste läuft rund, braucht nur beim Hochfahren ein Bisschen. Kann das eventuell an der Hardware liegen (Lüftung?) Soweit alles vom desktop geschmissen, was nicht nötig ist. Werde wöchentlich in Zukunft Malwarebites und Secunia PSI durchlaufen lassen. Wie gesagt, Vielen Dank, wenn ich als Vollamateur noch etwas beachten sollte, bitte kurze Info. Gruß |
|
| Themen zu appround.net Virus 2 |
| adresse, appround.net, erstellt, hijack.startpage, klicken, löschen, minuten, pup.loadtubes, pup.vshareredir, richtig, stelle, thema, virus, werbung |
Linear-Darstellung
