| |
| |||||||
Log-Analyse und Auswertung: Spybot hat 62 Sachen gefunden - beheben?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.06.2013, 12:15
| #1 |
 |  Spybot hat 62 Sachen gefunden - beheben? Hallo, Spybot hat ganz viel bei mir gefunden und ehe ich da selbst dran rumwerkle, wollte ich hören, was ihr denkt, zumal ich keine Ahnung von sowas hab. Ist es denn jetzt erstmal zumindest in Quarantäne, sodass es keinen Schaden mehr anrichten kann? Ich danke euch schonmal für eure Zeit. Hier die Funde: Search results from Spybot - Search & Destroy 17.06.2013 13:07:06 Scan took 00:49:46. 62 items found. Barowwsoe2Save: [SBI $284E9FC1] Settings (Registry Key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Barowwsoe2Save: [SBI $284E9FC1] Settings (Registry Key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} PriceGong: [SBI $BC168C8D] User settings (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} SaveByClick: [SBI $31C79FD6] Program directory (Directory, nothing done) C:\ProgramData\SaveByClick\ Directory.subfile=C:\ProgramData\SaveByClick\50d0b59971eff.js Directory.subfile.size=9 Directory.subfile.md5=99FA5D714D971A49B67DE27E0D8871BE Directory.subfile.filedate=1355855257 Directory.subfile.filedatetext=2012-12-18 20:27:37 SaveByClick: [SBI $EE5E95D8] Executable (File, nothing done) C:\ProgramData\SaveByclick\uninstall.exe Properties.size=0 Properties.md5=D41D8CD98F00B204E9800998ECF8427E MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Silvija Sagolj) (Browser: Cookie, nothing done) MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Silvija Sagolj) (Browser: Cookie, nothing done) Statcounter: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) DoubleClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) DoubleClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) MediaPlex: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) 7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\7-ZIP\FM\FolderHistory 7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\7-ZIP\FM\PanelPath0 Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Internet Explorer\TypedURLs Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Smart Projects\IsoBuster\LastSavedPath MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Microsoft Management Console\Recent File List MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-4120619775-2555974261-1378655148-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Cookie: [SBI $49804B54] Browser: Cookie (4) (Browser: Cookie, nothing done) Cache: [SBI $49804B54] Browser: Cache (164) (Browser: Cache, nothing done) Verlauf: [SBI $49804B54] Browser: History (22) (Browser: History, nothing done) Cookie: [SBI $49804B54] Browser: Cookie (721) (Browser: Cookie, nothing done) Verlauf: [SBI $49804B54] Browser: History (386) (Browser: History, nothing done) --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) --- 2013-05-16 blindman.exe (2.1.18.151) 2013-05-16 explorer.exe (2.1.18.177) 2013-05-16 SDBootCD.exe (2.1.18.109) 2013-05-16 SDCleaner.exe (2.1.18.110) 2013-05-16 SDDelFile.exe (2.1.18.94) 2013-05-16 SDFiles.exe (2.1.18.135) 2013-03-20 SDFileScanHelper.exe (2.1.16.1) 2013-05-16 SDFSSvc.exe (2.1.18.208) 2013-05-16 SDHookHelper.exe (2.1.18.2) 2013-05-16 SDHookInst32.exe (2.1.18.2) 2013-05-16 SDHookInst64.exe (2.1.18.2) 2013-05-16 SDImmunize.exe (2.1.18.130) 2013-05-16 SDLogReport.exe (2.1.18.107) 2013-05-16 SDOnAccess.exe (2.1.18.4) 2013-05-16 SDPESetup.exe (2.1.18.3) 2013-05-16 SDPEStart.exe (2.1.18.86) 2013-05-16 SDPhoneScan.exe (2.1.18.28) 2013-05-16 SDPRE.exe (2.1.18.22) 2013-05-16 SDPrepPos.exe (2.1.18.10) 2013-05-16 SDQuarantine.exe (2.1.18.103) 2013-05-16 SDRootAlyzer.exe (2.1.18.116) 2013-05-16 SDSBIEdit.exe (2.1.18.39) 2013-05-16 SDScan.exe (2.1.18.177) 2013-05-16 SDScript.exe (2.1.18.53) 2013-05-16 SDSettings.exe (2.1.18.136) 2013-05-16 SDShell.exe (2.1.18.2) 2013-05-16 SDShred.exe (2.1.18.107) 2013-05-16 SDSysRepair.exe (2.1.18.101) 2013-05-16 SDTools.exe (2.1.18.150) 2013-05-16 SDTray.exe (2.1.18.127) 2013-05-16 SDUpdate.exe (2.1.18.91) 2013-05-16 SDUpdSvc.exe (2.1.18.76) 2013-05-16 SDWelcome.exe (2.1.18.129) 2013-05-15 SDWSCSvc.exe (2.1.18.2) 2013-06-17 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98) 2013-05-16 SDAV.dll 2013-05-16 SDECon32.dll (2.1.18.113) 2013-05-16 SDECon64.dll (2.1.18.113) 2013-04-05 SDEvents.dll (2.1.16.2) 2013-05-16 SDFileScanLibrary.dll (2.1.18.12) 2013-05-16 SDHook32.dll (2.1.18.2) 2013-05-16 SDHook64.dll (2.1.18.2) 2013-05-16 SDImmunizeLibrary.dll (2.1.18.2) 2013-05-16 SDLicense.dll (2.1.18.0) 2013-05-16 SDLists.dll (2.1.18.4) 2013-05-16 SDResources.dll (2.1.18.7) 2013-05-16 SDScanLibrary.dll (2.1.18.131) 2013-05-16 SDTasks.dll (2.1.18.15) 2013-05-16 SDWinLogon.dll (2.1.18.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2013-05-16 Tools.dll (2.1.18.36) 2012-12-18 Includes\Adware.sbi (*) 2013-06-12 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2012-11-14 Includes\Dialer.sbi (*) 2012-11-14 Includes\DialerC.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2012-11-14 Includes\Hijackers.sbi (*) 2012-11-14 Includes\HijackersC.sbi (*) 2012-11-14 Includes\iPhone.sbi (*) 2012-11-14 Includes\Keyloggers.sbi (*) 2012-12-18 Includes\KeyloggersC.sbi (*) 2013-05-29 Includes\Malware.sbi (*) 2013-06-12 Includes\MalwareC.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2013-06-12 Includes\PUPSC.sbi (*) 2012-11-14 Includes\Security.sbi (*) 2012-11-14 Includes\SecurityC.sbi (*) 2013-05-22 Includes\Spyware.sbi (*) 2013-05-08 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2013-01-16 Includes\Trojans.sbi (*) 2013-05-13 Includes\TrojansC-02.sbi (*) 2013-06-12 Includes\TrojansC-03.sbi (*) 2013-03-14 Includes\TrojansC-04.sbi (*) 2013-05-08 Includes\TrojansC-05.sbi (*) 2013-04-19 Includes\TrojansC.sbi (*) |
|
17.06.2013, 12:16
| #2 |
| /// Malware-holic   | Spybot hat 62 Sachen gefunden - beheben? Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
17.06.2013, 12:27
| #3 |
| | Spybot hat 62 Sachen gefunden - beheben? Ok, es scannt gerade,dauert wohl etwas laenger,richtig? Weil ich ja jetzt alles zu gemacht habe, sind die ganzen Funde wieder "frei unterwegs" oder zumindest in Quarantäne, oder machen die paar Minuten jetzt auch keinen Unterschied?
__________________Und vielen,lieben Dank fuer die schnelle Hilfe. Eve |
|
17.06.2013, 12:33
| #4 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? der scan dauert was und die funde löschen wir dann schon b
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 12:35
| #5 |
| | Spybot hat 62 Sachen gefunden - beheben? Super,vielen,vielen Dank. Ich war so nervös. Ich meld mich,wenn er fertig ist. |
|
17.06.2013, 12:36
| #6 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? lass bitte solche zwischenposts weg, da neue an den angehangen werden muss ich immer reingucken
__________________ --> Spybot hat 62 Sachen gefunden - beheben? |
|
17.06.2013, 12:42
| #7 |
| | Spybot hat 62 Sachen gefunden - beheben? Sorry. Also hier die Ergebnisse:OTL Logfile: Code:
ATTFilter OTL logfile created on: 17.06.2013 13:20:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silvija Sagolj\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 5,10 Gb Available Physical Memory | 64,58% Memory free 15,79 Gb Paging File | 12,63 Gb Available in Paging File | 79,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 679,00 Gb Total Space | 574,09 Gb Free Space | 84,55% Space Free | Partition Type: NTFS Drive D: | 698,63 Gb Total Space | 210,52 Gb Free Space | 30,13% Space Free | Partition Type: NTFS Computer Name: SILVIJASAGOLJ | User Name: Silvija Sagolj | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.17 13:18:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silvija Sagolj\Downloads\OTL.exe PRC - [2013.06.09 14:19:59 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe PRC - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe PRC - [2013.05.16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013.05.15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013.05.07 13:25:50 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.03.25 15:38:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.03.25 15:38:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.10.18 19:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2011.10.18 19:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2011.10.18 19:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2011.10.18 19:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe PRC - [2011.10.17 23:01:00 | 001,999,168 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011.09.22 18:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE PRC - [2011.09.22 18:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2011.09.22 18:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE PRC - [2011.09.21 18:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE PRC - [2011.08.12 04:05:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe PRC - [2011.08.08 19:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe PRC - [2011.08.08 19:26:00 | 002,034,752 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe PRC - [2011.08.08 19:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe PRC - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.12.17 18:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ========== Modules (No Company Name) ========== MOD - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe MOD - [2013.05.16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2013.05.15 19:31:15 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\990123c5701a26f1d724150839811bce\System.Xml.Linq.ni.dll MOD - [2013.05.15 19:30:20 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\1e8f7367eaa08c5057d78c093982f8f0\System.IdentityModel.ni.dll MOD - [2013.05.15 19:30:18 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e698a866fd16973a24ca6697218028ad\System.ServiceModel.ni.dll MOD - [2013.05.15 19:30:05 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll MOD - [2013.05.15 19:26:28 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll MOD - [2013.05.15 19:26:15 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013.05.15 19:26:09 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll MOD - [2013.05.15 19:26:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll MOD - [2013.05.15 19:25:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013.02.14 08:55:37 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll MOD - [2013.02.14 08:24:50 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013.01.09 17:02:09 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll MOD - [2013.01.09 16:38:19 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll MOD - [2013.01.09 16:38:16 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll MOD - [2013.01.09 16:33:57 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013.01.09 16:33:15 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.09 16:32:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.09 16:32:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.09 16:32:16 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2011.12.08 20:18:32 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.10.17 23:01:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2011.09.22 18:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE MOD - [2011.08.08 19:26:12 | 000,475,200 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe MOD - [2011.08.08 19:26:00 | 002,034,752 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe MOD - [2011.08.08 19:26:00 | 000,891,456 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DMR.exe MOD - [2011.07.21 09:35:48 | 000,328,256 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll MOD - [2011.07.17 11:36:10 | 000,032,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\ServiceProxy.dll MOD - [2011.07.17 11:35:36 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll MOD - [2011.07.06 17:53:42 | 000,068,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\DMRUI.dll MOD - [2011.06.25 00:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll MOD - [2010.12.17 18:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010.11.21 08:49:35 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2010.11.21 08:49:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.03.22 16:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll MOD - [2010.03.16 21:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll MOD - [2010.03.16 21:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll MOD - [2010.03.16 21:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll MOD - [2010.03.11 20:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll MOD - [2010.03.11 20:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll MOD - [2010.03.05 16:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll MOD - [2010.03.05 16:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll MOD - [2007.04.19 09:28:58 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll MOD - [2007.04.13 10:39:14 | 000,252,672 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\kgl.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.02.03 20:35:28 | 000,183,264 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService) SRV:64bit: - [2013.02.03 20:35:22 | 000,552,928 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService) SRV:64bit: - [2013.02.03 20:32:58 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService) SRV:64bit: - [2011.09.16 02:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2011.09.16 02:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011.09.16 02:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2011.09.15 17:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2011.06.03 20:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2010.11.29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013.06.17 11:50:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.03.25 15:38:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.03.25 15:38:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.10.18 19:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011.10.18 19:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011.10.18 19:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2011.10.17 23:01:00 | 001,999,168 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.17 01:00:22 | 000,380,224 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.09.22 18:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2011.08.12 02:04:58 | 000,248,304 | ---- | M] (CyberLink) [On_Demand | Stopped] -- c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124) SRV - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013.04.03 09:58:08 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2013.04.03 09:58:08 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2013.04.03 09:58:08 | 000,038,080 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2013.04.03 09:58:08 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2013.03.25 15:38:24 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.03.25 15:38:24 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.03.25 15:38:24 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.02.03 20:32:42 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto) DRV:64bit: - [2013.01.03 10:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2013.01.03 10:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.08 20:18:42 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.12.08 20:18:42 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.10.17 23:01:00 | 000,027,712 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011.10.11 21:08:00 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011.10.11 00:43:16 | 000,288,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011.09.18 12:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.09.15 17:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2011.09.15 17:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.08.30 00:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2011.08.26 07:09:20 | 000,390,704 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.08.25 20:21:00 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2011.08.24 07:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.07.20 00:39:56 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.06.16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2011.06.13 02:44:40 | 000,122,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB) DRV:64bit: - [2011.05.19 09:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio) DRV:64bit: - [2011.05.17 17:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.05.17 17:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011.02.11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.02.11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.12.13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010.11.29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.08.20 12:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010.07.13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt) DRV:64bit: - [2010.03.19 11:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007.08.07 02:21:32 | 000,057,776 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2006.11.01 20:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2013.04.18 12:09:20 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {88E0DB61-FF3C-47A3-9080-6EDB2F61D75B} IE:64bit: - HKLM\..\SearchScopes\{88E0DB61-FF3C-47A3-9080-6EDB2F61D75B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {88E0DB61-FF3C-47A3-9080-6EDB2F61D75B} IE - HKLM\..\SearchScopes\{88E0DB61-FF3C-47A3-9080-6EDB2F61D75B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Silvija Sagolj\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Silvija Sagolj\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.10 09:47:50 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: Google CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Silvija Sagolj\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Google Drive = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Kalender = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\ CHR - Extension: AdBlock = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ CHR - Extension: Chrome to Mobile = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\1.0.0_0\ CHR - Extension: Google Mail = C:\Users\Silvija Sagolj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe () O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd64.cab (Launcher Class) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D395E90-1988-444C-B614-3C94D126AAA4}: DhcpNameServer = 13.36.0.102 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6E0B243-3943-45F7-BCE4-B1FD4590DDBB}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{5c40684a-c4d0-11e1-aa66-4c8093304b10}\Shell - "" = AutoRun O33 - MountPoints2\{5c40684a-c4d0-11e1-aa66-4c8093304b10}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.enter-telekom.de O33 - MountPoints2\{a0d82910-aff3-11e1-8973-4c8093304b10}\Shell - "" = AutoRun O33 - MountPoints2\{a0d82910-aff3-11e1-8973-4c8093304b10}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{be15ca5b-a948-11e1-964b-4c8093304b10}\Shell - "" = AutoRun O33 - MountPoints2\{be15ca5b-a948-11e1-964b-4c8093304b10}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.enter-telekom.de O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.06.17 11:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.06.17 11:36:40 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.06.17 08:12:13 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\Avira [2013.06.17 04:56:22 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Documents\ProcAlyzer Dumps [2013.06.17 04:46:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.06.15 19:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox [2013.06.15 19:38:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\SSync [2013.06.15 19:38:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\SCheck [2013.06.15 19:38:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\Intermediate [2013.06.15 19:38:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\DataMgr [2013.06.15 19:38:10 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\Common [2013.06.15 18:49:32 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Documents\Steganos Safe [2013.06.15 18:39:40 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\Steganos [2013.06.15 18:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steganos [2013.06.15 18:35:17 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Desktop\Private [2013.06.15 18:32:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.06.14 14:57:49 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Local\Evernote [2013.06.14 14:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote [2013.06.11 05:06:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Desktop\Galaxy S4 [2013.06.09 15:59:20 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Local\ElevatedDiagnostics [2013.06.09 14:22:50 | 000,000,000 | --SD | C] -- C:\Users\Silvija Sagolj\Google Drive [2013.06.09 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2013.06.09 14:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.06.08 16:00:13 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\Amazon [2013.06.08 16:00:12 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Documents\Amazon MP3 [2013.06.08 16:00:11 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Local\Program Files [2013.06.06 18:17:32 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Desktop\micro sd [2013.06.05 08:27:48 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\.android [2013.06.04 09:15:02 | 000,103,448 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2013.06.04 09:15:00 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2013.05.29 21:10:00 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\MyPhoneExplorer [2013.05.29 21:09:51 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\Desktop\phone [2013.05.29 21:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer [2013.05.29 21:09:43 | 000,000,000 | ---D | C] -- C:\Users\Silvija Sagolj\AppData\Roaming\mozilla [2013.05.29 21:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer [2013.05.29 20:31:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.05.29 20:03:48 | 000,188,232 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadmdm.sys [2013.05.29 20:03:48 | 000,021,320 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadmdfl.sys [2013.05.29 20:03:48 | 000,017,736 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwhnt.sys [2013.05.29 20:03:48 | 000,017,736 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys [2013.05.29 20:03:47 | 000,169,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadbus.sys [2013.05.29 20:03:47 | 000,017,224 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcmnt.sys [2013.05.29 20:03:47 | 000,017,224 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys [2013.05.29 20:02:57 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe [2013.05.24 15:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows [2013.05.24 15:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell [2010.06.12 02:18:55 | 001,100,664 | ---- | C] (Microsoft Corporation) -- C:\Users\Silvija Sagolj\SETUP.EXE ========== Files - Modified Within 30 Days ========== [2013.06.17 13:25:02 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.17 12:50:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.17 12:33:00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001UA.job [2013.06.17 12:03:01 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.17 12:03:01 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.17 12:02:15 | 001,620,536 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.17 12:02:15 | 000,699,812 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.17 12:02:15 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.17 12:02:15 | 000,149,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.17 12:02:15 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.17 11:59:42 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.17 11:59:42 | 000,000,362 | -H-- | M] () -- C:\Windows\tasks\CoolYouUpdaterTask{77F86D55-6837-4E35-B7D2-F565952FB4E7}.job [2013.06.17 11:54:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.17 11:36:44 | 000,001,385 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.06.15 19:37:48 | 003,624,763 | ---- | M] () -- C:\Users\Silvija Sagolj\Desktop\mylockbox_setup.zip [2013.06.11 18:33:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001Core.job [2013.06.09 14:22:51 | 000,001,735 | ---- | M] () -- C:\Users\Silvija Sagolj\Desktop\Google Drive.lnk [2013.06.05 20:39:56 | 000,002,422 | ---- | M] () -- C:\Users\Silvija Sagolj\Desktop\Google Chrome.lnk [2013.06.05 08:25:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2013.05.30 22:04:22 | 026,437,377 | ---- | M] () -- C:\Users\Silvija Sagolj\Desktop\S-Voice_Android_phone_J.apk [2013.05.29 21:09:48 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk [2013.05.29 20:31:46 | 763,568,942 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.29 20:19:00 | 001,641,654 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.05.29 20:04:24 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk ========== Files Created - No Company Name ========== [2013.06.17 11:36:44 | 000,001,397 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.06.17 11:36:44 | 000,001,385 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.06.15 19:37:41 | 003,624,763 | ---- | C] () -- C:\Users\Silvija Sagolj\Desktop\mylockbox_setup.zip [2013.06.09 14:22:51 | 000,001,735 | ---- | C] () -- C:\Users\Silvija Sagolj\Desktop\Google Drive.lnk [2013.06.09 14:20:00 | 000,001,126 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.09 14:20:00 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.05 08:25:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2013.05.29 21:09:48 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk [2013.05.29 20:31:46 | 763,568,942 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.29 20:04:24 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2013.05.29 20:02:57 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll [2013.05.29 20:02:57 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys [2012.06.26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.05.25 22:47:14 | 000,008,704 | ---- | C] () -- C:\Users\Silvija Sagolj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.08 13:10:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc [2011.12.08 19:58:08 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.12.08 19:58:06 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.12.08 19:58:04 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.12.08 19:58:03 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.12.08 19:58:02 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2010.06.09 03:25:10 | 000,000,175 | ---- | C] () -- C:\Users\Silvija Sagolj\autorun.inf ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.06.08 16:00:13 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Amazon [2012.12.18 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\APP_NAME_NON_STRING [2013.03.08 18:58:32 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\BitTorrent [2013.06.15 19:38:10 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Common [2013.06.17 11:26:11 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\DataMgr [2012.06.19 15:42:41 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Dropbox [2012.05.02 19:50:41 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Fingertapps [2013.06.17 11:26:11 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Intermediate [2012.05.02 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Leadertech [2013.06.17 11:26:37 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\MyPhoneExplorer [2012.05.10 12:03:27 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\PCDr [2012.12.18 20:13:21 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\PDF Architect [2012.07.20 08:16:17 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\phonostar GmbH [2013.05.29 19:52:43 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Samsung [2013.06.17 11:26:09 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\SCheck [2012.08.30 12:23:16 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Soluto [2013.06.17 11:26:09 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\SSync [2013.06.15 19:39:05 | 000,000,000 | ---D | M] -- C:\Users\Silvija Sagolj\AppData\Roaming\Steganos ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.07.12 16:18:12 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2011.12.08 19:34:20 | 000,000,000 | ---D | M] -- C:\apps [2013.06.09 14:25:00 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2012.05.02 21:13:30 | 000,000,000 | ---D | M] -- C:\DELL [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.05.02 19:46:50 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.12.08 19:59:43 | 000,000,000 | ---D | M] -- C:\Drivers [2013.02.24 20:25:45 | 000,000,000 | ---D | M] -- C:\Firefox [2011.12.08 18:54:56 | 000,000,000 | ---D | M] -- C:\Intel [2013.06.17 11:23:50 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2013.06.17 11:24:29 | 000,000,000 | ---D | M] -- C:\Program Files [2013.06.17 12:21:20 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2013.06.17 11:26:35 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.05.02 19:46:50 | 000,000,000 | -HSD | M] -- C:\Programme [2012.05.02 19:52:23 | 000,000,000 | -HSD | M] -- C:\System Recovery [2013.06.17 13:23:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.05.02 21:07:21 | 000,000,000 | ---D | M] -- C:\Temp [2012.05.02 19:47:06 | 000,000,000 | R--D | M] -- C:\Users [2013.06.17 11:27:36 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.08.07 16:27:05 | 000,000,362 | -H-- | C] () -- C:\Windows\Tasks\CoolYouUpdaterTask{77F86D55-6837-4E35-B7D2-F565952FB4E7}.job [2012.11.29 21:18:06 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001Core.job [2012.11.29 21:18:06 | 000,001,156 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001UA.job [2013.04.23 15:57:27 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2013.06.09 14:20:00 | 000,001,122 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2013.06.09 14:20:00 | 000,001,126 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2013.05.16 10:58:12 | 003,859,928 | ---- | M] (Safer-Networking Ltd.) MD5=03250DB0886A23B1F6C077C5D9F152B0 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe [2011.12.08 20:18:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011.12.08 20:18:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.12.08 20:18:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.12.08 20:18:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.12.08 20:18:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.12.08 20:18:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTOR.SYS > [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Drivers\Chipset_IRST\f6flpy-x64\iaStor.sys [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.12.08 20:18:42 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.12.08 20:18:42 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.12.08 20:18:42 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.12.08 20:18:42 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.12.08 20:18:42 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.12.08 20:18:42 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.12.08 20:18:42 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.12.08 20:18:42 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.12.14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2010.06.09 03:25:10 | 000,000,175 | ---- | M] () -- C:\Users\Silvija Sagolj\autorun.inf [2013.06.17 13:33:05 | 003,932,160 | -HS- | M] () -- C:\Users\Silvija Sagolj\ntuser.dat [2013.06.17 13:33:05 | 000,262,144 | -HS- | M] () -- C:\Users\Silvija Sagolj\ntuser.dat.LOG1 [2012.05.02 19:47:12 | 000,000,000 | -HS- | M] () -- C:\Users\Silvija Sagolj\ntuser.dat.LOG2 [2012.05.02 21:12:42 | 000,065,536 | -HS- | M] () -- C:\Users\Silvija Sagolj\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012.05.02 21:12:42 | 000,524,288 | -HS- | M] () -- C:\Users\Silvija Sagolj\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012.05.02 21:12:42 | 000,524,288 | -HS- | M] () -- C:\Users\Silvija Sagolj\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.05.02 19:47:12 | 000,000,020 | -HS- | M] () -- C:\Users\Silvija Sagolj\ntuser.ini [2010.06.12 02:18:55 | 001,100,664 | ---- | M] (Microsoft Corporation) -- C:\Users\Silvija Sagolj\SETUP.EXE < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > < End of report > und extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 17.06.2013 13:20:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silvija Sagolj\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 5,10 Gb Available Physical Memory | 64,58% Memory free
15,79 Gb Paging File | 12,63 Gb Available in Paging File | 79,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 574,09 Gb Free Space | 84,55% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 210,52 Gb Free Space | 30,13% Space Free | Partition Type: NTFS
Computer Name: SILVIJASAGOLJ | User Name: Silvija Sagolj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009FE40A-F26B-408D-BCE5-5C6A560BEE83}" = rport=137 | protocol=17 | dir=out | app=system |
"{00B8796C-1E02-4E71-A6EC-A8659DCFB7EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{040934C0-2A0C-4AE8-B5ED-E6425C2D251A}" = rport=445 | protocol=6 | dir=out | app=system |
"{040EFCA0-585E-4050-B507-09D25C4D2896}" = lport=445 | protocol=6 | dir=in | app=system |
"{1238187E-073E-402B-BE76-2D3FA70F53FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19D763A6-BC29-43CF-8F39-02577FD8B3F5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2CB65E32-6B7C-4C83-87EB-11D9224D828C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{449508BB-DCCD-4E39-8C20-2B3C611878CC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{46D719BD-036C-4EF8-8E08-7E7A767AD6F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5683996E-9D94-48ED-B1BE-B219FE2B3072}" = rport=139 | protocol=6 | dir=out | app=system |
"{615B6B84-4FFD-43B7-A95E-52A34973E2B3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CA60CD0-1247-4164-9A8D-D0B128AB9FFC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7D3682D0-D0E6-4F27-B21C-4248942F9ED8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8592118D-A2FC-4B36-8B9D-976DBB756332}" = rport=138 | protocol=17 | dir=out | app=system |
"{980DE46C-5542-45A4-9C36-110C011F37AB}" = lport=139 | protocol=6 | dir=in | app=system |
"{99FC6D4B-CCEB-4C90-8AA5-656DD5B0DDD9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AE7F002E-2F05-4706-BCF5-CE483F99ED2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AF46B0E1-892B-4F8C-9574-F994E872E0EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEE4D5AA-02A5-406B-BFFF-C44E63B1B8B5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C380C088-D410-4048-AA6C-B47FC735B11B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CAA09545-A21D-46F4-8EF0-F7A7F67ECDCB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F19B4217-03F2-40DA-ABDB-D1682F559B53}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F804D4E1-BC9F-4444-9D43-7DCE478E2126}" = lport=137 | protocol=17 | dir=in | app=system |
"{FC1295A6-3049-4EC7-9C0A-6B2DC8C5DDE2}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07960949-1E8E-45A6-97FD-035D39CEA3D3}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{07D23322-A15F-439E-A4A8-B8B340748E11}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{09B83CF4-232F-4A25-9120-CC0386BD74C1}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{0AFC2001-2128-430B-B79F-6EE9CA431DF6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{0E962BFE-182D-426D-98D8-649750AC7419}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{1490F8CD-0A87-40ED-8FBD-5D260146A79A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{14D6D9C2-956B-4ACD-AAA7-65129C22D57D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{153D0F1E-40D1-4BC2-8BA1-B9D1E9576A28}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{20295019-7304-4B37-BABF-4CFC98FF4B10}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{2124BA46-4914-47EB-B24E-FAB14B336BF9}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{21349901-90CE-471E-881F-FB6142B77A1E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{250E39B5-1927-49FF-83C1-B337FF8EFB40}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2614D19E-BA2C-4984-9CF3-2CC3515BF4C6}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{26E4D42F-CBB8-42E1-A273-D51F7EF03E49}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D864264-3FA1-4D52-A8E5-A638D69BAAE4}" = protocol=6 | dir=out | app=system |
"{2E0B3B90-775C-4AB7-8A35-9F57AF4169B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30911E2C-3B45-41A7-B768-B1AA61048496}" = protocol=17 | dir=in | app=c:\users\silvija sagolj\downloads\solutoinstaller.exe |
"{363531CA-A1A0-4C56-9095-C09E82D75DBA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3B6DBD5C-8C8C-4578-82B6-78639627930A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3F701819-09BC-40E4-9773-477CE01E638B}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{42AED45C-2316-457B-9BE6-88409F27570A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{4AC55E67-FB07-466D-A5E8-8FA93D451C8B}" = protocol=6 | dir=in | app=c:\users\silvija sagolj\downloads\solutoinstaller.exe |
"{53BC528E-F94A-4D0C-A9A2-BD51BA7C38E4}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{53F430C9-A970-4103-BCD9-71D83618BF36}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{56443A2A-346F-442B-8F16-872C7B966092}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{59EFB704-96CE-44E6-BAC6-0341F0DC7268}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5AEFD508-3A0E-429C-8B27-48C15DB633DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D7C14DB-45A6-442E-9CEF-6A9362A58073}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{600D6C51-C42B-4678-B622-C2B865215E17}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63D3C635-A3A4-4168-A241-37249AE7D445}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{641CB6A9-379E-4B7C-8896-D3E8B6ED073F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6904446A-C043-4F4D-9388-9EA06D56D5F8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6CCD72BE-1367-4447-867A-3D638672F95C}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{7222C3DE-8B79-4F19-9C33-3F33ACF399C2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{77A93C7E-FF53-48FE-9757-BEA524A138BA}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{7FE49786-34F3-4424-9845-608F1420B030}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{80DAF734-6016-4665-AA75-5D1DCA39B1F8}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{854CC926-C2A3-4E3D-812D-CF6553D138F5}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{85F92631-540C-42BE-B76C-92EA15F39296}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{877105AE-D701-430E-805D-1C9FC02B4995}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{879464A6-A4CA-4555-B677-00810C492E0A}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{8F5F6765-A9D5-45E0-9B6F-3E8BF7C2E2BF}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{90D01711-EE98-46B0-8A1D-F56607E0B2DA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{927417E4-73AA-4215-AAF4-C73BBCD4FCC6}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{982CAA13-536A-4ECC-9702-4DA09124D3C5}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{AB1E6016-5311-4FF7-A2BE-9CC2EA6F2E64}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{AEE2A268-E009-43C3-9731-C37F98B9B925}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B38D6050-6F5B-40B0-978F-1CDE3D461719}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B51E018B-6C7C-44A1-8670-9DAF8A998B88}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{B8E2043F-B77F-4992-B651-3C5B5B072B94}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{C1D119C3-9654-4FCA-8692-392B7BD9A9E0}" = protocol=17 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\dropbox\bin\dropbox.exe |
"{CB3A5950-0D35-4F0F-BDF2-94F3394FEF0F}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{CC49A8BB-FCAC-44A7-8F06-1FA71669247E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC4A84B8-1D02-443F-86F2-2C82575DBEAF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD8A03A5-1CB0-4E78-8D89-EBC0FC81FD96}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{D1323EA6-4DAF-4CF2-955D-B8A6171AFA19}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{D1E5B8DB-038C-48B8-B296-1E24A6FA4749}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{D28CAE97-5E65-480A-A4F8-0E6FDC34C3BA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4E3571E-3CCE-4A11-B1DD-86BCDC0F67DE}" = protocol=6 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\dropbox\bin\dropbox.exe |
"{D67F4CCB-AF6B-4CA1-A216-B5F07A448703}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{DFF79879-0D85-40A7-B6E9-2C12B215CEC4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{E18C7950-3AD2-471B-8D23-A8DC6F2A9494}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{E3096374-5F25-428F-93BD-D6F71EE09150}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E6E0F10A-6B4E-4179-A096-93FA644C2741}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E7F91274-B9A0-4190-A3DC-17D6437082CD}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{EE4159B6-84C8-46F6-8ECA-3833BC5D29E7}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{EFF393D2-9E1B-41E3-ABD0-AD23774A87F8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{F0A98100-9839-4EFF-BB11-A0067C6697B4}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{F5FE82F6-334D-4387-B11F-A420DAE2DB36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F740A0E7-7B10-4424-874F-79682EA457BB}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{FC228BE8-332A-4049-BFD4-E448A8BA33A9}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{FD024438-E0FD-4CA1-8C2B-E6C9DB97498C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FE78E130-008F-4EDD-8FD3-BA679FEAC788}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"TCP Query User{312D810A-0A12-4EC3-BAA2-CA5DA729436E}C:\users\silvija sagolj\desktop\bittorrent_7.6.1.27221.exe" = protocol=6 | dir=in | app=c:\users\silvija sagolj\desktop\bittorrent_7.6.1.27221.exe |
"TCP Query User{6FE1F3EF-005C-4D9D-A6EF-45B05D9334AA}C:\windows\keygen.exe" = protocol=6 | dir=in | app=c:\windows\keygen.exe |
"TCP Query User{84F12F43-F6FA-4D4E-B301-7D55EF696543}C:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A909C5FC-BAED-4B37-89A9-14EFF2A8E6F1}C:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe |
"TCP Query User{ABDD1A02-B1F8-4A35-A00A-E39C16FCC204}C:\windows\keygen.exe" = protocol=6 | dir=in | app=c:\windows\keygen.exe |
"TCP Query User{E434D432-0189-44AB-9709-199C377CC744}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{5125FC83-04A8-47E7-A92C-E4A7F3166F3C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{682B9C70-AD33-4BE9-883E-56F29E6D9B1A}C:\users\silvija sagolj\desktop\bittorrent_7.6.1.27221.exe" = protocol=17 | dir=in | app=c:\users\silvija sagolj\desktop\bittorrent_7.6.1.27221.exe |
"UDP Query User{939E1BD8-DD33-497A-8957-94680C4EA587}C:\windows\keygen.exe" = protocol=17 | dir=in | app=c:\windows\keygen.exe |
"UDP Query User{BE0EC2F5-4DF6-4CF0-A42A-BC43751A3B73}C:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CCC00A50-502B-4FDF-B04F-AAEA4E3F2EC2}C:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\silvija sagolj\appdata\roaming\spotify\spotify.exe |
"UDP Query User{D942ABC2-FCC1-4154-8089-65ABDF01449C}C:\windows\keygen.exe" = protocol=17 | dir=in | app=c:\windows\keygen.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E931A51-A183-4E66-8562-D82896E74C67}" = CoolYou Gadget
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi-Software
"{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{70675CAC-C262-4765-BBCA-FB0D66252AF4}" = Soluto
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 269.59
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 269.59
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 269.59
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD706AF-B542-438C-999E-B30C7F625C8D}" = Intel(R) WiDi
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}" = Dell Stage Remote
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}" = Dell MusicStage
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56A0DD94-47D9-4AC8-B5A1-8A8CA77C4B89}" = Dell Stage
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup" = DivX-Setup
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MPE" = MyPhoneExplorer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PowerISO" = PowerISO
"ProInst" = Intel PROSet Wireless
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.18
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.10.2012 22:27:38 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 04.10.2012 11:22:41 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 04.10.2012 22:15:30 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 05.10.2012 09:45:24 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 05.10.2012 23:54:16 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 07.10.2012 02:02:01 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 07.10.2012 22:16:04 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 08.10.2012 09:46:32 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 08.10.2012 13:15:29 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
Error - 08.10.2012 23:20:01 | Computer Name = SilvijaSagolj | Source = WinMgmt | ID = 10
Description =
[ Spybot - Search and Destroy Events ]
Error - 16.06.2013 23:51:32 | Computer Name = SilvijaSagolj | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 17.06.2013 05:20:05 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:05 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:05 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:06 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:15 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:15 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:20:15 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.06.2013 05:21:12 | Computer Name = SilvijaSagolj | Source = DCOM | ID = 10005
Description =
Error - 17.06.2013 05:27:55 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.
Error - 17.06.2013 05:29:29 | Computer Name = SilvijaSagolj | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.
< End of report >
|
|
17.06.2013, 12:51
| #8 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 13:00
| #9 |
| | Spybot hat 62 Sachen gefunden - beheben? Ich finde die ogfile leider nicht Ich habe oben rechts auf report geklickt, hoffe das ist es: 13:58:00.0869 7948 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 13:58:01.0025 7948 ============================================================ 13:58:01.0025 7948 Current date / time: 2013/06/17 13:58:01.0025 13:58:01.0025 7948 SystemInfo: 13:58:01.0025 7948 13:58:01.0025 7948 OS Version: 6.1.7601 ServicePack: 1.0 13:58:01.0025 7948 Product type: Workstation 13:58:01.0025 7948 ComputerName: SILVIJASAGOLJ 13:58:01.0025 7948 UserName: Silvija Sagolj 13:58:01.0025 7948 Windows directory: C:\Windows 13:58:01.0025 7948 System windows directory: C:\Windows 13:58:01.0025 7948 Running under WOW64 13:58:01.0025 7948 Processor architecture: Intel x64 13:58:01.0025 7948 Number of processors: 8 13:58:01.0025 7948 Page size: 0x1000 13:58:01.0025 7948 Boot type: Normal boot 13:58:01.0025 7948 ============================================================ 13:58:01.0505 7948 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:58:01.0839 7948 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:58:01.0901 7948 ============================================================ 13:58:01.0901 7948 \Device\Harddisk0\DR0: 13:58:01.0901 7948 MBR partitions: 13:58:01.0901 7948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000 13:58:01.0901 7948 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0 13:58:01.0901 7948 \Device\Harddisk1\DR1: 13:58:01.0901 7948 MBR partitions: 13:58:01.0901 7948 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000 13:58:01.0901 7948 ============================================================ 13:58:01.0917 7948 C: <-> \Device\Harddisk0\DR0\Partition2 13:58:01.0932 7948 D: <-> \Device\Harddisk1\DR1\Partition1 13:58:01.0932 7948 ============================================================ 13:58:01.0932 7948 Initialize success 13:58:01.0932 7948 ============================================================ 13:58:18.0910 4636 ============================================================ 13:58:18.0910 4636 Scan started 13:58:18.0910 4636 Mode: Manual; SigCheck; TDLFS; 13:58:18.0910 4636 ============================================================ 13:58:19.0518 4636 ================ Scan system memory ======================== 13:58:19.0518 4636 System memory - ok 13:58:19.0518 4636 ================ Scan services ============================= 13:58:19.0627 4636 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:58:19.0740 4636 1394ohci - ok 13:58:19.0758 4636 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys 13:58:19.0775 4636 Acceler - ok 13:58:19.0807 4636 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:58:19.0823 4636 ACPI - ok 13:58:19.0858 4636 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:58:19.0914 4636 AcpiPmi - ok 13:58:20.0002 4636 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:58:20.0017 4636 AdobeARMservice - ok 13:58:20.0126 4636 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:58:20.0158 4636 AdobeFlashPlayerUpdateSvc - ok 13:58:20.0173 4636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 13:58:20.0220 4636 adp94xx - ok 13:58:20.0267 4636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 13:58:20.0298 4636 adpahci - ok 13:58:20.0298 4636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 13:58:20.0314 4636 adpu320 - ok 13:58:20.0345 4636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:58:20.0485 4636 AeLookupSvc - ok 13:58:20.0532 4636 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 13:58:20.0548 4636 AERTFilters - ok 13:58:20.0594 4636 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:58:20.0657 4636 AFD - ok 13:58:20.0673 4636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:58:20.0673 4636 agp440 - ok 13:58:20.0707 4636 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:58:20.0754 4636 ALG - ok 13:58:20.0775 4636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:58:20.0795 4636 aliide - ok 13:58:20.0801 4636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 13:58:20.0812 4636 amdide - ok 13:58:20.0837 4636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 13:58:20.0885 4636 AmdK8 - ok 13:58:20.0907 4636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 13:58:20.0952 4636 AmdPPM - ok 13:58:20.0968 4636 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:58:20.0968 4636 amdsata - ok 13:58:20.0999 4636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 13:58:21.0030 4636 amdsbs - ok 13:58:21.0030 4636 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:58:21.0046 4636 amdxata - ok 13:58:21.0077 4636 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys 13:58:21.0155 4636 AMPPAL - ok 13:58:21.0170 4636 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 13:58:21.0186 4636 AMPPALP - ok 13:58:21.0248 4636 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 13:58:21.0280 4636 AMPPALR3 - ok 13:58:21.0326 4636 [ 3CF7A4350C9646D92F147D620EC0D363 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys 13:58:21.0342 4636 androidusb - ok 13:58:21.0498 4636 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 13:58:21.0529 4636 AntiVirSchedulerService - ok 13:58:21.0560 4636 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 13:58:21.0576 4636 AntiVirService - ok 13:58:21.0607 4636 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 13:58:21.0775 4636 AppID - ok 13:58:21.0792 4636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:58:21.0826 4636 AppIDSvc - ok 13:58:21.0850 4636 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 13:58:21.0885 4636 Appinfo - ok 13:58:21.0913 4636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 13:58:21.0925 4636 arc - ok 13:58:21.0947 4636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 13:58:21.0975 4636 arcsas - ok 13:58:22.0045 4636 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:58:22.0076 4636 aspnet_state - ok 13:58:22.0092 4636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:58:22.0138 4636 AsyncMac - ok 13:58:22.0154 4636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 13:58:22.0185 4636 atapi - ok 13:58:22.0232 4636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:58:22.0294 4636 AudioEndpointBuilder - ok 13:58:22.0310 4636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:58:22.0357 4636 AudioSrv - ok 13:58:22.0404 4636 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 13:58:22.0435 4636 avgntflt - ok 13:58:22.0466 4636 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 13:58:22.0482 4636 avipbb - ok 13:58:22.0497 4636 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 13:58:22.0513 4636 avkmgr - ok 13:58:22.0575 4636 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:58:22.0638 4636 AxInstSV - ok 13:58:22.0669 4636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 13:58:22.0731 4636 b06bdrv - ok 13:58:22.0784 4636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:58:22.0815 4636 b57nd60a - ok 13:58:22.0855 4636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:58:22.0913 4636 BDESVC - ok 13:58:22.0930 4636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:58:22.0987 4636 Beep - ok 13:58:23.0044 4636 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 13:58:23.0122 4636 BFE - ok 13:58:23.0153 4636 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 13:58:23.0262 4636 BITS - ok 13:58:23.0278 4636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:58:23.0325 4636 blbdrive - ok 13:58:23.0403 4636 [ 0F46D2845BD7DDACA52340ECC2B65DA3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 13:58:23.0450 4636 Bluetooth Device Monitor - ok 13:58:23.0481 4636 [ 3341DE556EC28252D603277609EEF8BF ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 13:58:23.0496 4636 Bluetooth Media Service - ok 13:58:23.0559 4636 [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 13:58:23.0590 4636 Bluetooth OBEX Service - ok 13:58:23.0606 4636 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:58:23.0668 4636 bowser - ok 13:58:23.0699 4636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 13:58:23.0768 4636 BrFiltLo - ok 13:58:23.0776 4636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 13:58:23.0798 4636 BrFiltUp - ok 13:58:23.0829 4636 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 13:58:23.0880 4636 Browser - ok 13:58:23.0903 4636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:58:23.0977 4636 Brserid - ok 13:58:23.0988 4636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:58:24.0009 4636 BrSerWdm - ok 13:58:24.0024 4636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:58:24.0043 4636 BrUsbMdm - ok 13:58:24.0059 4636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:58:24.0090 4636 BrUsbSer - ok 13:58:24.0121 4636 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 13:58:24.0168 4636 BthEnum - ok 13:58:24.0199 4636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 13:58:24.0230 4636 BTHMODEM - ok 13:58:24.0246 4636 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 13:58:24.0262 4636 BthPan - ok 13:58:24.0308 4636 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 13:58:24.0340 4636 BTHPORT - ok 13:58:24.0371 4636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:58:24.0418 4636 bthserv - ok 13:58:24.0449 4636 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 13:58:24.0480 4636 BTHSSecurityMgr - ok 13:58:24.0511 4636 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 13:58:24.0558 4636 BTHUSB - ok 13:58:24.0589 4636 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys 13:58:24.0652 4636 btmaudio - ok 13:58:24.0667 4636 [ AB0A33001FE7EBB209D9D52CED11BE1A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 13:58:24.0730 4636 btmaux - ok 13:58:24.0779 4636 [ 5BA4C6F82A5CA3307C0579D9F7B36E28 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 13:58:24.0822 4636 btmhsf - ok 13:58:24.0850 4636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:58:24.0931 4636 cdfs - ok 13:58:24.0963 4636 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:58:24.0984 4636 cdrom - ok 13:58:25.0023 4636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 13:58:25.0090 4636 CertPropSvc - ok 13:58:25.0105 4636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 13:58:25.0121 4636 circlass - ok 13:58:25.0136 4636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:58:25.0152 4636 CLFS - ok 13:58:25.0230 4636 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe 13:58:25.0246 4636 CLKMSVC10_9EC60124 - ok 13:58:25.0292 4636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:58:25.0324 4636 clr_optimization_v2.0.50727_32 - ok 13:58:25.0355 4636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:58:25.0355 4636 clr_optimization_v2.0.50727_64 - ok 13:58:25.0417 4636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:58:25.0433 4636 clr_optimization_v4.0.30319_32 - ok 13:58:25.0464 4636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:58:25.0480 4636 clr_optimization_v4.0.30319_64 - ok 13:58:25.0495 4636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:58:25.0542 4636 CmBatt - ok 13:58:25.0558 4636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:58:25.0558 4636 cmdide - ok 13:58:25.0604 4636 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 13:58:25.0651 4636 CNG - ok 13:58:25.0667 4636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:58:25.0667 4636 Compbatt - ok 13:58:25.0714 4636 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 13:58:25.0760 4636 CompositeBus - ok 13:58:25.0776 4636 COMSysApp - ok 13:58:25.0829 4636 cpuz135 - ok 13:58:25.0854 4636 cpuz136 - ok 13:58:25.0876 4636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 13:58:25.0902 4636 crcdisk - ok 13:58:25.0938 4636 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:58:26.0000 4636 CryptSvc - ok 13:58:26.0055 4636 [ DF214BFF646880D0EB31BDC86136B29B ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 13:58:26.0089 4636 CtClsFlt - ok 13:58:26.0151 4636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:58:26.0214 4636 DcomLaunch - ok 13:58:26.0245 4636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:58:26.0292 4636 defragsvc - ok 13:58:26.0307 4636 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:58:26.0385 4636 DfsC - ok 13:58:26.0432 4636 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 13:58:26.0448 4636 dg_ssudbus - ok 13:58:26.0494 4636 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 13:58:26.0541 4636 Dhcp - ok 13:58:26.0572 4636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:58:26.0650 4636 discache - ok 13:58:26.0666 4636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 13:58:26.0682 4636 Disk - ok 13:58:26.0697 4636 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:58:26.0760 4636 Dnscache - ok 13:58:26.0775 4636 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:58:26.0855 4636 dot3svc - ok 13:58:26.0889 4636 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys 13:58:26.0931 4636 dot4 - ok 13:58:26.0962 4636 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 13:58:26.0983 4636 Dot4Print - ok 13:58:26.0990 4636 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys 13:58:27.0014 4636 Dot4Scan - ok 13:58:27.0038 4636 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 13:58:27.0069 4636 dot4usb - ok 13:58:27.0087 4636 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 13:58:27.0149 4636 DPS - ok 13:58:27.0196 4636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:58:27.0243 4636 drmkaud - ok 13:58:27.0274 4636 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:58:27.0321 4636 DXGKrnl - ok 13:58:27.0352 4636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:58:27.0415 4636 EapHost - ok 13:58:27.0508 4636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 13:58:27.0571 4636 ebdrv - ok 13:58:27.0602 4636 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 13:58:27.0633 4636 EFS - ok 13:58:27.0680 4636 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:58:27.0758 4636 ehRecvr - ok 13:58:27.0773 4636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:58:27.0789 4636 ehSched - ok 13:58:27.0820 4636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 13:58:27.0863 4636 elxstor - ok 13:58:27.0874 4636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:58:27.0915 4636 ErrDev - ok 13:58:27.0953 4636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:58:28.0027 4636 EventSystem - ok 13:58:28.0119 4636 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 13:58:28.0165 4636 EvtEng - ok 13:58:28.0197 4636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:58:28.0243 4636 exfat - ok 13:58:28.0259 4636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:58:28.0306 4636 fastfat - ok 13:58:28.0337 4636 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 13:58:28.0399 4636 Fax - ok 13:58:28.0431 4636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 13:58:28.0477 4636 fdc - ok 13:58:28.0509 4636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:58:28.0571 4636 fdPHost - ok 13:58:28.0587 4636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:58:28.0618 4636 FDResPub - ok 13:58:28.0649 4636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:58:28.0680 4636 FileInfo - ok 13:58:28.0680 4636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:58:28.0758 4636 Filetrace - ok 13:58:28.0774 4636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 13:58:28.0789 4636 flpydisk - ok 13:58:28.0805 4636 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:58:28.0821 4636 FltMgr - ok 13:58:28.0883 4636 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 13:58:28.0945 4636 FontCache - ok 13:58:28.0992 4636 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:58:29.0008 4636 FontCache3.0.0.0 - ok 13:58:29.0023 4636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:58:29.0055 4636 FsDepends - ok 13:58:29.0133 4636 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS 13:58:29.0164 4636 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 13:58:29.0164 4636 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 13:58:29.0195 4636 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:58:29.0211 4636 Fs_Rec - ok 13:58:29.0257 4636 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:58:29.0304 4636 fvevol - ok 13:58:29.0335 4636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 13:58:29.0351 4636 gagp30kx - ok 13:58:29.0382 4636 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 13:58:29.0460 4636 gpsvc - ok 13:58:29.0538 4636 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:58:29.0569 4636 gupdate - ok 13:58:29.0569 4636 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:58:29.0585 4636 gupdatem - ok 13:58:29.0616 4636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:58:29.0679 4636 hcw85cir - ok 13:58:29.0694 4636 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:58:29.0725 4636 HDAudBus - ok 13:58:29.0741 4636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 13:58:29.0788 4636 HidBatt - ok 13:58:29.0803 4636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 13:58:29.0850 4636 HidBth - ok 13:58:29.0871 4636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 13:58:29.0909 4636 HidIr - ok 13:58:29.0930 4636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 13:58:30.0014 4636 hidserv - ok 13:58:30.0045 4636 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:58:30.0078 4636 HidUsb - ok 13:58:30.0093 4636 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:58:30.0149 4636 hkmsvc - ok 13:58:30.0196 4636 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:58:30.0259 4636 HomeGroupListener - ok 13:58:30.0274 4636 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:58:30.0321 4636 HomeGroupProvider - ok 13:58:30.0337 4636 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:58:30.0368 4636 HpSAMD - ok 13:58:30.0415 4636 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:58:30.0539 4636 HTTP - ok 13:58:30.0555 4636 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:58:30.0571 4636 hwpolicy - ok 13:58:30.0602 4636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:58:30.0617 4636 i8042prt - ok 13:58:30.0664 4636 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys 13:58:30.0680 4636 iaStor - ok 13:58:30.0727 4636 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:58:30.0758 4636 iaStorV - ok 13:58:30.0773 4636 [ 806422F30DF9CE8307457485779C77B7 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 13:58:30.0805 4636 iBtFltCoex - ok 13:58:30.0869 4636 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:58:30.0899 4636 idsvc - ok 13:58:31.0150 4636 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 13:58:31.0352 4636 igfx - ok 13:58:31.0384 4636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 13:58:31.0399 4636 iirsp - ok 13:58:31.0430 4636 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 13:58:31.0493 4636 IKEEXT - ok 13:58:31.0540 4636 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 13:58:31.0540 4636 intaud_WaveExtensible - ok 13:58:31.0649 4636 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 13:58:31.0696 4636 IntcAzAudAddService - ok 13:58:31.0727 4636 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 13:58:31.0774 4636 IntcDAud - ok 13:58:31.0805 4636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 13:58:31.0836 4636 intelide - ok 13:58:31.0878 4636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:58:31.0913 4636 intelppm - ok 13:58:31.0940 4636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:58:32.0006 4636 IPBusEnum - ok 13:58:32.0025 4636 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:58:32.0101 4636 IpFilterDriver - ok 13:58:32.0133 4636 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:58:32.0196 4636 iphlpsvc - ok 13:58:32.0211 4636 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:58:32.0242 4636 IPMIDRV - ok 13:58:32.0289 4636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:58:32.0352 4636 IPNAT - ok 13:58:32.0367 4636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:58:32.0398 4636 IRENUM - ok 13:58:32.0414 4636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:58:32.0430 4636 isapnp - ok 13:58:32.0430 4636 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:58:32.0476 4636 iScsiPrt - ok 13:58:32.0492 4636 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 13:58:32.0492 4636 iwdbus - ok 13:58:32.0523 4636 [ DD931496F49CDDF4F0B440455423E162 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys 13:58:32.0554 4636 JMCR - ok 13:58:32.0570 4636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:58:32.0586 4636 kbdclass - ok 13:58:32.0617 4636 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 13:58:32.0664 4636 kbdhid - ok 13:58:32.0679 4636 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 13:58:32.0710 4636 KeyIso - ok 13:58:32.0742 4636 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:58:32.0773 4636 KSecDD - ok 13:58:32.0788 4636 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:58:32.0804 4636 KSecPkg - ok 13:58:32.0835 4636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:58:32.0911 4636 ksthunk - ok 13:58:32.0940 4636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:58:33.0004 4636 KtmRm - ok 13:58:33.0032 4636 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 13:58:33.0095 4636 LanmanServer - ok 13:58:33.0111 4636 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:58:33.0148 4636 LanmanWorkstation - ok 13:58:33.0179 4636 [ 1470EF17E02E82E4F43346DF9E9F11E1 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 13:58:33.0210 4636 LHidFilt - ok 13:58:33.0242 4636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:58:33.0320 4636 lltdio - ok 13:58:33.0351 4636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:58:33.0398 4636 lltdsvc - ok 13:58:33.0413 4636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:58:33.0491 4636 lmhosts - ok 13:58:33.0522 4636 [ 12814AE119E959437BEA3110F81BD188 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 13:58:33.0554 4636 LMouFilt - ok 13:58:33.0616 4636 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 13:58:33.0647 4636 LMS - ok 13:58:33.0678 4636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 13:58:33.0710 4636 LSI_FC - ok 13:58:33.0725 4636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 13:58:33.0756 4636 LSI_SAS - ok 13:58:33.0772 4636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 13:58:33.0772 4636 LSI_SAS2 - ok 13:58:33.0788 4636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 13:58:33.0803 4636 LSI_SCSI - ok 13:58:33.0819 4636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:58:33.0887 4636 luafv - ok 13:58:33.0907 4636 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:58:33.0942 4636 Mcx2Svc - ok 13:58:33.0957 4636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 13:58:33.0970 4636 megasas - ok 13:58:33.0982 4636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 13:58:33.0996 4636 MegaSR - ok 13:58:34.0027 4636 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 13:58:34.0039 4636 MEIx64 - ok 13:58:34.0101 4636 Microsoft SharePoint Workspace Audit Service - ok 13:58:34.0123 4636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:58:34.0164 4636 MMCSS - ok 13:58:34.0179 4636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:58:34.0226 4636 Modem - ok 13:58:34.0257 4636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:58:34.0273 4636 monitor - ok 13:58:34.0304 4636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:58:34.0320 4636 mouclass - ok 13:58:34.0335 4636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:58:34.0382 4636 mouhid - ok 13:58:34.0398 4636 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:58:34.0413 4636 mountmgr - ok 13:58:34.0429 4636 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:58:34.0445 4636 mpio - ok 13:58:34.0460 4636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:58:34.0491 4636 mpsdrv - ok 13:58:34.0523 4636 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:58:34.0569 4636 MpsSvc - ok 13:58:34.0585 4636 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:58:34.0616 4636 MRxDAV - ok 13:58:34.0647 4636 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:58:34.0710 4636 mrxsmb - ok 13:58:34.0725 4636 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:58:34.0741 4636 mrxsmb10 - ok 13:58:34.0757 4636 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:58:34.0772 4636 mrxsmb20 - ok 13:58:34.0788 4636 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:58:34.0803 4636 msahci - ok 13:58:34.0819 4636 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:58:34.0835 4636 msdsm - ok 13:58:34.0850 4636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:58:34.0898 4636 MSDTC - ok 13:58:34.0916 4636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:58:34.0952 4636 Msfs - ok 13:58:34.0959 4636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:58:34.0999 4636 mshidkmdf - ok 13:58:35.0021 4636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:58:35.0040 4636 msisadrv - ok 13:58:35.0080 4636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:58:35.0155 4636 MSiSCSI - ok 13:58:35.0158 4636 msiserver - ok 13:58:35.0162 4636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:58:35.0209 4636 MSKSSRV - ok 13:58:35.0240 4636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:58:35.0303 4636 MSPCLOCK - ok 13:58:35.0318 4636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:58:35.0365 4636 MSPQM - ok 13:58:35.0381 4636 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:58:35.0396 4636 MsRPC - ok 13:58:35.0412 4636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 13:58:35.0428 4636 mssmbios - ok 13:58:35.0428 4636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:58:35.0474 4636 MSTEE - ok 13:58:35.0474 4636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 13:58:35.0490 4636 MTConfig - ok 13:58:35.0506 4636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:58:35.0521 4636 Mup - ok 13:58:35.0568 4636 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 13:58:35.0599 4636 MyWiFiDHCPDNS - ok 13:58:35.0615 4636 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 13:58:35.0708 4636 napagent - ok 13:58:35.0724 4636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:58:35.0786 4636 NativeWifiP - ok 13:58:35.0833 4636 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 13:58:35.0864 4636 NDIS - ok 13:58:35.0880 4636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:58:35.0914 4636 NdisCap - ok 13:58:35.0932 4636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:58:35.0966 4636 NdisTapi - ok 13:58:35.0973 4636 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:58:36.0011 4636 Ndisuio - ok 13:58:36.0022 4636 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:58:36.0064 4636 NdisWan - ok 13:58:36.0081 4636 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:58:36.0114 4636 NDProxy - ok 13:58:36.0142 4636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:58:36.0209 4636 NetBIOS - ok 13:58:36.0241 4636 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:58:36.0287 4636 NetBT - ok 13:58:36.0303 4636 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 13:58:36.0319 4636 Netlogon - ok 13:58:36.0350 4636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:58:36.0412 4636 Netman - ok 13:58:36.0459 4636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:58:36.0475 4636 NetMsmqActivator - ok 13:58:36.0490 4636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:58:36.0521 4636 NetPipeActivator - ok 13:58:36.0537 4636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:58:36.0615 4636 netprofm - ok 13:58:36.0631 4636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:58:36.0631 4636 NetTcpActivator - ok 13:58:36.0646 4636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:58:36.0646 4636 NetTcpPortSharing - ok 13:58:36.0818 4636 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 13:58:36.0961 4636 NETwNs64 - ok 13:58:36.0994 4636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 13:58:37.0021 4636 nfrd960 - ok 13:58:37.0059 4636 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:58:37.0100 4636 NlaSvc - ok 13:58:37.0114 4636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:58:37.0159 4636 Npfs - ok 13:58:37.0170 4636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:58:37.0209 4636 nsi - ok 13:58:37.0224 4636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:58:37.0287 4636 nsiproxy - ok 13:58:37.0349 4636 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:58:37.0411 4636 Ntfs - ok 13:58:37.0427 4636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:58:37.0489 4636 Null - ok 13:58:37.0521 4636 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 13:58:37.0536 4636 nusb3hub - ok 13:58:37.0552 4636 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 13:58:37.0599 4636 nusb3xhc - ok 13:58:37.0833 4636 [ 133ABF21013397141AB991D14A415598 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:58:38.0072 4636 nvlddmkm - ok 13:58:38.0081 4636 [ 1C4BA91E68852EC526429C4892E8E79F ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 13:58:38.0089 4636 nvpciflt - ok 13:58:38.0118 4636 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:58:38.0150 4636 nvraid - ok 13:58:38.0166 4636 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:58:38.0178 4636 nvstor - ok 13:58:38.0208 4636 [ CA939DB32E86B0100345787AFB265F46 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys 13:58:38.0239 4636 NvStUSB - ok 13:58:38.0286 4636 [ 8B130EFF4FFFB3F996C95F154AC82308 ] NVSvc C:\Windows\system32\nvvsvc.exe 13:58:38.0317 4636 NVSvc - ok 13:58:38.0426 4636 [ 0C310811BB620161B79C2FEC2FA97FBA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 13:58:38.0457 4636 nvUpdatusService - ok 13:58:38.0489 4636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:58:38.0504 4636 nv_agp - ok 13:58:38.0520 4636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:58:38.0567 4636 ohci1394 - ok 13:58:38.0645 4636 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:58:38.0660 4636 ose - ok 13:58:38.0816 4636 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:58:38.0910 4636 osppsvc - ok 13:58:38.0945 4636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:58:39.0004 4636 p2pimsvc - ok 13:58:39.0026 4636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:58:39.0041 4636 p2psvc - ok 13:58:39.0061 4636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 13:58:39.0106 4636 Parport - ok 13:58:39.0126 4636 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:58:39.0157 4636 partmgr - ok 13:58:39.0176 4636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:58:39.0224 4636 PcaSvc - ok 13:58:39.0239 4636 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 13:58:39.0255 4636 pci - ok 13:58:39.0270 4636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 13:58:39.0270 4636 pciide - ok 13:58:39.0286 4636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 13:58:39.0302 4636 pcmcia - ok 13:58:39.0317 4636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:58:39.0333 4636 pcw - ok 13:58:39.0348 4636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:58:39.0411 4636 PEAUTH - ok 13:58:39.0473 4636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:58:39.0520 4636 PerfHost - ok 13:58:39.0582 4636 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 13:58:39.0645 4636 pla - ok 13:58:39.0692 4636 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:58:39.0770 4636 PlugPlay - ok 13:58:39.0801 4636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:58:39.0816 4636 PNRPAutoReg - ok 13:58:39.0848 4636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:58:39.0879 4636 PNRPsvc - ok 13:58:39.0910 4636 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:58:39.0994 4636 PolicyAgent - ok 13:58:40.0023 4636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:58:40.0085 4636 Power - ok 13:58:40.0108 4636 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:58:40.0172 4636 PptpMiniport - ok 13:58:40.0183 4636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 13:58:40.0207 4636 Processor - ok 13:58:40.0223 4636 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 13:58:40.0285 4636 ProfSvc - ok 13:58:40.0301 4636 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:58:40.0332 4636 ProtectedStorage - ok 13:58:40.0363 4636 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:58:40.0426 4636 Psched - ok 13:58:40.0441 4636 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 13:58:40.0472 4636 PxHlpa64 - ok 13:58:40.0488 4636 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys 13:58:40.0488 4636 qicflt - ok 13:58:40.0550 4636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 13:58:40.0597 4636 ql2300 - ok 13:58:40.0613 4636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 13:58:40.0613 4636 ql40xx - ok 13:58:40.0628 4636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:58:40.0660 4636 QWAVE - ok 13:58:40.0660 4636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:58:40.0706 4636 QWAVEdrv - ok 13:58:40.0706 4636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:58:40.0738 4636 RasAcd - ok 13:58:40.0769 4636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:58:40.0800 4636 RasAgileVpn - ok 13:58:40.0847 4636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:58:40.0925 4636 RasAuto - ok 13:58:40.0940 4636 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:58:40.0981 4636 Rasl2tp - ok 13:58:41.0011 4636 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 13:58:41.0049 4636 RasMan - ok 13:58:41.0057 4636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:58:41.0102 4636 RasPppoe - ok 13:58:41.0114 4636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:58:41.0161 4636 RasSstp - ok 13:58:41.0176 4636 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:58:41.0218 4636 rdbss - ok 13:58:41.0222 4636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 13:58:41.0253 4636 rdpbus - ok 13:58:41.0285 4636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:58:41.0347 4636 RDPCDD - ok 13:58:41.0347 4636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:58:41.0394 4636 RDPENCDD - ok 13:58:41.0409 4636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:58:41.0441 4636 RDPREFMP - ok 13:58:41.0456 4636 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:58:41.0503 4636 RDPWD - ok 13:58:41.0534 4636 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:58:41.0550 4636 rdyboost - ok 13:58:41.0597 4636 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 13:58:41.0628 4636 RegSrvc - ok 13:58:41.0659 4636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:58:41.0690 4636 RemoteAccess - ok 13:58:41.0721 4636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:58:41.0815 4636 RemoteRegistry - ok 13:58:41.0846 4636 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 13:58:41.0893 4636 RFCOMM - ok 13:58:41.0909 4636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:58:41.0981 4636 RpcEptMapper - ok 13:58:42.0000 4636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:58:42.0031 4636 RpcLocator - ok 13:58:42.0055 4636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 13:58:42.0102 4636 RpcSs - ok 13:58:42.0130 4636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:58:42.0186 4636 rspndr - ok 13:58:42.0223 4636 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 13:58:42.0254 4636 RTL8167 - ok 13:58:42.0269 4636 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 13:58:42.0269 4636 SamSs - ok 13:58:42.0285 4636 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:58:42.0300 4636 sbp2port - ok 13:58:42.0316 4636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:58:42.0394 4636 SCardSvr - ok 13:58:42.0441 4636 [ 4B12E2E559641B0F26474BBC6D7CFAFF ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys 13:58:42.0472 4636 SCDEmu - ok 13:58:42.0488 4636 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:58:42.0550 4636 scfilter - ok 13:58:42.0581 4636 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 13:58:42.0659 4636 Schedule - ok 13:58:42.0675 4636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:58:42.0706 4636 SCPolicySvc - ok 13:58:42.0737 4636 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 13:58:42.0800 4636 sdbus - ok 13:58:42.0815 4636 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:58:42.0862 4636 SDRSVC - ok 13:58:43.0003 4636 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 13:58:43.0041 4636 SDScannerService - ok 13:58:43.0093 4636 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 13:58:43.0134 4636 SDUpdateService - ok 13:58:43.0169 4636 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 13:58:43.0190 4636 SDWSCService - ok 13:58:43.0230 4636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:58:43.0301 4636 secdrv - ok 13:58:43.0332 4636 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 13:58:43.0363 4636 seclogon - ok 13:58:43.0394 4636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 13:58:43.0441 4636 SENS - ok 13:58:43.0457 4636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:58:43.0503 4636 SensrSvc - ok 13:58:43.0535 4636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 13:58:43.0581 4636 Serenum - ok 13:58:43.0597 4636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 13:58:43.0659 4636 Serial - ok 13:58:43.0675 4636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 13:58:43.0722 4636 sermouse - ok 13:58:43.0753 4636 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:58:43.0815 4636 SessionEnv - ok 13:58:43.0831 4636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 13:58:43.0847 4636 sffdisk - ok 13:58:43.0847 4636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:58:43.0862 4636 sffp_mmc - ok 13:58:43.0878 4636 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 13:58:43.0893 4636 sffp_sd - ok 13:58:43.0893 4636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 13:58:43.0909 4636 sfloppy - ok 13:58:43.0987 4636 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 13:58:44.0018 4636 SftService - ok 13:58:44.0065 4636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:58:44.0127 4636 SharedAccess - ok 13:58:44.0143 4636 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:58:44.0205 4636 ShellHWDetection - ok 13:58:44.0237 4636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 13:58:44.0268 4636 SiSRaid2 - ok 13:58:44.0283 4636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 13:58:44.0315 4636 SiSRaid4 - ok 13:58:44.0377 4636 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:58:44.0393 4636 SkypeUpdate - ok 13:58:44.0424 4636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:58:44.0486 4636 Smb - ok 13:58:44.0517 4636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:58:44.0564 4636 SNMPTRAP - ok 13:58:44.0595 4636 [ F9369327409492097B0BB7CE86BD29DE ] Soluto C:\Windows\system32\DRIVERS\Soluto.sys 13:58:44.0611 4636 Soluto - ok 13:58:44.0658 4636 [ ACF7389DA65760FED2B224C51EDC3A2B ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe 13:58:44.0689 4636 SolutoLauncherService - ok 13:58:44.0705 4636 [ BCA25A87AD78FEDAC5C5ABD92DB3BECD ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe 13:58:44.0751 4636 SolutoRemoteService ( UnsignedFile.Multi.Generic ) - warning 13:58:44.0751 4636 SolutoRemoteService - detected UnsignedFile.Multi.Generic (1) 13:58:44.0814 4636 [ F6D4A0E0C37B0ED1361D23FF672E8BF7 ] SolutoService C:\Program Files\Soluto\SolutoService.exe 13:58:44.0845 4636 SolutoService - ok 13:58:44.0845 4636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:58:44.0861 4636 spldr - ok 13:58:44.0892 4636 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 13:58:44.0923 4636 Spooler - ok 13:58:45.0044 4636 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 13:58:45.0123 4636 sppsvc - ok 13:58:45.0137 4636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:58:45.0171 4636 sppuinotify - ok 13:58:45.0190 4636 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 13:58:45.0223 4636 srv - ok 13:58:45.0239 4636 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:58:45.0267 4636 srv2 - ok 13:58:45.0267 4636 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:58:45.0283 4636 srvnet - ok 13:58:45.0329 4636 [ 52D6F40B50ECFC051979FEC68E74F0F8 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 13:58:45.0361 4636 ssadbus - ok 13:58:45.0376 4636 [ D6CFD3B2EABCF9327DE39C62BABFA1E3 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 13:58:45.0407 4636 ssadmdfl - ok 13:58:45.0423 4636 [ 5EB01E6148742C3EC2185AC92F6D16FD ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 13:58:45.0439 4636 ssadmdm - ok 13:58:45.0470 4636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:58:45.0517 4636 SSDPSRV - ok 13:58:45.0532 4636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:58:45.0563 4636 SstpSvc - ok 13:58:45.0595 4636 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 13:58:45.0610 4636 ssudmdm - ok 13:58:45.0626 4636 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys 13:58:45.0641 4636 stdcfltn - ok 13:58:45.0673 4636 [ A4418BA8FA670D1E48D57632D50D552D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 13:58:45.0704 4636 Stereo Service - ok 13:58:45.0735 4636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 13:58:45.0735 4636 stexstor - ok 13:58:45.0782 4636 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 13:58:45.0844 4636 stisvc - ok 13:58:45.0844 4636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 13:58:45.0860 4636 swenum - ok 13:58:45.0891 4636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:58:45.0938 4636 swprv - ok 13:58:45.0985 4636 [ C4CE3CE7E1858B25ADB16938258CD1C9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 13:58:46.0016 4636 SynTP - ok 13:58:46.0053 4636 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 13:58:46.0102 4636 SysMain - ok 13:58:46.0117 4636 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:58:46.0148 4636 TabletInputService - ok 13:58:46.0167 4636 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:58:46.0233 4636 TapiSrv - ok 13:58:46.0256 4636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:58:46.0283 4636 TBS - ok 13:58:46.0330 4636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:58:46.0408 4636 Tcpip - ok 13:58:46.0470 4636 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:58:46.0517 4636 TCPIP6 - ok 13:58:46.0548 4636 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:58:46.0564 4636 tcpipreg - ok 13:58:46.0579 4636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:58:46.0610 4636 TDPIPE - ok 13:58:46.0642 4636 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:58:46.0688 4636 TDTCP - ok 13:58:46.0704 4636 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:58:46.0766 4636 tdx - ok 13:58:46.0798 4636 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 13:58:46.0813 4636 TermDD - ok 13:58:46.0860 4636 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 13:58:46.0922 4636 TermService - ok 13:58:46.0954 4636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:58:46.0985 4636 Themes - ok 13:58:47.0018 4636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:58:47.0073 4636 THREADORDER - ok 13:58:47.0083 4636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:58:47.0129 4636 TrkWks - ok 13:58:47.0163 4636 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:58:47.0207 4636 TrustedInstaller - ok 13:58:47.0220 4636 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:58:47.0267 4636 tssecsrv - ok 13:58:47.0299 4636 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:58:47.0314 4636 TsUsbFlt - ok 13:58:47.0330 4636 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 13:58:47.0361 4636 TsUsbGD - ok 13:58:47.0377 4636 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:58:47.0455 4636 tunnel - ok 13:58:47.0486 4636 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 13:58:47.0517 4636 TurboB - ok 13:58:47.0533 4636 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 13:58:47.0564 4636 TurboBoost - ok 13:58:47.0579 4636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 13:58:47.0595 4636 uagp35 - ok 13:58:47.0611 4636 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:58:47.0657 4636 udfs - ok 13:58:47.0689 4636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:58:47.0720 4636 UI0Detect - ok 13:58:47.0751 4636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:58:47.0767 4636 uliagpkx - ok 13:58:47.0798 4636 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:58:47.0845 4636 umbus - ok 13:58:47.0860 4636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 13:58:47.0907 4636 UmPass - ok 13:58:48.0018 4636 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 13:58:48.0069 4636 UNS - ok 13:58:48.0092 4636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:58:48.0179 4636 upnphost - ok 13:58:48.0221 4636 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:58:48.0258 4636 usbccgp - ok 13:58:48.0267 4636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:58:48.0282 4636 usbcir - ok 13:58:48.0298 4636 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:58:48.0329 4636 usbehci - ok 13:58:48.0360 4636 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:58:48.0407 4636 usbhub - ok 13:58:48.0423 4636 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:58:48.0469 4636 usbohci - ok 13:58:48.0485 4636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 13:58:48.0532 4636 usbprint - ok 13:58:48.0532 4636 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:58:48.0594 4636 USBSTOR - ok 13:58:48.0610 4636 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 13:58:48.0657 4636 usbuhci - ok 13:58:48.0672 4636 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 13:58:48.0719 4636 usbvideo - ok 13:58:48.0735 4636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:58:48.0797 4636 UxSms - ok 13:58:48.0813 4636 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 13:58:48.0828 4636 VaultSvc - ok 13:58:48.0844 4636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:58:48.0859 4636 vdrvroot - ok 13:58:48.0875 4636 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 13:58:48.0922 4636 vds - ok 13:58:48.0937 4636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:58:48.0953 4636 vga - ok 13:58:48.0969 4636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:58:49.0016 4636 VgaSave - ok 13:58:49.0023 4636 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:58:49.0035 4636 vhdmp - ok 13:58:49.0039 4636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:58:49.0051 4636 viaide - ok 13:58:49.0074 4636 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:58:49.0085 4636 volmgr - ok 13:58:49.0095 4636 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:58:49.0116 4636 volmgrx - ok 13:58:49.0130 4636 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:58:49.0144 4636 volsnap - ok 13:58:49.0171 4636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 13:58:49.0182 4636 vsmraid - ok 13:58:49.0238 4636 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 13:58:49.0282 4636 VSS - ok 13:58:49.0376 4636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:58:49.0423 4636 vwifibus - ok 13:58:49.0438 4636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:58:49.0485 4636 vwififlt - ok 13:58:49.0501 4636 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 13:58:49.0548 4636 vwifimp - ok 13:58:49.0563 4636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:58:49.0626 4636 W32Time - ok 13:58:49.0672 4636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 13:58:49.0719 4636 WacomPen - ok 13:58:49.0750 4636 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:58:49.0813 4636 WANARP - ok 13:58:49.0813 4636 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:58:49.0844 4636 Wanarpv6 - ok 13:58:49.0938 4636 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:58:49.0984 4636 WatAdminSvc - ok 13:58:50.0016 4636 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 13:58:50.0068 4636 wbengine - ok 13:58:50.0094 4636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:58:50.0133 4636 WbioSrvc - ok 13:58:50.0147 4636 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:58:50.0181 4636 wcncsvc - ok 13:58:50.0195 4636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:58:50.0223 4636 WcsPlugInService - ok 13:58:50.0244 4636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 13:58:50.0273 4636 Wd - ok 13:58:50.0297 4636 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:58:50.0328 4636 Wdf01000 - ok 13:58:50.0344 4636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:58:50.0438 4636 WdiServiceHost - ok 13:58:50.0438 4636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:58:50.0469 4636 WdiSystemHost - ok 13:58:50.0484 4636 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:58:50.0516 4636 WebClient - ok 13:58:50.0547 4636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:58:50.0609 4636 Wecsvc - ok 13:58:50.0625 4636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:58:50.0703 4636 wercplsupport - ok 13:58:50.0718 4636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:58:50.0765 4636 WerSvc - ok 13:58:50.0796 4636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:58:50.0843 4636 WfpLwf - ok 13:58:50.0874 4636 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 13:58:50.0890 4636 WimFltr - ok 13:58:50.0906 4636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:58:50.0906 4636 WIMMount - ok 13:58:50.0921 4636 WinDefend - ok 13:58:50.0937 4636 WinHttpAutoProxySvc - ok 13:58:50.0984 4636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:58:51.0058 4636 Winmgmt - ok 13:58:51.0115 4636 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 13:58:51.0185 4636 WinRM - ok 13:58:51.0225 4636 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:58:51.0282 4636 WinUsb - ok 13:58:51.0308 4636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:58:51.0328 4636 Wlansvc - ok 13:58:51.0452 4636 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:58:51.0499 4636 wlidsvc - ok 13:58:51.0515 4636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 13:58:51.0562 4636 WmiAcpi - ok 13:58:51.0577 4636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:58:51.0624 4636 wmiApSrv - ok 13:58:51.0640 4636 WMPNetworkSvc - ok 13:58:51.0686 4636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:58:51.0733 4636 WPCSvc - ok 13:58:51.0733 4636 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:58:51.0796 4636 WPDBusEnum - ok 13:58:51.0811 4636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:58:51.0842 4636 ws2ifsl - ok 13:58:51.0858 4636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 13:58:51.0889 4636 wscsvc - ok 13:58:51.0889 4636 WSearch - ok 13:58:51.0952 4636 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:58:52.0014 4636 wuauserv - ok 13:58:52.0030 4636 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:58:52.0085 4636 WudfPf - ok 13:58:52.0114 4636 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:58:52.0146 4636 WUDFRd - ok 13:58:52.0167 4636 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:58:52.0203 4636 wudfsvc - ok 13:58:52.0230 4636 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 13:58:52.0273 4636 WwanSvc - ok 13:58:52.0294 4636 ================ Scan global =============================== 13:58:52.0309 4636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:58:52.0328 4636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:58:52.0375 4636 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:58:52.0406 4636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:58:52.0453 4636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:58:52.0453 4636 [Global] - ok 13:58:52.0453 4636 ================ Scan MBR ================================== 13:58:52.0468 4636 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 13:58:52.0780 4636 \Device\Harddisk0\DR0 - ok 13:58:53.0123 4636 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 13:58:53.0295 4636 \Device\Harddisk1\DR1 - ok 13:58:53.0295 4636 ================ Scan VBR ================================== 13:58:53.0295 4636 [ EB74170873B3E5085F08729A639386D0 ] \Device\Harddisk0\DR0\Partition1 13:58:53.0295 4636 \Device\Harddisk0\DR0\Partition1 - ok 13:58:53.0326 4636 [ 77DB45429FDE6454ABB0EFC22DABACF9 ] \Device\Harddisk0\DR0\Partition2 13:58:53.0326 4636 \Device\Harddisk0\DR0\Partition2 - ok 13:58:53.0342 4636 [ ACC2397A0D11CECA1CECC7CD1525D498 ] \Device\Harddisk1\DR1\Partition1 13:58:53.0342 4636 \Device\Harddisk1\DR1\Partition1 - ok 13:58:53.0342 4636 ============================================================ 13:58:53.0342 4636 Scan finished 13:58:53.0342 4636 ============================================================ 13:58:53.0357 7996 Detected object count: 2 13:58:53.0357 7996 Actual detected object count: 2 13:59:03.0286 7996 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 13:59:03.0286 7996 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 13:59:03.0286 7996 SolutoRemoteService ( UnsignedFile.Multi.Generic ) - skipped by user 13:59:03.0286 7996 SolutoRemoteService ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
17.06.2013, 13:02
| #10 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? Passt. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 13:24
| #11 |
| | Spybot hat 62 Sachen gefunden - beheben? Also avira hat ärger gemacht, konnte es aber deaktivieren. Hier die Log: Code:
ATTFilter ComboFix 13-06-17.01 - Silvija Sagolj 17.06.2013 14:14:29.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8086.6357 [GMT 2:00]
ausgeführt von:: c:\users\Silvija Sagolj\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6261\AddOnDownloaded\27ada864-54d8-46c9-a6e3-8334fa39b525.dll
c:\programdata\PCDr\6261\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6261\AddOnDownloaded\31274d4c-b2a5-4954-874c-18abd8e795fc.dll
c:\programdata\PCDr\6261\AddOnDownloaded\5e1499b7-780b-4b0e-8240-0221e699a647.dll
c:\programdata\PCDr\6261\AddOnDownloaded\7a273375-a427-45b1-8925-a4fd3312f55b.dll
c:\programdata\Roaming
c:\programdata\SaveByclick
c:\programdata\SaveByClick\50d0b59971eff.js
c:\users\Silvija Sagolj\AppData\Local\Microsoft\Windows\Temporary Internet Files\{78D18D3E-A1A4-4D2B-BC14-4CFC21307BA4}.xps
c:\users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
c:\users\Silvija Sagolj\AUTORUN.INF
c:\windows\SysWow64\muzapp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-17 bis 2013-06-17 ))))))))))))))))))))))))))))))
.
.
2013-06-17 11:54 . 2013-06-17 11:54 -------- d-----w- c:\users\Silvija Sagolj\AppData\Local\FilesFrog Update Checker
2013-06-17 09:48 . 2013-06-08 14:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-17 09:42 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{006DE0CA-4F99-4A56-8C6D-5DB31E0B72A2}\mpengine.dll
2013-06-17 09:41 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-17 09:41 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-17 09:41 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-17 09:40 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-17 09:40 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-17 09:40 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-17 09:40 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-17 09:39 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-17 09:39 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-17 09:39 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-17 09:39 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-17 09:39 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-17 09:39 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-17 09:39 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-17 09:39 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-17 09:39 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-17 09:39 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-17 09:38 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-17 09:38 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-17 06:12 . 2013-06-17 06:12 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\Avira
2013-06-17 02:46 . 2013-06-17 12:10 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-06-15 17:39 . 2013-06-17 09:26 -------- d-----w- c:\program files\My Lockbox
2013-06-15 17:38 . 2013-06-17 09:26 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\Intermediate
2013-06-15 17:38 . 2013-06-17 09:26 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\DataMgr
2013-06-15 17:38 . 2013-06-17 09:26 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\SSync
2013-06-15 17:38 . 2013-06-17 09:26 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\SCheck
2013-06-15 17:38 . 2013-06-15 17:38 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\Common
2013-06-15 16:39 . 2013-06-15 17:39 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\Steganos
2013-06-15 16:39 . 2013-06-15 16:39 -------- d-----w- c:\program files (x86)\Common Files\Steganos
2013-06-14 12:57 . 2013-06-14 12:57 -------- d-----w- c:\users\Silvija Sagolj\AppData\Local\Evernote
2013-06-14 12:57 . 2013-06-14 12:57 -------- d-----w- c:\program files (x86)\Evernote
2013-06-09 13:59 . 2013-06-17 06:30 -------- d-----w- c:\users\Silvija Sagolj\AppData\Local\ElevatedDiagnostics
2013-06-09 12:22 . 2013-06-10 11:54 -------- d-s---w- c:\users\Silvija Sagolj\Google Drive
2013-06-09 12:19 . 2013-06-09 12:20 -------- d-----w- c:\program files (x86)\Google
2013-06-08 14:00 . 2013-06-08 14:00 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\Amazon
2013-06-08 14:00 . 2013-06-08 14:00 -------- d-----w- c:\users\Silvija Sagolj\AppData\Local\Program Files
2013-06-05 06:27 . 2013-06-05 06:27 -------- d-----w- c:\users\Silvija Sagolj\.android
2013-06-04 07:15 . 2013-06-04 07:15 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-06-04 07:15 . 2013-06-04 07:15 103448 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15 203672 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-06-04 07:15 . 2013-06-04 07:15 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-05-29 19:10 . 2013-06-17 09:26 -------- d-----w- c:\users\Silvija Sagolj\AppData\Roaming\MyPhoneExplorer
2013-05-29 19:09 . 2013-05-29 19:10 -------- d-----w- c:\program files (x86)\MyPhoneExplorer
2013-05-29 18:03 . 2013-04-03 07:58 21320 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2013-05-29 18:03 . 2013-04-03 07:58 1919168 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2013-05-29 18:03 . 2013-04-03 07:58 1919168 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2013-05-29 18:03 . 2013-04-03 07:58 188232 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2013-05-29 18:03 . 2013-04-03 07:58 17736 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2013-05-29 18:03 . 2013-04-03 07:58 17736 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2013-05-29 18:03 . 2013-04-03 07:58 38080 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2013-05-29 18:03 . 2013-04-03 07:58 17224 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2013-05-29 18:03 . 2013-04-03 07:58 17224 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2013-05-29 18:03 . 2013-04-03 07:58 169288 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2013-05-29 18:02 . 2013-04-18 10:09 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys
2013-05-29 18:02 . 2013-04-18 10:09 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe
2013-05-29 18:02 . 2012-06-26 14:03 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll
2013-05-24 13:21 . 2013-05-24 13:21 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-05-24 13:20 . 2013-05-26 19:28 -------- d-----w- c:\program files\My Dell
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-17 09:51 . 2012-05-08 02:51 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-17 09:50 . 2013-04-23 13:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-17 09:50 . 2011-12-08 16:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-07 11:25 . 2013-05-07 11:26 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 15:48 . 2013-05-01 15:48 53248 ----a-r- c:\users\Silvija Sagolj\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-01 15:48 . 2013-05-01 15:48 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-04-30 21:21 . 2013-04-30 21:21 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 21:21 . 2013-04-30 21:21 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-04-30 21:21 . 2013-04-30 21:21 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-04-30 21:21 . 2013-04-30 21:21 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-04-30 21:21 . 2013-04-30 21:21 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-04-30 21:21 . 2013-04-30 21:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-04-30 21:21 . 2013-04-30 21:21 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-04-30 21:21 . 2013-04-30 21:21 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 21:21 . 2013-04-30 21:21 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-30 21:21 . 2013-04-30 21:21 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 21:21 . 2013-04-30 21:21 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-30 21:21 . 2013-04-30 21:21 81408 ----a-w- c:\windows\system32\icardie.dll
2013-04-30 21:21 . 2013-04-30 21:21 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-04-30 21:21 . 2013-04-30 21:21 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-04-30 21:21 . 2013-04-30 21:21 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 21:21 . 2013-04-30 21:21 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-04-30 21:21 . 2013-04-30 21:21 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-04-30 21:21 . 2013-04-30 21:21 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-04-30 21:21 . 2013-04-30 21:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-04-30 21:21 . 2013-04-30 21:21 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-04-30 21:21 . 2013-04-30 21:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-04-30 21:21 . 2013-04-30 21:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-30 21:21 . 2013-04-30 21:21 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-04-30 21:21 . 2013-04-30 21:21 441856 ----a-w- c:\windows\system32\html.iec
2013-04-30 21:21 . 2013-04-30 21:21 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-04-30 21:21 . 2013-04-30 21:21 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-04-30 21:21 . 2013-04-30 21:21 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-04-30 21:21 . 2013-04-30 21:21 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-30 21:21 . 2013-04-30 21:21 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-04-30 21:21 . 2013-04-30 21:21 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-04-30 21:21 . 2013-04-30 21:21 235008 ----a-w- c:\windows\system32\url.dll
2013-04-30 21:21 . 2013-04-30 21:21 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-04-30 21:21 . 2013-04-30 21:21 216064 ----a-w- c:\windows\system32\msls31.dll
2013-04-30 21:21 . 2013-04-30 21:21 197120 ----a-w- c:\windows\system32\msrating.dll
2013-04-30 21:21 . 2013-04-30 21:21 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-30 21:21 . 2013-04-30 21:21 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-04-30 21:21 . 2013-04-30 21:21 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-30 21:21 . 2013-04-30 21:21 149504 ----a-w- c:\windows\system32\occache.dll
2013-04-30 21:21 . 2013-04-30 21:21 144896 ----a-w- c:\windows\system32\wextract.exe
2013-04-30 21:21 . 2013-04-30 21:21 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-04-30 21:21 . 2013-04-30 21:21 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-04-30 21:21 . 2013-04-30 21:21 13824 ----a-w- c:\windows\system32\mshta.exe
2013-04-30 21:21 . 2013-04-30 21:21 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-04-30 21:21 . 2013-04-30 21:21 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-04-30 21:21 . 2013-04-30 21:21 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-30 21:21 . 2013-04-30 21:21 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-04-30 21:21 . 2013-04-30 21:21 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-04-30 21:21 . 2013-04-30 21:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 21:21 . 2013-04-30 21:21 102912 ----a-w- c:\windows\system32\inseng.dll
2013-04-13 05:49 . 2013-05-15 05:17 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 05:17 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 05:17 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 05:17 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 05:17 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 05:17 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 04:59 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 05:17 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 05:17 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 05:17 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-04-19 12:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-25 13:38 . 2013-03-25 13:38 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-25 13:38 . 2013-03-25 13:38 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-25 13:38 . 2013-03-25 13:38 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDP"="c:\users\Silvija Sagolj\AppData\Local\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 CLKMSVC10_9EC60124;CyberLink Product - 2011/12/08 11:29;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe;c:\program files\Soluto\SolutoRemoteService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-23 09:50]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-09 12:19]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-09 12:19]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001Core.job
- c:\users\Silvija Sagolj\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 19:18]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4120619775-2555974261-1378655148-1001UA.job
- c:\users\Silvija Sagolj\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29 19:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Silvija Sagolj\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-08-30 7284328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-10-17 317248]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKCU-Run-AmazonMP3DownloaderHelper - c:\users\Silvija Sagolj\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
Wow6432Node-HKLM-RunOnce-awde7zip23620 - c:\users\SILVIJ~1\AppData\Local\Temp\BI_RunOnce.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-17 14:23:06
ComboFix-quarantined-files.txt 2013-06-17 12:23
.
Vor Suchlauf: 12 Verzeichnis(se), 616.045.101.056 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 617.062.309.888 Bytes frei
.
- - End Of File - - 7537D8E314CAEEBE1888C78A2A92D224
D41D8CD98F00B204E9800998ECF8427E
|
|
17.06.2013, 13:27
| #12 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 13:42
| #13 |
| | Spybot hat 62 Sachen gefunden - beheben? Es tut mir leid,dass ich zwischen poste, aber ich hab um 3 eine Patientin und werde nicht am Laptop sein können. Das Programm lasse ich einfachlaufen, aber darf ich Avira wieder aktivieren? Das Programm hat nichts gefunden. Alles wieder gut? Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.17.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Silvija Sagolj :: SILVIJASAGOLJ [Administrator] Schutz: Deaktiviert 17.06.2013 14:29:06 mbam-log-2013-06-17 (14-29-06).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 387325 Laufzeit: 49 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Wenn ich in Zukunft nochmal Verdacht auf sowas habe, welches Programm soll ich benutzen? Spybot, Malwarebytes oder tdsskiller? Nochmal vielen Dank für deine Hilfe! |
|
17.06.2013, 14:58
| #14 |
| /// Malware-holic | Spybot hat 62 Sachen gefunden - beheben? hi zwischen den scans und fixes avira ruhig aktivieren. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 15:13
| #15 |
| | Spybot hat 62 Sachen gefunden - beheben? so, erledigt Code:
ATTFilter 7-Zip 9.20 06.06.2012 unbekannt AccelerometerP11 STMicroelectronics 08.12.2011 2.00.11.22 unbekannt Adobe AIR Adobe Systems Incorporated 08.12.2011 2.6.0.19120 nötig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 17.06.2013 6,00MB 11.7.700.224 nötig Adobe Reader XI (11.0.03) Adobe Systems Incorporated 18.05.2013 126MB 11.0.03 nötig Adobe Shockwave Player 11.6 Adobe Systems, Inc. 02.01.2013 11.6.8.638 nötig Advanced Audio FX Engine Creative Technology Ltd 01.09.2012 1.12.05 unbekannt Amazon Kindle Amazon 21.12.2012 nötig Amazon MP3-Downloader 1.0.18 Amazon Services LLC 08.06.2013 1.0.18 benötigt Apple Application Support Apple Inc. 16.02.2013 65,0MB 2.3 unbekannt Apple Software Update Apple Inc. 14.07.2012 2,38MB 2.1.3.127 unbekannt Avira Free Antivirus Avira 07.05.2013 124MB 13.0.0.3640 nötig BitTorrent BitTorrent Inc. 06.06.2012 7.6.1 unnötig Bundled software uninstaller 17.06.2013 unbekannt CCleaner Piriform 24.05.2013 4.02 nötig CoolYou Gadget CoolYou Gadget 07.08.2012 290KB 1.0 unnötig CyberLink PowerDVD 9.6 CyberLink Corp. 08.12.2011 9.6.1.4418 nötig Dell DataSafe Local Backup Dell Inc. 08.12.2011 9.4.61 nötig Dell DataSafe Local Backup - Support Software Dell Inc. 08.12.2011 9.4.61 nötig Dell Getting Started Guide Dell Inc. 08.12.2011 1.00.0000 nötig Dell MusicStage Fingertapps 08.12.2011 1.5.201.0 nötig Dell PhotoStage ArcSoft 08.12.2011 130MB 1.5.0.65 nötig Dell Stage Fingertapps 08.12.2011 1.5.201.0 nötig Dell Stage Remote ArcSoft 08.12.2011 80,8MB 2.0.0.50 nötig Dell VideoStage CyberLink Corp. 08.12.2011 1.2.0.1712 nötig Dell Webcam Central Creative Technology Ltd 01.09.2012 2.01.17 nötig DivX-Setup DivX, LLC 10.07.2012 2.6.1.9 nötig Dropbox Dropbox, Inc. 06.06.2012 1.4.7 nötig FilesFrog Update Checker 17.06.2013 unbekannt Google Chrome Google Inc. 02.05.2012 27.0.1453.110 nötig Google Drive Google, Inc. 09.06.2013 32,0MB 1.9.4536.8202 nötig Intel(R) Control Center Intel Corporation 03.05.2012 1.2.1.1007 nötig Intel(R) Management Engine Components Intel Corporation 03.05.2012 7.0.0.1144 nötig Intel(R) Processor Graphics Intel Corporation 03.05.2012 8.15.10.2455 nötig Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel Corporation 08.12.2011 90,1MB 1.2.1.0608 nötig Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 08.12.2011 134MB 14.2.1000 nötig Intel(R) WiDi Intel Corporation 08.12.2011 139MB 2.1.39.0 nötig Java 7 Update 21 Oracle 10.03.2013 129MB 7.0.210 unbekannt Java(TM) 6 Update 27 (64-bit) Oracle 08.12.2011 91,6MB 6.0.270 unbekannt Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 10.02.2013 18,4MB 1.70.0.1100 unbekannt Microsoft .NET Framework 4 Client Profile Microsoft Corporation 19.07.2012 38,8MB 4.0.30320 unbekannt Microsoft .NET Framework 4 Extended Microsoft Corporation 19.07.2012 51,9MB 4.0.30320 unbekannt Microsoft Office Professional Plus 2010 Microsoft Corporation 03.07.2012 14.0.6029.1000 nötig Microsoft Silverlight Microsoft Corporation 13.03.2013 100MB 5.1.20125.0 unbekannt Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 08.12.2011 1,69MB 3.1.0000 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 10.05.2012 298KB 8.0.61001 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 08.12.2011 788KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 10.05.2012 788KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 08.12.2011 598KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 08.12.2011 596KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 08.12.2011 586KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 10.05.2012 600KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.05.2012 12,2MB 10.0.40219 unbekannt My Dell PC-Doctor, Inc. 24.05.2013 128MB 3.3.6261.27 nötig MyFreeCodec 29.05.2013 unbekannt MyPhoneExplorer F.J. Wechselberger 29.05.2013 1.8.4 nötig NVIDIA 3D Vision Treiber 269.59 NVIDIA Corporation 08.12.2011 269.59 nötig NVIDIA Grafiktreiber 269.59 NVIDIA Corporation 08.12.2011 269.59 nötig PowerISO 06.06.2012 nötig Quickset64 Dell Inc. 08.12.2011 11.0.22 nötig QuickTime Apple Inc. 16.02.2013 73,1MB 7.73.80.64 nötig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 08.12.2011 6.0.1.6449 nötig Samsung Kies Samsung Electronics Co., Ltd. 19.07.2012 210MB 2.3.2.12064_10 nötig SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 29.05.2013 44,0MB 1.5.23.0 nötig Skype™ 5.10 Skype Technologies S.A. 06.09.2012 19,3MB 5.10.116 nötig Smart File Advisor 1.1.1 Filefacts.net 06.06.2012 1,50MB 1.1.1 unbekannt Soluto Soluto 09.02.2013 35,7MB 1.3.1149.0 nötig Synaptics Pointing Device Driver Synaptics Incorporated 08.12.2011 46,4MB 15.3.22.0 unbekannt VLC media player 2.0.1 VideoLAN 08.05.2012 2.0.1 nötig Windows Live Essentials Microsoft Corporation 08.12.2011 15.4.3508.1109 nötig Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 08.12.2011 2.1.23.0 nötig |
|
| Themen zu Spybot hat 62 Sachen gefunden - beheben? |
| agent, bli, browser, client, computer, cookie, counter, dll, explorer, explorer.exe, google, helper.exe, internet, internet explorer, media player, microsoft, quarantäne, regedit, registry, registry key, software, spybot, stream, tracking, tracking cookie, user agent, version, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
