Trojaner-Board - WEB.DE wird permanent innerhalb weniger Minuten gehackt

Hallo zusammen,

mein WEB.DE Account wird permanent innerhalb weniger Minuten gehackt. Danach bekomme ich immer "Mail Delivery" - Mails, weil der Empfänger unbekannt ist.

Weder Norton noch Avira haben etwas gefunden. Ich benutze mehrere Rechner, ich weiß nicht auf welchem Rechner das Problem liegt. iphone und ipad schließe ich mal als Quelle aus (oder ist das nicht gerechtfertigt?).

Ich fange jetzt mal mit dem ersten Rechner an:
Defogger läuft nicht durch:

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 22:28 on 09/07/2012 (Sarah)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

OTL:
OTL Logfile:

Code:

OTL logfile created on: 09.07.2012 22:33:37 - Run 1

OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Sarah\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 54,21% Memory free

8,00 Gb Paging File | 6,06 Gb Available in Paging File | 75,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,66 Gb Total Space | 353,70 Gb Free Space | 75,96% Space Free | Partition Type: NTFS

 

Computer Name: SARAH-PC | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.07.09 22:33:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah\Downloads\OTL.exe

PRC - [2012.06.23 15:43:12 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe

PRC - [2012.06.21 12:35:18 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sarah\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

PRC - [2011.09.01 11:38:56 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe

PRC - [2011.09.01 11:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

PRC - [2011.05.26 07:05:01 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011.01.15 16:48:44 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

PRC - [2010.07.19 19:57:32 | 002,231,616 | ---- | M] () -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

PRC - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe

PRC - [2008.11.07 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe

PRC - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.06.23 15:43:12 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

MOD - [2012.06.21 12:35:18 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2008.11.07 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012.06.23 15:43:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.06.21 12:35:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe -- (N360)

SRV - [2011.09.01 11:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)

SRV - [2010.07.19 19:57:32 | 002,231,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.11.07 17:49:10 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.05.17 21:15:02 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2012.03.29 08:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2012.03.29 08:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2012.03.29 00:28:38 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symnets.sys -- (SymNetS)

DRV:64bit: - [2012.03.29 00:28:30 | 001,092,728 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symefa64.sys -- (SymEFA)

DRV:64bit: - [2012.03.29 00:28:26 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\symds64.sys -- (SymDS)

DRV:64bit: - [2012.03.29 00:06:26 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ironx64.sys -- (SymIRON)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.11.29 16:44:30 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0602010.005\ccsetx64.sys -- (ccSet_N360)

DRV:64bit: - [2011.07.06 13:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)

DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008.09.26 10:57:00 | 000,041,488 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV:64bit: - [2008.09.26 10:56:00 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2008.09.26 10:56:00 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2008.09.26 10:55:00 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV:64bit: - [2007.05.03 09:11:46 | 000,244,736 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MRVW13C.sys -- (MRV6X64P)

DRV:64bit: - [2007.03.30 18:19:40 | 000,051,200 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)

DRV:64bit: - [2007.03.01 17:53:40 | 000,087,808 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)

DRV:64bit: - [2007.02.22 20:55:54 | 000,143,104 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (Tosrfbd)

DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV - [2012.07.09 19:52:20 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120709.003\ex64.sys -- (NAVEX15)

DRV - [2012.07.09 19:52:20 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120709.003\eng64.sys -- (NAVENG)

DRV - [2012.06.19 02:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120619.001\BHDrvx64.sys -- (BHDrvx64)

DRV - [2012.06.14 20:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120705.001\IDSviA64.sys -- (IDSVia64)

DRV - [2012.05.31 09:01:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

DRV - [2012.05.31 09:01:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010.06.10 13:32:14 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=119998&babsrc=HP_ss&mntrId=781ddecc00000000000090e6ba46ac56

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 12 51 A9 BA AC CA 01  [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101008155724\ICQToolBar.dll (ICQ)

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=781ddecc00000000000090e6ba46ac56

IE - HKCU\..\SearchScopes\{27ED2856-4ABE-4918-B5E6-99D4E05FC34F}: "URL" = hxxp://www.google.de/search?q={searchTerms}

IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=119998&babsrc=adbartrp&mntrId=781ddecc00000000000090e6ba46ac56&q="

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.08.20 13:43:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.10.21 18:16:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\IPSFFPlgn\ [2012.05.18 08:01:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\coFFPlgn\ [2012.07.09 17:32:27 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.21 12:35:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.28 16:06:59 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.28 16:06:59 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.21 12:35:19 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.28 16:06:59 | 000,000,000 | ---D | M]

 

[2010.02.14 10:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Extensions

[2010.02.14 10:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.07.04 11:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\wqta5u4n.default\extensions

[2010.04.28 22:44:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\wqta5u4n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012.01.09 15:53:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.02.11 13:19:30 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\SARAH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQTA5U4N.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI

[2012.06.21 12:35:19 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.06.21 12:35:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.02.28 15:15:21 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

[2012.06.21 12:35:17 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.06.21 12:35:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.06.21 12:35:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.21 12:35:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.21 12:35:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL (Symantec Corporation)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101008155724\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)

O4 - HKLM..\Run: [HP Update 3400C] C:\sj652\hpupdate.exe (Hewlett-Packard)

O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)

O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)

O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)

O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sarah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pampers Pregnancy Widget.lnk =  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1450186B-CDAE-4EAC-A3FE-5E9968619C69}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59A2AF38-BDDB-464C-9686-EABB3234ED96}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{c0034554-49ff-11df-a9ca-90e6ba46bc04}\Shell - "" = AutoRun

O33 - MountPoints2\{c0034554-49ff-11df-a9ca-90e6ba46bc04}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.07.04 19:37:31 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Sigel

[2012.07.04 19:37:23 | 000,374,272 | ---- | C] (Herd Software Entwicklung/ Ketteler Str. 35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) -- C:\Windows\SysWow64\Dav3_32.dll

[2012.07.04 19:37:23 | 000,143,360 | ---- | C] (Herd Software Entwicklung/ Ketteler Str.35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ eMail:info@herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) -- C:\Windows\SysWow64\leon3_32.dll

[2012.07.04 19:37:23 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigel

[2012.07.04 19:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel

[2012.07.04 19:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sigel

[2012.06.25 10:53:07 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse

[2012.06.23 21:30:06 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Macromedia

[2012.06.22 12:01:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\My Curse

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.07.09 22:43:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.07.09 22:27:49 | 000,000,000 | ---- | M] () -- C:\Users\Sarah\defogger_reenable

[2012.07.09 22:27:08 | 000,050,477 | ---- | M] () -- C:\Users\Sarah\Desktop\Defogger.exe

[2012.07.09 17:39:32 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.07.09 17:39:32 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.07.09 17:32:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.07.09 17:31:59 | 3220,471,808 | -HS- | M] () -- C:\hiberfil.sys

[2012.07.08 19:24:57 | 000,000,600 | ---- | M] () -- C:\Users\Sarah\AppData\Local\PUTTY.RND

[2012.07.04 19:37:56 | 000,016,386 | ---- | M] () -- C:\Windows\SysWow64\sigas207.dll

[2012.07.04 19:37:23 | 000,001,142 | ---- | M] () -- C:\Users\Sarah\Desktop\GastroDesigner plus Demo.lnk

[2012.06.26 12:56:24 | 000,181,982 | ---- | M] () -- C:\Users\Sarah\Desktop\Ligamannschaft.jpg

[2012.06.25 10:53:07 | 000,000,318 | ---- | M] () -- C:\Users\Sarah\Desktop\Curse Client.appref-ms

[2012.06.24 20:12:29 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk

[2012.06.24 20:12:29 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\dm-Fotowelt.lnk

[2012.06.24 20:12:26 | 000,328,526 | ---- | M] () -- C:\Users\Sarah\Desktop\illusion-clean-style-2990.jpg

[2012.06.22 23:01:15 | 000,001,469 | ---- | M] () -- C:\Users\Sarah\Desktop\flagge-griechenland.gif

[2012.06.14 13:10:53 | 000,380,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.06.13 23:14:53 | 001,533,474 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.06.13 23:14:53 | 000,658,988 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.06.13 23:14:53 | 000,620,174 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.06.13 23:14:53 | 000,132,558 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.06.13 23:14:53 | 000,108,356 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.06.13 16:22:55 | 000,026,063 | ---- | M] () -- C:\Users\Sarah\Desktop\Party1.jpg

[2012.06.13 16:19:07 | 000,047,710 | ---- | M] () -- C:\Users\Sarah\Desktop\party.gif

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.07.09 22:27:49 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\defogger_reenable

[2012.07.09 22:27:05 | 000,050,477 | ---- | C] () -- C:\Users\Sarah\Desktop\Defogger.exe

[2012.07.04 19:37:56 | 000,016,386 | ---- | C] () -- C:\Windows\SysWow64\sigas207.dll

[2012.07.04 19:37:23 | 000,001,142 | ---- | C] () -- C:\Users\Sarah\Desktop\GastroDesigner plus Demo.lnk

[2012.06.26 12:56:23 | 000,181,982 | ---- | C] () -- C:\Users\Sarah\Desktop\Ligamannschaft.jpg

[2012.06.25 10:53:07 | 000,000,318 | ---- | C] () -- C:\Users\Sarah\Desktop\Curse Client.appref-ms

[2012.06.24 20:12:25 | 000,328,526 | ---- | C] () -- C:\Users\Sarah\Desktop\illusion-clean-style-2990.jpg

[2012.06.22 23:01:14 | 000,001,469 | ---- | C] () -- C:\Users\Sarah\Desktop\flagge-griechenland.gif

[2012.06.13 16:22:55 | 000,026,063 | ---- | C] () -- C:\Users\Sarah\Desktop\Party1.jpg

[2012.06.13 16:19:06 | 000,047,710 | ---- | C] () -- C:\Users\Sarah\Desktop\party.gif

[2012.02.23 22:11:27 | 000,003,584 | ---- | C] () -- C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.10.21 18:16:19 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll

[2011.10.11 19:36:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\Chkv3_32.dll

[2011.08.24 09:51:34 | 000,001,099 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\ShiftN.ini

[2011.08.18 20:18:13 | 000,049,873 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\UserTile.png

[2011.06.15 20:23:50 | 000,001,940 | ---- | C] () -- C:\Users\Sarah\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011.02.10 18:34:51 | 000,000,600 | ---- | C] () -- C:\Users\Sarah\AppData\Local\PUTTY.RND

[2010.02.13 17:44:18 | 000,000,760 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\setup_ldm.iss

 
 ========== LOP Check ==========

 

[2012.02.28 15:15:19 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Babylon

[2010.12.12 20:50:20 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\becker

[2012.04.06 11:05:29 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Canon

[2010.11.22 22:12:44 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\CD-LabelPrint

[2012.07.09 18:23:31 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Dropbox

[2011.12.02 23:42:07 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Foxit Software

[2010.02.26 12:48:21 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\ICQ

[2010.02.13 17:44:25 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Leadertech

[2011.08.20 13:41:06 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\MAGIX

[2012.07.04 19:37:31 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Sigel

[2010.02.14 10:22:54 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Thunderbird

[2011.08.20 13:13:54 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Tific

[2010.04.18 19:00:36 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\TS3Client

[2012.05.16 19:22:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:DFC5A2B2
 

< End of report >

--- --- ---

OTL Extras:
OTL Logfile:

Code:

OTL Extras logfile created on: 09.07.2012 22:33:37 - Run 1

OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Sarah\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 54,21% Memory free

8,00 Gb Paging File | 6,06 Gb Available in Paging File | 75,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,66 Gb Total Space | 353,70 Gb Free Space | 75,96% Space Free | Partition Type: NTFS

 

Computer Name: SARAH-PC | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [OnlineFotoservice] -- "C:\Program Files (x86)\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [OnlineFotoservice] -- "C:\Program Files (x86)\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0047CEB0-4F64-4A4F-AF99-1248FEC0618C}" = rport=445 | protocol=6 | dir=out | app=system | 

"{08BC8460-8245-433F-8945-77EDFE3953E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{12094905-386E-4032-82F4-02E21E8C0A7A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{177F7C08-9081-4164-9218-A91E0BA39960}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{1EF5B9B4-9248-4FF5-93F7-32D060EBC6B3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{2FD3E88F-88FC-4751-87E2-FDD24EA6F318}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{5075AAEF-C1FB-4BD6-B7DB-830DE6046F95}" = lport=10300 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 

"{5348F6A2-0B82-4728-B7B4-9B9AB8D44760}" = lport=138 | protocol=17 | dir=in | app=system | 

"{573898C8-D276-4886-8BD3-1689ED45ABCE}" = lport=139 | protocol=6 | dir=in | app=system | 

"{7ABA3BD7-EBF2-4417-930A-0F0646FAAD76}" = rport=137 | protocol=17 | dir=out | app=system | 

"{859F58A8-1EA1-4512-8C04-2A3B2900E27D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{85E65165-90CB-487B-9592-4B61EDAF43B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{8A1EE3A6-7362-4C2A-8709-D12BD87B4CE1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{93907D6B-2B4D-4FD6-8097-9E3C2270D24C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{A921E1E2-EBFD-425D-8993-F652DC42CA4B}" = rport=139 | protocol=6 | dir=out | app=system | 

"{AD2ED41B-0C68-457B-8010-180AB1FE5125}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B7493B30-9564-48EF-AE81-8DE6157CB9A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{B74B3A7D-0765-4BB2-B6C3-9E9B47030277}" = rport=138 | protocol=17 | dir=out | app=system | 

"{BBBFDEC8-6649-484E-BE35-D4CE921A1CF2}" = lport=137 | protocol=17 | dir=in | app=system | 

"{D05C191E-E675-4B2C-A373-175B64F750C1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{D0FBEF15-DEC5-4E71-9E6B-A5034D403843}" = lport=445 | protocol=6 | dir=in | app=system | 

"{D58C7CD3-5BDE-44EE-B18D-3A15A70BEB40}" = lport=10301 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 

"{E6FE34E3-D042-4464-9433-5CA884BC1E1A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{F6DBEAC6-F5EA-45AC-B365-6CA845C90978}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00F775EF-0516-4921-81FE-B9325A523A92}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{0F745980-7830-45C0-83C9-853608AAAFF8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{109B6929-D2A0-4B5E-8A4A-DD813F28D630}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{1BD85400-6091-4593-93FF-528C9677529A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{2AE8CBD8-F927-4E24-B93E-A195111DCAE2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{35564C65-164B-48FF-AFE3-178352A654D3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{3571AD4A-6A3E-4355-92E3-998F6EA87684}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{4A7E6770-985A-48E9-93C9-DBEFAFFC4998}" = protocol=17 | dir=in | app=c:\users\sarah\appdata\roaming\dropbox\bin\dropbox.exe | 

"{5B38B02F-0B1C-487C-A3B7-B3FE0F8F1D38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{5D10DD0F-53F0-47C6-8792-E0D279C4BFFA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{6D657D7A-DD03-4F05-95BE-EAF8173760DF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{6DB6C977-8CE6-4D24-BB3F-B29EDF353EF5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{72C73EA0-63EC-47C2-B415-7AB3C1771237}" = protocol=6 | dir=in | app=c:\users\sarah\appdata\roaming\dropbox\bin\dropbox.exe | 

"{74CAEDB6-2877-4849-9E4F-4E7440367D16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7A2FD5F2-CAD7-412E-938A-275AE2FBDDB5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{89BFB2BB-6B18-42BD-9683-F9BDC2C2BEE6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8F8D25BF-B3A5-4B34-ABA1-1D2B2232E1B2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{97F9A01B-0CBE-47DF-A1D7-A3AE42660618}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{AF6A08A7-EE13-4643-8D65-BEDD8B150D62}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{B5BB01CA-9A77-49C3-A199-20DEC6B38ADC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{C39C45B7-D834-4BC5-BF40-DD658FFC564F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{E1FB03EA-CD35-4A87-A5E3-39BC7ED7B9ED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{FBC5E64F-5CE2-4BF2-9F1A-E556F6A93808}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"TCP Query User{310E4313-30C4-46B1-8AE2-D82D862ED365}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe | 

"TCP Query User{3A5241E3-3629-4600-91CF-E9720BA073D2}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 

"TCP Query User{5B22217E-5685-472C-B060-E7B463D591D3}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | 

"TCP Query User{81DD50C9-DEC8-4364-8046-CF75FE372554}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 

"TCP Query User{BA75F9A6-258A-4807-B21C-C15B9C9AA6AA}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 

"UDP Query User{0A00A625-4B5F-4147-8731-963A02CD0A40}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 

"UDP Query User{3FDCD0CA-6EE1-44FF-BAF8-2AA2C2028488}C:\users\public\games\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\blizzard downloader.exe | 

"UDP Query User{73C0EB54-90B4-4FC2-864B-D96346730230}C:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2072-enus-tools-downloader.exe | 

"UDP Query User{930B6CF3-396B-4FC2-952E-CD837733D278}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 

"UDP Query User{BA07511A-E4BA-49C5-B936-A398D4B74BC2}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support

"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module

"CutePDF Writer Installation" = CutePDF Writer 2.8

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"TeamSpeak 3 Client" = TeamSpeak 3 Client

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help

"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode

"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool

"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM

"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM

"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart

"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax

"{39AD21D1-93E3-4E10-9635-DFDD2EDB5BA3}" = MAGIX Screenshare

"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help

"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter

"{516C52F1-F593-49C2-BA32-7CA91009F300}" = MAGIX Foto & Grafik Designer 7

"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities

"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap

"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help

"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision

"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help

"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help

"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed

"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express

"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime

"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer

"{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}" = dLAN Cockpit

"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center

"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2

"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT

"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress

"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool

"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch

"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor

"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help

"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3

"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit

"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent

"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget

"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help

"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint

"{f392fd7e-fb7d-4b2b-8876-3c2c3a49aeaf}" = Nero 9

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"7-Zip" = 7-Zip 9.20

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"BabylonToolbar" = Babylon toolbar on IE

"Browser Defender_is1" = Browser Defender 3.0

"Canon MG5300 series Benutzerregistrierung" = Canon MG5300 series Benutzerregistrierung

"Canon MG5300 series On-screen Manual" = Canon MG5300 series On-screen Manual

"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenuEX" = Canon Solution Menu EX

"Content Manager 2" = Content Manager 2

"Digital Editions" = Adobe Digital Editions

"dlancockpit" = devolo dLAN Cockpit

"dm-Fotowelt" = dm-Fotowelt

"Dungeon Keeper II" = Dungeon Keeper 2

"EADM" = EA Download Manager

"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX

"Easy-WebPrint EX" = Canon Easy-WebPrint EX

"Foxit Reader_is1" = Foxit Reader 5.0

"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"ICQToolbar" = ICQ Toolbar

"MAGIX_MSI_Foto_Grafik_Designer_7" = MAGIX Foto & Grafik Designer 7

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"MozBackup" = MozBackup 1.4.10

"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)

"Mozilla Thunderbird 11.0.1 (x86 de)" = Mozilla Thunderbird 11.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0

"N360" = Norton 360

"OnlineFotoservice" = OnlineFotoservice

"Picasa 3" = Picasa 3

"RealPlayer 12.0" = RealPlayer

"Sigel GastroDesigner plus Demo" = Sigel GastroDesigner plus Demo

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"World of Warcraft" = World of Warcraft

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"101a9f93b8f0bb6f" = Curse Client

"Dropbox" = Dropbox

"FoxTab Video Converter" = FoxTab Video Converter

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 20.11.2011 04:27:05 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error - 21.11.2011 04:00:56 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program

 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 21.11.2011 04:01:10 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in  Manifest-

 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 04:01:11 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error - 22.11.2011 03:45:23 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program

 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 22.11.2011 03:45:37 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in  Manifest-

 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 22.11.2011 03:45:37 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error - 23.11.2011 02:26:05 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program

 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 23.11.2011 02:26:24 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in  Manifest-

 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 23.11.2011 02:26:25 | Computer Name = Sarah-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

[ OSession Events ]

Error - 18.03.2012 06:34:15 | Computer Name = Sarah-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3

 seconds with 0 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 05.07.2012 04:29:02 | Computer Name = Sarah-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TOSHIBA Bluetooth Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 05.07.2012 04:30:04 | Computer Name = Sarah-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 06.07.2012 01:23:44 | Computer Name = Sarah-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TOSHIBA Bluetooth Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 06.07.2012 01:24:46 | Computer Name = Sarah-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 06.07.2012 04:43:52 | Computer Name = Sarah-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TOSHIBA Bluetooth Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 06.07.2012 04:44:54 | Computer Name = Sarah-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 08.07.2012 05:05:25 | Computer Name = Sarah-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TOSHIBA Bluetooth Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 08.07.2012 05:06:27 | Computer Name = Sarah-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 09.07.2012 11:32:23 | Computer Name = Sarah-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TOSHIBA Bluetooth Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 09.07.2012 11:33:24 | Computer Name = Sarah-PC | Source = DCOM | ID = 10016

Description = 

 

 

< End of report >

--- --- ---

Vorab schon mal herzlichen Dank

Hallo, hier der Log:

Code:

14:10:41.0836 1380        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35

14:10:42.0846 1380        ============================================================

14:10:42.0846 1380        Current date / time: 2012/07/13 14:10:42.0846

14:10:42.0846 1380        SystemInfo:

14:10:42.0846 1380        

14:10:42.0846 1380        OS Version: 6.1.7601 ServicePack: 1.0

14:10:42.0846 1380        Product type: Workstation

14:10:42.0847 1380        ComputerName: SARAH-PC

14:10:42.0847 1380        UserName: Sarah

14:10:42.0847 1380        Windows directory: C:\Windows

14:10:42.0847 1380        System windows directory: C:\Windows

14:10:42.0847 1380        Running under WOW64

14:10:42.0847 1380        Processor architecture: Intel x64

14:10:42.0847 1380        Number of processors: 2

14:10:42.0847 1380        Page size: 0x1000

14:10:42.0847 1380        Boot type: Normal boot

14:10:42.0847 1380        ============================================================

14:10:44.0180 1380        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:10:44.0305 1380        ============================================================

14:10:44.0305 1380        \Device\Harddisk0\DR0:

14:10:44.0305 1380        MBR partitions:

14:10:44.0305 1380        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:10:44.0305 1380        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000

14:10:44.0305 1380        ============================================================

14:10:44.0338 1380        C: <-> \Device\Harddisk0\DR0\Partition1

14:10:44.0338 1380        ============================================================

14:10:44.0338 1380        Initialize success

14:10:44.0338 1380        ============================================================

14:11:16.0403 2124        ============================================================

14:11:16.0403 2124        Scan started

14:11:16.0403 2124        Mode: Manual; SigCheck; TDLFS; 

14:11:16.0403 2124        ============================================================

14:11:17.0021 2124        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

14:11:17.0136 2124        1394ohci - ok

14:11:17.0190 2124        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

14:11:17.0206 2124        ACPI - ok

14:11:17.0237 2124        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

14:11:17.0291 2124        AcpiPmi - ok

14:11:17.0425 2124        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

14:11:17.0436 2124        AdobeFlashPlayerUpdateSvc - ok

14:11:17.0510 2124        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:11:17.0530 2124        adp94xx - ok

14:11:17.0562 2124        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:11:17.0579 2124        adpahci - ok

14:11:17.0605 2124        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:11:17.0619 2124        adpu320 - ok

14:11:17.0648 2124        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:11:17.0766 2124        AeLookupSvc - ok

14:11:17.0880 2124        AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

14:11:17.0937 2124        AFD - ok

14:11:17.0974 2124        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

14:11:17.0986 2124        agp440 - ok

14:11:18.0013 2124        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:11:18.0080 2124        ALG - ok

14:11:18.0102 2124        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

14:11:18.0114 2124        aliide - ok

14:11:18.0130 2124        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

14:11:18.0141 2124        amdide - ok

14:11:18.0168 2124        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:11:18.0238 2124        AmdK8 - ok

14:11:18.0258 2124        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:11:18.0304 2124        AmdPPM - ok

14:11:18.0338 2124        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

14:11:18.0351 2124        amdsata - ok

14:11:18.0370 2124        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:11:18.0384 2124        amdsbs - ok

14:11:18.0396 2124        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

14:11:18.0407 2124        amdxata - ok

14:11:18.0452 2124        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

14:11:18.0578 2124        AppID - ok

14:11:18.0602 2124        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:11:18.0655 2124        AppIDSvc - ok

14:11:18.0712 2124        Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

14:11:18.0764 2124        Appinfo - ok

14:11:18.0904 2124        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:11:18.0914 2124        Apple Mobile Device - ok

14:11:18.0964 2124        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:11:18.0977 2124        arc - ok

14:11:18.0996 2124        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:11:19.0008 2124        arcsas - ok

14:11:19.0038 2124        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:11:19.0096 2124        AsyncMac - ok

14:11:19.0134 2124        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

14:11:19.0144 2124        atapi - ok

14:11:19.0215 2124        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:11:19.0281 2124        AudioEndpointBuilder - ok

14:11:19.0288 2124        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:11:19.0323 2124        AudioSrv - ok

14:11:19.0377 2124        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

14:11:19.0440 2124        AxInstSV - ok

14:11:19.0500 2124        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:11:19.0572 2124        b06bdrv - ok

14:11:19.0623 2124        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:11:19.0679 2124        b57nd60a - ok

14:11:19.0717 2124        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:11:19.0766 2124        BDESVC - ok

14:11:19.0776 2124        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:11:19.0834 2124        Beep - ok

14:11:19.0913 2124        BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

14:11:19.0961 2124        BFE - ok

14:11:20.0182 2124        BHDrvx64        (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys

14:11:20.0223 2124        BHDrvx64 - ok

14:11:20.0343 2124        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

14:11:20.0410 2124        BITS - ok

14:11:20.0461 2124        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:11:20.0485 2124        blbdrive - ok

14:11:20.0615 2124        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

14:11:20.0629 2124        Bonjour Service - ok

14:11:20.0669 2124        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

14:11:20.0721 2124        bowser - ok

14:11:20.0742 2124        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:11:20.0832 2124        BrFiltLo - ok

14:11:20.0843 2124        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:11:20.0857 2124        BrFiltUp - ok

14:11:20.0898 2124        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

14:11:20.0942 2124        BridgeMP - ok

14:11:20.0985 2124        Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

14:11:21.0016 2124        Browser - ok

14:11:21.0117 2124        Browser Defender Update Service (c6b40dbc558a6cec5832c34a1854aa2a) C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

14:11:21.0130 2124        Browser Defender Update Service - ok

14:11:21.0159 2124        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:11:21.0232 2124        Brserid - ok

14:11:21.0251 2124        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:11:21.0284 2124        BrSerWdm - ok

14:11:21.0305 2124        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:11:21.0345 2124        BrUsbMdm - ok

14:11:21.0367 2124        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:11:21.0398 2124        BrUsbSer - ok

14:11:21.0420 2124        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:11:21.0453 2124        BTHMODEM - ok

14:11:21.0552 2124        BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

14:11:21.0630 2124        BTHPORT - ok

14:11:21.0656 2124        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:11:21.0702 2124        bthserv - ok

14:11:21.0728 2124        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

14:11:21.0756 2124        BTHUSB - ok

14:11:21.0783 2124        catchme - ok

14:11:21.0830 2124        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:11:21.0876 2124        cdfs - ok

14:11:21.0939 2124        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

14:11:21.0953 2124        cdrom - ok

14:11:21.0998 2124        CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:11:22.0047 2124        CertPropSvc - ok

14:11:22.0078 2124        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:11:22.0092 2124        circlass - ok

14:11:22.0132 2124        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:11:22.0148 2124        CLFS - ok

14:11:22.0205 2124        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:11:22.0217 2124        clr_optimization_v2.0.50727_32 - ok

14:11:22.0255 2124        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:11:22.0266 2124        clr_optimization_v2.0.50727_64 - ok

14:11:22.0336 2124        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:11:22.0348 2124        clr_optimization_v4.0.30319_32 - ok

14:11:22.0391 2124        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:11:22.0402 2124        clr_optimization_v4.0.30319_64 - ok

14:11:22.0435 2124        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:11:22.0466 2124        CmBatt - ok

14:11:22.0512 2124        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

14:11:22.0524 2124        cmdide - ok

14:11:22.0577 2124        CNG             (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

14:11:22.0601 2124        CNG - ok

14:11:22.0620 2124        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:11:22.0632 2124        Compbatt - ok

14:11:22.0665 2124        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

14:11:22.0703 2124        CompositeBus - ok

14:11:22.0725 2124        COMSysApp - ok

14:11:22.0746 2124        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:11:22.0757 2124        crcdisk - ok

14:11:22.0802 2124        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

14:11:22.0850 2124        CryptSvc - ok

14:11:22.0929 2124        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:11:22.0983 2124        DcomLaunch - ok

14:11:23.0036 2124        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:11:23.0084 2124        defragsvc - ok

14:11:23.0284 2124        DevoloNetworkService (d2600494c45b98adfdae290205ad7cd3) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

14:11:23.0327 2124        DevoloNetworkService - ok

14:11:23.0458 2124        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

14:11:23.0509 2124        DfsC - ok

14:11:23.0597 2124        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

14:11:23.0650 2124        Dhcp - ok

14:11:23.0680 2124        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:11:23.0730 2124        discache - ok

14:11:23.0772 2124        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:11:23.0784 2124        Disk - ok

14:11:23.0824 2124        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

14:11:23.0890 2124        Dnscache - ok

14:11:23.0928 2124        dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

14:11:23.0978 2124        dot3svc - ok

14:11:24.0019 2124        DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

14:11:24.0066 2124        DPS - ok

14:11:24.0099 2124        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:11:24.0130 2124        drmkaud - ok

14:11:24.0203 2124        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

14:11:24.0230 2124        DXGKrnl - ok

14:11:24.0262 2124        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:11:24.0311 2124        EapHost - ok

14:11:24.0491 2124        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:11:24.0568 2124        ebdrv - ok

14:11:24.0694 2124        eeCtrl          (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

14:11:24.0710 2124        eeCtrl - ok

14:11:24.0815 2124        EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

14:11:24.0866 2124        EFS - ok

14:11:24.0956 2124        ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

14:11:24.0992 2124        ehRecvr - ok

14:11:25.0022 2124        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:11:25.0075 2124        ehSched - ok

14:11:25.0167 2124        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:11:25.0187 2124        elxstor - ok

14:11:25.0277 2124        EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

14:11:25.0288 2124        EraserUtilRebootDrv - ok

14:11:25.0321 2124        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

14:11:25.0357 2124        ErrDev - ok

14:11:25.0426 2124        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:11:25.0460 2124        EventSystem - ok

14:11:25.0503 2124        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:11:25.0550 2124        exfat - ok

14:11:25.0586 2124        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:11:25.0638 2124        fastfat - ok

14:11:25.0721 2124        Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

14:11:25.0782 2124        Fax - ok

14:11:25.0915 2124        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:11:25.0936 2124        fdc - ok

14:11:26.0092 2124        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:11:26.0141 2124        fdPHost - ok

14:11:26.0159 2124        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:11:26.0211 2124        FDResPub - ok

14:11:26.0236 2124        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:11:26.0247 2124        FileInfo - ok

14:11:26.0260 2124        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:11:26.0310 2124        Filetrace - ok

14:11:26.0315 2124        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:11:26.0357 2124        flpydisk - ok

14:11:26.0417 2124        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

14:11:26.0432 2124        FltMgr - ok

14:11:26.0510 2124        FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

14:11:26.0588 2124        FontCache - ok

14:11:26.0679 2124        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:11:26.0689 2124        FontCache3.0.0.0 - ok

14:11:26.0743 2124        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:11:26.0755 2124        FsDepends - ok

14:11:26.0780 2124        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

14:11:26.0791 2124        Fs_Rec - ok

14:11:26.0849 2124        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:11:26.0866 2124        fvevol - ok

14:11:26.0891 2124        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:11:26.0905 2124        gagp30kx - ok

14:11:26.0953 2124        GEARAspiWDM     (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:11:26.0964 2124        GEARAspiWDM - ok

14:11:27.0032 2124        gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

14:11:27.0084 2124        gpsvc - ok

14:11:27.0218 2124        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

14:11:27.0230 2124        gusvc - ok

14:11:27.0252 2124        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:11:27.0296 2124        hcw85cir - ok

14:11:27.0361 2124        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

14:11:27.0402 2124        HdAudAddService - ok

14:11:27.0444 2124        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

14:11:27.0480 2124        HDAudBus - ok

14:11:27.0497 2124        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:11:27.0530 2124        HidBatt - ok

14:11:27.0569 2124        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:11:27.0603 2124        HidBth - ok

14:11:27.0628 2124        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:11:27.0676 2124        HidIr - ok

14:11:27.0709 2124        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

14:11:27.0757 2124        hidserv - ok

14:11:27.0809 2124        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

14:11:27.0821 2124        HidUsb - ok

14:11:27.0854 2124        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

14:11:27.0909 2124        hkmsvc - ok

14:11:27.0956 2124        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

14:11:28.0018 2124        HomeGroupListener - ok

14:11:28.0052 2124        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

14:11:28.0086 2124        HomeGroupProvider - ok

14:11:28.0136 2124        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

14:11:28.0148 2124        HpSAMD - ok

14:11:28.0217 2124        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

14:11:28.0275 2124        HTTP - ok

14:11:28.0302 2124        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

14:11:28.0313 2124        hwpolicy - ok

14:11:28.0331 2124        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

14:11:28.0344 2124        i8042prt - ok

14:11:28.0375 2124        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

14:11:28.0393 2124        iaStorV - ok

14:11:28.0466 2124        ICQ Service     (848edebb3c1d6fec50e09eda95c21e84) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe

14:11:28.0477 2124        ICQ Service - ok

14:11:28.0624 2124        idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:11:28.0648 2124        idsvc - ok

14:11:28.0821 2124        IDSVia64        (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120712.001\IDSvia64.sys

14:11:28.0837 2124        IDSVia64 - ok

14:11:28.0946 2124        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:11:28.0958 2124        iirsp - ok

14:11:29.0029 2124        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

14:11:29.0088 2124        IKEEXT - ok

14:11:29.0127 2124        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

14:11:29.0138 2124        intelide - ok

14:11:29.0164 2124        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:11:29.0192 2124        intelppm - ok

14:11:29.0232 2124        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:11:29.0281 2124        IPBusEnum - ok

14:11:29.0320 2124        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:11:29.0373 2124        IpFilterDriver - ok

14:11:29.0429 2124        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

14:11:29.0485 2124        iphlpsvc - ok

14:11:29.0512 2124        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

14:11:29.0526 2124        IPMIDRV - ok

14:11:29.0579 2124        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:11:29.0627 2124        IPNAT - ok

14:11:29.0779 2124        iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

14:11:29.0798 2124        iPod Service - ok

14:11:29.0825 2124        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:11:29.0896 2124        IRENUM - ok

14:11:29.0921 2124        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

14:11:29.0933 2124        isapnp - ok

14:11:29.0976 2124        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

14:11:29.0991 2124        iScsiPrt - ok

14:11:30.0014 2124        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:11:30.0026 2124        kbdclass - ok

14:11:30.0050 2124        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

14:11:30.0078 2124        kbdhid - ok

14:11:30.0111 2124        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:11:30.0123 2124        KeyIso - ok

14:11:30.0154 2124        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

14:11:30.0166 2124        KSecDD - ok

14:11:30.0199 2124        KSecPkg         (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

14:11:30.0213 2124        KSecPkg - ok

14:11:30.0232 2124        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:11:30.0282 2124        ksthunk - ok

14:11:30.0329 2124        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:11:30.0386 2124        KtmRm - ok

14:11:30.0420 2124        L8042Kbd        (3fb80db5ec01b6153572d27438fbea20) C:\Windows\system32\DRIVERS\L8042Kbd.sys

14:11:30.0430 2124        L8042Kbd - ok

14:11:30.0476 2124        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

14:11:30.0529 2124        LanmanServer - ok

14:11:30.0572 2124        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

14:11:30.0618 2124        LanmanWorkstation - ok

14:11:30.0697 2124        LBTServ         (3f98db70009e420c332f48891de39fba) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

14:11:30.0708 2124        LBTServ - ok

14:11:30.0730 2124        LHidFilt        (b45686101f9473b52d7a501c544dda5d) C:\Windows\system32\DRIVERS\LHidFilt.Sys

14:11:30.0739 2124        LHidFilt - ok

14:11:30.0792 2124        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:11:30.0846 2124        lltdio - ok

14:11:30.0892 2124        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:11:30.0941 2124        lltdsvc - ok

14:11:30.0963 2124        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:11:30.0993 2124        lmhosts - ok

14:11:30.0998 2124        LMouFilt        (9980bb086248ca45772eff2559aa62d3) C:\Windows\system32\DRIVERS\LMouFilt.Sys

14:11:31.0008 2124        LMouFilt - ok

14:11:31.0035 2124        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:11:31.0047 2124        LSI_FC - ok

14:11:31.0072 2124        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:11:31.0084 2124        LSI_SAS - ok

14:11:31.0217 2124        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:11:31.0228 2124        LSI_SAS2 - ok

14:11:31.0251 2124        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:11:31.0264 2124        LSI_SCSI - ok

14:11:31.0283 2124        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:11:31.0330 2124        luafv - ok

14:11:31.0366 2124        LUsbFilt        (a1eb1db073972c7ce252daa3456bbbe7) C:\Windows\system32\Drivers\LUsbFilt.Sys

14:11:31.0375 2124        LUsbFilt - ok

14:11:31.0441 2124        MBAMProtector   (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

14:11:31.0451 2124        MBAMProtector - ok

14:11:31.0594 2124        MBAMService     (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

14:11:31.0610 2124        MBAMService - ok

14:11:31.0639 2124        Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

14:11:31.0670 2124        Mcx2Svc - ok

14:11:31.0694 2124        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:11:31.0705 2124        megasas - ok

14:11:31.0735 2124        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:11:31.0751 2124        MegaSR - ok

14:11:31.0789 2124        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:11:31.0837 2124        MMCSS - ok

14:11:31.0855 2124        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:11:31.0903 2124        Modem - ok

14:11:31.0960 2124        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:11:31.0994 2124        monitor - ok

14:11:32.0049 2124        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:11:32.0061 2124        mouclass - ok

14:11:32.0080 2124        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:11:32.0109 2124        mouhid - ok

14:11:32.0154 2124        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

14:11:32.0166 2124        mountmgr - ok

14:11:32.0245 2124        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:11:32.0256 2124        MozillaMaintenance - ok

14:11:32.0277 2124        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

14:11:32.0291 2124        mpio - ok

14:11:32.0305 2124        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:11:32.0351 2124        mpsdrv - ok

14:11:32.0417 2124        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

14:11:32.0478 2124        MpsSvc - ok

14:11:32.0537 2124        MRV6X64P        (bb56a50c1b9b352b3fc52a0e2931572a) C:\Windows\system32\DRIVERS\MRVW13C.sys

14:11:32.0591 2124        MRV6X64P - ok

14:11:32.0652 2124        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

14:11:32.0682 2124        MRxDAV - ok

14:11:32.0715 2124        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:11:32.0763 2124        mrxsmb - ok

14:11:32.0813 2124        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:11:32.0840 2124        mrxsmb10 - ok

14:11:32.0891 2124        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:11:32.0903 2124        mrxsmb20 - ok

14:11:32.0929 2124        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

14:11:32.0939 2124        msahci - ok

14:11:32.0980 2124        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

14:11:32.0994 2124        msdsm - ok

14:11:33.0018 2124        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:11:33.0033 2124        MSDTC - ok

14:11:33.0061 2124        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:11:33.0091 2124        Msfs - ok

14:11:33.0116 2124        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:11:33.0159 2124        mshidkmdf - ok

14:11:33.0184 2124        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

14:11:33.0195 2124        msisadrv - ok

14:11:33.0225 2124        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:11:33.0257 2124        MSiSCSI - ok

14:11:33.0260 2124        msiserver - ok

14:11:33.0278 2124        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:11:33.0329 2124        MSKSSRV - ok

14:11:33.0355 2124        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:11:33.0402 2124        MSPCLOCK - ok

14:11:33.0416 2124        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:11:33.0466 2124        MSPQM - ok

14:11:33.0510 2124        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

14:11:33.0527 2124        MsRPC - ok

14:11:33.0553 2124        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

14:11:33.0564 2124        mssmbios - ok

14:11:33.0575 2124        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:11:33.0617 2124        MSTEE - ok

14:11:33.0637 2124        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:11:33.0649 2124        MTConfig - ok

14:11:33.0690 2124        MTsensor        (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys

14:11:33.0738 2124        MTsensor - ok

14:11:33.0750 2124        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:11:33.0762 2124        Mup - ok

14:11:33.0898 2124        N360            (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

14:11:33.0908 2124        N360 - ok

14:11:33.0953 2124        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

14:11:34.0005 2124        napagent - ok

14:11:34.0110 2124        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:11:34.0145 2124        NativeWifiP - ok

14:11:34.0280 2124        NAVENG          (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120712.034\ENG64.SYS

14:11:34.0289 2124        NAVENG - ok

14:11:34.0413 2124        NAVEX15         (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120712.034\EX64.SYS

14:11:34.0447 2124        NAVEX15 - ok

14:11:34.0661 2124        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

14:11:34.0688 2124        NDIS - ok

14:11:34.0714 2124        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:11:34.0760 2124        NdisCap - ok

14:11:34.0792 2124        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:11:34.0842 2124        NdisTapi - ok

14:11:34.0879 2124        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

14:11:34.0923 2124        Ndisuio - ok

14:11:34.0957 2124        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

14:11:35.0010 2124        NdisWan - ok

14:11:35.0028 2124        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

14:11:35.0078 2124        NDProxy - ok

14:11:35.0226 2124        Nero BackItUp Scheduler 4.0 (27fe4b70c12a2c67a58d799b9a4e8d81) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

14:11:35.0249 2124        Nero BackItUp Scheduler 4.0 - ok

14:11:35.0278 2124        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:11:35.0331 2124        NetBIOS - ok

14:11:35.0374 2124        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

14:11:35.0405 2124        NetBT - ok

14:11:35.0433 2124        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:11:35.0445 2124        Netlogon - ok

14:11:35.0487 2124        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:11:35.0540 2124        Netman - ok

14:11:35.0596 2124        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:11:35.0657 2124        netprofm - ok

14:11:35.0759 2124        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:11:35.0770 2124        NetTcpPortSharing - ok

14:11:35.0815 2124        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:11:35.0826 2124        nfrd960 - ok

14:11:35.0882 2124        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

14:11:35.0930 2124        NlaSvc - ok

14:11:35.0951 2124        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:11:35.0980 2124        Npfs - ok

14:11:36.0124 2124        NPF_devolo      (49697c2c761acb5c0de99cc8fe93e95b) C:\Windows\sysWOW64\drivers\npf_devolo.sys

14:11:36.0133 2124        NPF_devolo - ok

14:11:36.0153 2124        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:11:36.0207 2124        nsi - ok

14:11:36.0251 2124        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:11:36.0320 2124        nsiproxy - ok

14:11:36.0423 2124        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

14:11:36.0461 2124        Ntfs - ok

14:11:36.0592 2124        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:11:36.0622 2124        Null - ok

14:11:37.0165 2124        nvlddmkm        (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:11:37.0388 2124        nvlddmkm - ok

14:11:37.0531 2124        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

14:11:37.0545 2124        nvraid - ok

14:11:37.0571 2124        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

14:11:37.0586 2124        nvstor - ok

14:11:37.0623 2124        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

14:11:37.0636 2124        nv_agp - ok

14:11:37.0739 2124        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

14:11:37.0755 2124        odserv - ok

14:11:37.0783 2124        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

14:11:37.0813 2124        ohci1394 - ok

14:11:37.0853 2124        ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:11:37.0864 2124        ose - ok

14:11:37.0903 2124        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:11:37.0958 2124        p2pimsvc - ok

14:11:37.0998 2124        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:11:38.0015 2124        p2psvc - ok

14:11:38.0035 2124        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:11:38.0048 2124        Parport - ok

14:11:38.0081 2124        partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

14:11:38.0092 2124        partmgr - ok

14:11:38.0117 2124        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:11:38.0157 2124        PcaSvc - ok

14:11:38.0209 2124        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

14:11:38.0222 2124        pci - ok

14:11:38.0235 2124        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

14:11:38.0246 2124        pciide - ok

14:11:38.0272 2124        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:11:38.0286 2124        pcmcia - ok

14:11:38.0304 2124        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:11:38.0316 2124        pcw - ok

14:11:38.0363 2124        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:11:38.0422 2124        PEAUTH - ok

14:11:38.0495 2124        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:11:38.0530 2124        PerfHost - ok

14:11:38.0630 2124        pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

14:11:38.0695 2124        pla - ok

14:11:38.0768 2124        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

14:11:38.0795 2124        PlugPlay - ok

14:11:38.0820 2124        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:11:38.0849 2124        PNRPAutoReg - ok

14:11:38.0888 2124        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:11:38.0902 2124        PNRPsvc - ok

14:11:38.0957 2124        PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

14:11:39.0016 2124        PolicyAgent - ok

14:11:39.0060 2124        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:11:39.0108 2124        Power - ok

14:11:39.0186 2124        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

14:11:39.0234 2124        PptpMiniport - ok

14:11:39.0263 2124        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:11:39.0293 2124        Processor - ok

14:11:39.0357 2124        ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

14:11:39.0404 2124        ProfSvc - ok

14:11:39.0425 2124        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:11:39.0437 2124        ProtectedStorage - ok

14:11:39.0482 2124        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

14:11:39.0529 2124        Psched - ok

14:11:39.0620 2124        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:11:39.0656 2124        ql2300 - ok

14:11:39.0764 2124        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:11:39.0777 2124        ql40xx - ok

14:11:39.0805 2124        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:11:39.0823 2124        QWAVE - ok

14:11:39.0846 2124        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:11:39.0883 2124        QWAVEdrv - ok

14:11:39.0905 2124        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:11:39.0958 2124        RasAcd - ok

14:11:40.0002 2124        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:11:40.0032 2124        RasAgileVpn - ok

14:11:40.0054 2124        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:11:40.0085 2124        RasAuto - ok

14:11:40.0119 2124        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:11:40.0166 2124        Rasl2tp - ok

14:11:40.0201 2124        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

14:11:40.0250 2124        RasMan - ok

14:11:40.0278 2124        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:11:40.0331 2124        RasPppoe - ok

14:11:40.0361 2124        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:11:40.0406 2124        RasSstp - ok

14:11:40.0457 2124        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

14:11:40.0489 2124        rdbss - ok

14:11:40.0503 2124        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:11:40.0539 2124        rdpbus - ok

14:11:40.0566 2124        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:11:40.0596 2124        RDPCDD - ok

14:11:40.0614 2124        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:11:40.0667 2124        RDPENCDD - ok

14:11:40.0687 2124        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:11:40.0718 2124        RDPREFMP - ok

14:11:40.0755 2124        RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

14:11:40.0803 2124        RDPWD - ok

14:11:40.0852 2124        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

14:11:40.0866 2124        rdyboost - ok

14:11:40.0889 2124        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:11:40.0937 2124        RemoteAccess - ok

14:11:40.0978 2124        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:11:41.0032 2124        RemoteRegistry - ok

14:11:41.0065 2124        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:11:41.0110 2124        RpcEptMapper - ok

14:11:41.0138 2124        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:11:41.0181 2124        RpcLocator - ok

14:11:41.0245 2124        RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:11:41.0278 2124        RpcSs - ok

14:11:41.0319 2124        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:11:41.0377 2124        rspndr - ok

14:11:41.0405 2124        SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:11:41.0416 2124        SamSs - ok

14:11:41.0477 2124        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

14:11:41.0489 2124        sbp2port - ok

14:11:41.0524 2124        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:11:41.0576 2124        SCardSvr - ok

14:11:41.0603 2124        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

14:11:41.0645 2124        scfilter - ok

14:11:41.0726 2124        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

14:11:41.0793 2124        Schedule - ok

14:11:41.0836 2124        SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:11:41.0864 2124        SCPolicySvc - ok

14:11:41.0909 2124        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

14:11:41.0956 2124        SDRSVC - ok

14:11:42.0021 2124        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:11:42.0066 2124        secdrv - ok

14:11:42.0083 2124        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

14:11:42.0132 2124        seclogon - ok

14:11:42.0226 2124        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

14:11:42.0276 2124        SENS - ok

14:11:42.0300 2124        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:11:42.0329 2124        SensrSvc - ok

14:11:42.0345 2124        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:11:42.0357 2124        Serenum - ok

14:11:42.0377 2124        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:11:42.0403 2124        Serial - ok

14:11:42.0429 2124        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:11:42.0441 2124        sermouse - ok

14:11:42.0484 2124        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

14:11:42.0534 2124        SessionEnv - ok

14:11:42.0574 2124        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

14:11:42.0603 2124        sffdisk - ok

14:11:42.0608 2124        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

14:11:42.0648 2124        sffp_mmc - ok

14:11:42.0652 2124        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

14:11:42.0687 2124        sffp_sd - ok

14:11:42.0714 2124        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:11:42.0748 2124        sfloppy - ok

14:11:42.0805 2124        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:11:42.0860 2124        SharedAccess - ok

14:11:42.0898 2124        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

14:11:42.0931 2124        ShellHWDetection - ok

14:11:42.0956 2124        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:11:42.0967 2124        SiSRaid2 - ok

14:11:42.0991 2124        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:11:43.0003 2124        SiSRaid4 - ok

14:11:43.0026 2124        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:11:43.0057 2124        Smb - ok

14:11:43.0098 2124        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:11:43.0135 2124        SNMPTRAP - ok

14:11:43.0166 2124        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:11:43.0177 2124        spldr - ok

14:11:43.0215 2124        Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

14:11:43.0250 2124        Spooler - ok

14:11:43.0436 2124        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

14:11:43.0525 2124        sppsvc - ok

14:11:43.0618 2124        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:11:43.0649 2124        sppuinotify - ok

14:11:43.0770 2124        SRTSP           (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS

14:11:43.0790 2124        SRTSP - ok

14:11:43.0817 2124        SRTSPX          (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS

14:11:43.0826 2124        SRTSPX - ok

14:11:43.0879 2124        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

14:11:43.0932 2124        srv - ok

14:11:43.0963 2124        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

14:11:43.0999 2124        srv2 - ok

14:11:44.0027 2124        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

14:11:44.0060 2124        srvnet - ok

14:11:44.0107 2124        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:11:44.0155 2124        SSDPSRV - ok

14:11:44.0179 2124        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:11:44.0211 2124        SstpSvc - ok

14:11:44.0235 2124        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:11:44.0247 2124        stexstor - ok

14:11:44.0304 2124        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

14:11:44.0349 2124        stisvc - ok

14:11:44.0383 2124        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

14:11:44.0394 2124        swenum - ok

14:11:44.0429 2124        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:11:44.0478 2124        swprv - ok

14:11:44.0570 2124        SymDS           (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS

14:11:44.0586 2124        SymDS - ok

14:11:44.0673 2124        SymEFA          (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS

14:11:44.0697 2124        SymEFA - ok

14:11:44.0727 2124        SymEvent        (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

14:11:44.0738 2124        SymEvent - ok

14:11:44.0790 2124        SymIRON         (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS

14:11:44.0802 2124        SymIRON - ok

14:11:44.0834 2124        SymNetS         (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS

14:11:44.0850 2124        SymNetS - ok

14:11:44.0957 2124        SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

14:11:44.0996 2124        SysMain - ok

14:11:45.0098 2124        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

14:11:45.0132 2124        TabletInputService - ok

14:11:45.0174 2124        TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

14:11:45.0229 2124        TapiSrv - ok

14:11:45.0263 2124        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:11:45.0317 2124        TBS - ok

14:11:45.0482 2124        Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

14:11:45.0524 2124        Tcpip - ok

14:11:45.0679 2124        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

14:11:45.0712 2124        TCPIP6 - ok

14:11:45.0779 2124        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

14:11:45.0821 2124        tcpipreg - ok

14:11:45.0866 2124        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:11:45.0896 2124        TDPIPE - ok

14:11:45.0929 2124        TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

14:11:45.0959 2124        TDTCP - ok

14:11:46.0029 2124        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

14:11:46.0081 2124        tdx - ok

14:11:46.0120 2124        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

14:11:46.0132 2124        TermDD - ok

14:11:46.0189 2124        TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

14:11:46.0243 2124        TermService - ok

14:11:46.0274 2124        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:11:46.0306 2124        Themes - ok

14:11:46.0352 2124        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:11:46.0382 2124        THREADORDER - ok

14:11:46.0459 2124        TOSHIBA Bluetooth Service - ok

14:11:46.0506 2124        Tosrfbd         (9d0c8bf8d22268503030a333f1bfef4f) C:\Windows\system32\DRIVERS\tosrfbd.sys

14:11:46.0531 2124        Tosrfbd - ok

14:11:46.0534 2124        Tosrfcom - ok

14:11:46.0565 2124        Tosrfhid        (33c90b98b74d01d179e1963a5bf5edf9) C:\Windows\system32\DRIVERS\Tosrfhid.sys

14:11:46.0600 2124        Tosrfhid - ok

14:11:46.0620 2124        Tosrfusb        (3b2cec108c442e62ce6a4609b3d7e87f) C:\Windows\system32\DRIVERS\tosrfusb.sys

14:11:46.0647 2124        Tosrfusb - ok

14:11:46.0659 2124        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:11:46.0713 2124        TrkWks - ok

14:11:46.0790 2124        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

14:11:46.0831 2124        TrustedInstaller - ok

14:11:46.0861 2124        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:11:46.0890 2124        tssecsrv - ok

14:11:46.0934 2124        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

14:11:46.0983 2124        TsUsbFlt - ok

14:11:47.0022 2124        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

14:11:47.0071 2124        tunnel - ok

14:11:47.0105 2124        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:11:47.0117 2124        uagp35 - ok

14:11:47.0164 2124        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

14:11:47.0211 2124        udfs - ok

14:11:47.0244 2124        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:11:47.0280 2124        UI0Detect - ok

14:11:47.0331 2124        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

14:11:47.0343 2124        uliagpkx - ok

14:11:47.0366 2124        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

14:11:47.0393 2124        umbus - ok

14:11:47.0417 2124        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:11:47.0429 2124        UmPass - ok

14:11:47.0455 2124        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:11:47.0490 2124        upnphost - ok

14:11:47.0528 2124        USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

14:11:47.0550 2124        USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

14:11:47.0550 2124        USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

14:11:47.0578 2124        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

14:11:47.0618 2124        usbccgp - ok

14:11:47.0660 2124        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

14:11:47.0675 2124        usbcir - ok

14:11:47.0681 2124        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

14:11:47.0710 2124        usbehci - ok

14:11:47.0760 2124        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

14:11:47.0797 2124        usbhub - ok

14:11:47.0827 2124        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

14:11:47.0909 2124        usbohci - ok

14:11:48.0065 2124        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:11:48.0101 2124        usbprint - ok

14:11:48.0128 2124        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:11:48.0174 2124        USBSTOR - ok

14:11:48.0196 2124        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

14:11:48.0225 2124        usbuhci - ok

14:11:48.0264 2124        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:11:48.0313 2124        UxSms - ok

14:11:48.0339 2124        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:11:48.0351 2124        VaultSvc - ok

14:11:48.0370 2124        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

14:11:48.0381 2124        vdrvroot - ok

14:11:48.0457 2124        vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

14:11:48.0515 2124        vds - ok

14:11:48.0559 2124        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:11:48.0573 2124        vga - ok

14:11:48.0586 2124        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:11:48.0632 2124        VgaSave - ok

14:11:48.0672 2124        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

14:11:48.0686 2124        vhdmp - ok

14:11:48.0707 2124        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

14:11:48.0719 2124        viaide - ok

14:11:48.0735 2124        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

14:11:48.0746 2124        volmgr - ok

14:11:48.0791 2124        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

14:11:48.0807 2124        volmgrx - ok

14:11:48.0838 2124        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

14:11:48.0853 2124        volsnap - ok

14:11:48.0892 2124        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:11:48.0906 2124        vsmraid - ok

14:11:49.0015 2124        VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

14:11:49.0080 2124        VSS - ok

14:11:49.0192 2124        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

14:11:49.0224 2124        vwifibus - ok

14:11:49.0300 2124        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:11:49.0335 2124        W32Time - ok

14:11:49.0358 2124        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:11:49.0393 2124        WacomPen - ok

14:11:49.0455 2124        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:11:49.0499 2124        WANARP - ok

14:11:49.0502 2124        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:11:49.0531 2124        Wanarpv6 - ok

14:11:49.0625 2124        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

14:11:49.0669 2124        wbengine - ok

14:11:49.0769 2124        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:11:49.0787 2124        WbioSrvc - ok

14:11:49.0832 2124        wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

14:11:49.0871 2124        wcncsvc - ok

14:11:49.0897 2124        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:11:49.0926 2124        WcsPlugInService - ok

14:11:49.0983 2124        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:11:49.0995 2124        Wd - ok

14:11:50.0035 2124        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:11:50.0056 2124        Wdf01000 - ok

14:11:50.0074 2124        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:11:50.0148 2124        WdiServiceHost - ok

14:11:50.0151 2124        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:11:50.0168 2124        WdiSystemHost - ok

14:11:50.0256 2124        WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

14:11:50.0289 2124        WebClient - ok

14:11:50.0331 2124        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:11:50.0386 2124        Wecsvc - ok

14:11:50.0408 2124        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:11:50.0439 2124        wercplsupport - ok

14:11:50.0473 2124        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:11:50.0519 2124        WerSvc - ok

14:11:50.0583 2124        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:11:50.0612 2124        WfpLwf - ok

14:11:50.0626 2124        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:11:50.0637 2124        WIMMount - ok

14:11:50.0677 2124        WinDefend - ok

14:11:50.0682 2124        WinHttpAutoProxySvc - ok

14:11:50.0734 2124        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:11:50.0766 2124        Winmgmt - ok

14:11:50.0892 2124        WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

14:11:50.0947 2124        WinRM - ok

14:11:51.0068 2124        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

14:11:51.0102 2124        WinUsb - ok

14:11:51.0163 2124        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:11:51.0209 2124        Wlansvc - ok

14:11:51.0245 2124        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

14:11:51.0257 2124        WmiAcpi - ok

14:11:51.0313 2124        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:11:51.0343 2124        wmiApSrv - ok

14:11:51.0409 2124        WMPNetworkSvc - ok

14:11:51.0425 2124        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:11:51.0446 2124        WPCSvc - ok

14:11:51.0476 2124        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

14:11:51.0492 2124        WPDBusEnum - ok

14:11:51.0515 2124        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:11:51.0559 2124        ws2ifsl - ok

14:11:51.0594 2124        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

14:11:51.0631 2124        wscsvc - ok

14:11:51.0683 2124        WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

14:11:51.0711 2124        WSDPrintDevice - ok

14:11:51.0734 2124        WSDScan         (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys

14:11:51.0748 2124        WSDScan - ok

14:11:51.0751 2124        WSearch - ok

14:11:51.0899 2124        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

14:11:51.0950 2124        wuauserv - ok

14:11:52.0067 2124        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

14:11:52.0110 2124        WudfPf - ok

14:11:52.0149 2124        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:11:52.0193 2124        WUDFRd - ok

14:11:52.0230 2124        wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

14:11:52.0260 2124        wudfsvc - ok

14:11:52.0291 2124        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:11:52.0326 2124        WwanSvc - ok

14:11:52.0381 2124        yukonw7         (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

14:11:52.0411 2124        yukonw7 - ok

14:11:52.0451 2124        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:11:52.0686 2124        \Device\Harddisk0\DR0 - ok

14:11:52.0689 2124        Boot (0x1200)   (f3c53ea8ee235cce253497991f690076) \Device\Harddisk0\DR0\Partition0

14:11:52.0690 2124        \Device\Harddisk0\DR0\Partition0 - ok

14:11:52.0722 2124        Boot (0x1200)   (e00211eadf52c28735ba2b1933b9ec9e) \Device\Harddisk0\DR0\Partition1

14:11:52.0724 2124        \Device\Harddisk0\DR0\Partition1 - ok

14:11:52.0724 2124        ============================================================

14:11:52.0724 2124        Scan finished

14:11:52.0725 2124        ============================================================

14:11:52.0737 3100        Detected object count: 1

14:11:52.0737 3100        Actual detected object count: 1

14:14:00.0179 3100        USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

14:14:00.0179 3100        USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip