| |
| |||||||
Log-Analyse und Auswertung: Firefox, Umleitungen und Internetstörungen.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
07.12.2012, 17:27
| #1 |
| |  Firefox, Umleitungen und Internetstörungen. Hallo liebe Leute^^ Ich habe folgendes Problem: Seit Heute (etwa 14:30) leitet Firefox jede Webseite die ich öffne auf diese Adresse um: Code:
ATTFilter hxxp://go.timedirect.ru/?id=49983&go=1000000&close=1000000&hash=5fef3eff51dc719c4a9f565a742d78f2&domain=%ED%E5+%EE%EF%F0%E5%E4%E5%EB%E5%ED&rref=&adult=
Ausserdem streikt in unbestimmten Abständen das Internet. Obwohl meine Netzwerkinformationen angeben, dass ich Internetzugriff habe, kann ich mich weder in ein Online-Spiel, noch in Programme mit Internet einloggen oder eine Webseite öffnen (Fehler beim laden der Seite). Ich habe bisher jedesmal das Modem resettet und nach ein paar Minuten geht es dann wieder eine Weile (ich denke nicht, dass es an dem reset liegt). Ob diese 2 Probleme aber zusammenhängen weiß ich nicht. Fakten: - Irgendwas leitet sämtliche Seiten (ausser Google) die ich probiert habe auf oben genannte Adresse um. - Wenn ich in Firefox die Option "JavaScript aktivieren" deaktiviere, wird nichts mehr umgeleitet. Das Problem mit dem Internet bleibt allerdings. - Ich habe Antivir komplett durchlaufen lassen aber nichts diesbezüglich gefunden. - Falls das ein Problem speziell mit Java sein sollte hier ein paar Fakten zu Java: - Ich habe sowohl x32 als auch x64 Java installiert. - Java liegt nicht auf der gleichen Partition wie das System. - Ich habe in diesem Thread jemanden gefunden der vielleicht das gleiche Problem hatte wie ich: http://www.trojaner-board.de/122281-...-redirect.html habe jedoch die Finger von seiner Lösung gelassen, da in diesem Thread darauf hingewiesen wurde, dass die Schritte die er ausführen musste teilweise nur für ihn zugeschnitten sind und mich dafür entschieden lieber einen eigenen Thread zu eröffnen. Hier der Log von Antivir Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 7. Dezember 2012 15:10
Es wird nach 4497555 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Daniel
Computername : OMEGA
Versionsinformationen:
BUILD.DAT : 12.1.9.1236 40872 Bytes 11.10.2012 15:29:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 14.11.2012 16:32:32
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 17:22:18
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 17:22:19
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 17:22:19
AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 17:22:09
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 17:42:46
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 18:21:02
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 17:25:20
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 22:46:02
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 11:20:17
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 16:38:22
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 16:38:22
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 16:38:22
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 16:38:22
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 16:38:22
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 16:38:22
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 16:38:22
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 16:38:17
VBASE015.VDF : 7.11.51.95 140288 Bytes 26.11.2012 16:38:19
VBASE016.VDF : 7.11.51.221 164352 Bytes 29.11.2012 16:38:22
VBASE017.VDF : 7.11.52.29 158208 Bytes 01.12.2012 16:38:23
VBASE018.VDF : 7.11.52.91 116736 Bytes 03.12.2012 16:38:36
VBASE019.VDF : 7.11.52.151 137728 Bytes 05.12.2012 16:38:17
VBASE020.VDF : 7.11.52.152 2048 Bytes 05.12.2012 16:38:17
VBASE021.VDF : 7.11.52.153 2048 Bytes 05.12.2012 16:38:18
VBASE022.VDF : 7.11.52.154 2048 Bytes 05.12.2012 16:38:18
VBASE023.VDF : 7.11.52.155 2048 Bytes 05.12.2012 16:38:18
VBASE024.VDF : 7.11.52.156 2048 Bytes 05.12.2012 16:38:18
VBASE025.VDF : 7.11.52.157 2048 Bytes 05.12.2012 16:38:18
VBASE026.VDF : 7.11.52.158 2048 Bytes 05.12.2012 16:38:18
VBASE027.VDF : 7.11.52.159 2048 Bytes 05.12.2012 16:38:18
VBASE028.VDF : 7.11.52.160 2048 Bytes 05.12.2012 16:38:18
VBASE029.VDF : 7.11.52.161 2048 Bytes 05.12.2012 16:38:18
VBASE030.VDF : 7.11.52.162 2048 Bytes 05.12.2012 16:38:18
VBASE031.VDF : 7.11.52.218 146944 Bytes 06.12.2012 16:39:00
Engineversion : 8.2.10.216
AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 22:46:30
AESCRIPT.DLL : 8.1.4.72 467323 Bytes 06.12.2012 16:39:03
AESCN.DLL : 8.1.9.4 131445 Bytes 15.11.2012 16:38:01
AESBX.DLL : 8.2.5.12 606578 Bytes 30.06.2012 22:46:05
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 14:01:50
AEPACK.DLL : 8.3.0.40 815479 Bytes 12.11.2012 14:30:12
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 14:01:43
AEHEUR.DLL : 8.1.4.160 5624184 Bytes 06.12.2012 16:39:03
AEHELP.DLL : 8.1.25.2 258423 Bytes 11.10.2012 13:00:09
AEGEN.DLL : 8.1.6.10 438646 Bytes 15.11.2012 16:37:59
AEEXP.DLL : 8.2.0.18 123253 Bytes 06.12.2012 16:39:03
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 22:46:29
AECORE.DLL : 8.1.29.2 201079 Bytes 07.11.2012 14:01:40
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 14:01:34
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 17:22:18
AVPREF.DLL : 12.3.0.32 50720 Bytes 14.11.2012 16:32:32
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 17:22:19
AVARKT.DLL : 12.3.0.33 209696 Bytes 14.11.2012 16:32:31
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 17:22:18
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 17:22:19
AVSMTP.DLL : 12.3.0.32 63480 Bytes 08.08.2012 22:47:32
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 17:22:19
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 08.08.2012 22:47:30
RCTEXT.DLL : 12.3.0.32 98848 Bytes 14.11.2012 16:32:31
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: löschen
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, F:, E:, I:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: aus
Archiv Smart Extensions...............: ein
Abweichende Archivtypen...............: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, +ISO 9660,
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +PCK,+PFS,
Beginn des Suchlaufs: Freitag, 7. Dezember 2012 15:10
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'F:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Versteckter Treiber
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DivXUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PlusService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSOSYNC.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DTLite.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'hamachi-2-ui.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CTAudSvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '1' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Windows\Sysnative\drivers\sptd.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Die Registry wurde durchsucht ( '2279' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Windows\System32\drivers\sptd.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Beginne mit der Suche in 'D:\'
D:\pagefile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
D:\Steam\SteamApps\common\terraria\dotNetFx40_Full_x86_x64.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'F:\'
Beginne mit der Suche in 'E:\'
Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'I:\'
Der zu durchsuchende Pfad I:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Ende des Suchlaufs: Freitag, 7. Dezember 2012 16:15
Benötigte Zeit: 1:05:17 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
52412 Verzeichnisse wurden überprüft
762294 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
3 Dateien konnten nicht durchsucht werden
762291 Dateien ohne Befall
5717 Archive wurden durchsucht
4 Warnungen
0 Hinweise
73 Objekte wurden beim Rootkitscan durchsucht
1 Versteckte Objekte wurden gefunden
Ich hoffe ihr könnt mir weiterhelfen^^ Gruß, Boleal Verzeiht mir bitte den Doppelpost aber ich habe eben erst von OTL und Malwarebytes gelesen, als meine Zeit für die Bearbeitung des ersten posts schon um war und möchte gerne noch die Logs posten, da ich vermutlich sowieso danach gefragt werden würde^^ Malwarebytes Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.07.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Daniel :: OMEGA [Administrator] Schutz: Aktiviert 07.12.2012 19:39:05 mbam-log-2012-12-07 (19-39-05).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 263181 Laufzeit: 2 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL.Txt: Code:
ATTFilter OTL logfile created on: 07.12.2012 19:45:05 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Daniel 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,01% Memory free 19,95 Gb Paging File | 16,50 Gb Available in Paging File | 82,73% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 12258 12258 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 110,64 Gb Total Space | 70,09 Gb Free Space | 63,35% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 60,72 Gb Free Space | 22,45% Space Free | Partition Type: NTFS Drive F: | 84,57 Gb Total Space | 76,67 Gb Free Space | 90,65% Space Free | Partition Type: NTFS Computer Name: OMEGA | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Daniel\OTL.exe (OldTimer Tools) PRC - D:\Firefox\firefox.exe (Mozilla Corporation) PRC - D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - D:\Malwarebytes\mbam.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamgui.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamscheduler.exe (Malwarebytes Corporation) PRC - D:\Messenger Plus! Live\PlusService.exe (Yuna Software) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) ========== Modules (No Company Name) ========== MOD - D:\Firefox\mozjs.dll () MOD - D:\XSplit\Cultures\swresample-0.dll () MOD - D:\XSplit\Cultures\avcodec-54.dll () MOD - D:\XSplit\Cultures\avformat-54.dll () MOD - D:\XSplit\Cultures\swscale-2.dll () MOD - D:\XSplit\Cultures\avutil-51.dll () MOD - D:\Messenger Plus! Live\Detour32.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation) SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Hamachi2Svc) -- D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (MBAMService) -- D:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- D:\Malwarebytes\mbamscheduler.exe (Malwarebytes Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (WRfiltv) -- C:\Windows\SysNative\drivers\WRfiltv.sys (Creative Technology Ltd.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (1394hub) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (WinRing0_1_2_0) -- D:\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 5F 89 75 89 39 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.autocompletepro.com/?si=10214&bi=400&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4pre.120724a FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Java64\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Java32\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\VLC Player\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.10 11:18:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 23:28:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Firefox\components [2012.12.01 16:22:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Firefox\plugins [2012.06.11 20:57:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.10 11:18:52 | 000,000,000 | ---D | M] [2010.08.11 21:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2012.12.07 19:41:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\i11rcq62.default\extensions [2012.12.07 19:41:23 | 000,035,624 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.24 03:35:56 | 000,737,058 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012.09.14 13:03:57 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011.12.29 23:28:18 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- D:\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java64\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java64\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java32\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java32\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE File not found O4:64bit: - HKLM..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PDFPrint] D:\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PlusService] D:\Messenger Plus! Live\PlusService.exe (Yuna Software) O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe" File not found O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Malwarebytes\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8F3F467-89CF-4830-86B5-15909E7E0E99}: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F09DF95A-9A95-4A08-A958-540542C2DBD4}: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4a193fc9-a5d2-11df-99eb-90e6ba1e8a94}\Shell - "" = AutoRun O33 - MountPoints2\{4a193fc9-a5d2-11df-99eb-90e6ba1e8a94}\Shell\AutoRun\command - "" = I:\startup.exe O33 - MountPoints2\{4a194004-a5d2-11df-99eb-90e6ba1e8a94}\Shell - "" = AutoRun O33 - MountPoints2\{4a194004-a5d2-11df-99eb-90e6ba1e8a94}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.07 19:37:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2012.12.07 19:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.07 19:37:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.11.29 15:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2012.11.29 03:18:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\SWTOR [2012.11.29 00:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2012.11.23 14:01:19 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.11.23 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.11.21 00:16:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Audacity [2012.11.20 11:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi [2012.11.19 19:42:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Razer [2012.11.19 19:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2012.11.19 19:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [2012.11.19 19:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2012.11.19 11:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2012.11.16 22:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2012.11.15 17:18:30 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.15 17:18:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.15 17:14:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.11.15 17:14:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.11.15 17:14:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.11.15 17:14:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.11.15 17:14:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.11.15 17:14:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.11.15 17:14:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.11.15 17:14:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.11.15 17:14:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.11.15 17:14:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.11.15 17:14:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.11.15 17:14:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.11.15 17:14:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.11.15 17:14:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.11.15 17:14:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.11.15 17:12:31 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.15 17:12:31 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.15 17:12:31 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.15 17:12:31 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.15 17:10:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.15 17:10:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.15 17:10:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.15 17:10:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll [2012.11.15 17:10:37 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll [2012.11.15 17:10:37 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll [2012.11.15 17:10:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll [2012.11.15 17:10:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll [2012.11.15 17:10:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll [2012.11.15 17:10:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe [2012.11.15 17:10:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe [2012.11.15 17:10:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll [2012.11.15 17:10:36 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll [2012.11.15 17:10:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll [2012.11.15 17:10:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll [2012.11.15 17:10:28 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.15 17:10:28 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.15 17:10:28 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.15 17:10:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.15 17:10:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.15 17:10:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.15 17:10:22 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.15 17:10:22 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.11.09 13:43:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{6CDD72E2-B1B3-47CB-BE59-6AA202C9246C} [2012.11.08 01:41:43 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{854D69FF-6018-4533-8B95-BE92C080E828} [2012.11.08 01:21:13 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.worldoflogs [2012.11.08 01:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.11.08 01:19:40 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.11.08 01:19:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.11.08 01:19:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.11.08 01:19:37 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.11.08 01:17:46 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.08 01:17:41 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.08 01:17:41 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.08 01:17:41 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.06 16:39:54 | 000,015,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.06 16:39:54 | 000,015,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.06 16:30:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.06 16:30:25 | 3213,402,112 | -HS- | M] () -- C:\hiberfil.sys [2012.12.04 19:58:54 | 000,000,600 | ---- | M] () -- C:\Users\Daniel\AppData\Local\PUTTY.RND [2012.12.04 19:58:26 | 000,000,600 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\winscp.rnd [2012.11.29 15:01:27 | 000,000,532 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2012.11.29 00:00:15 | 000,000,530 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.11.23 13:55:43 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | M] () -- C:\Users\Daniel\Desktop\Audacity.lnk [2012.11.20 11:15:51 | 000,000,532 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2012.11.20 01:19:03 | 001,881,714 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.20 01:19:03 | 000,801,320 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.20 01:19:03 | 000,739,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.20 01:19:03 | 000,187,524 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.20 01:19:03 | 000,152,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.19 19:41:42 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.11.19 17:56:15 | 000,000,626 | ---- | M] () -- C:\Users\Daniel\Desktop\Free YouTube Download.lnk [2012.11.19 11:53:17 | 000,000,680 | ---- | M] () -- C:\Users\Daniel\Desktop\Free YouTube to MP3 Converter.lnk [2012.11.16 22:31:45 | 000,000,833 | ---- | M] () -- C:\Windows\Windows - Verknüpfung.lnk [2012.11.15 17:32:32 | 000,434,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.12 11:29:23 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.12 11:29:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.11.08 01:19:33 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.11.08 01:19:33 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.11.08 01:19:33 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.11.08 01:19:33 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.11.08 01:19:33 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.11.08 01:19:33 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.11.08 01:17:38 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.11.08 01:17:38 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.11.08 01:17:38 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.08 01:17:38 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.08 01:17:38 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.08 01:17:38 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.29 15:01:27 | 000,000,532 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2012.11.29 00:00:15 | 000,000,530 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.11.23 13:55:40 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | C] () -- C:\Users\Daniel\Desktop\Audacity.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012.11.19 19:41:42 | 000,001,626 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.11.19 11:53:17 | 000,000,680 | ---- | C] () -- C:\Users\Daniel\Desktop\Free YouTube to MP3 Converter.lnk [2012.11.16 22:31:45 | 000,000,833 | ---- | C] () -- C:\Windows\Windows - Verknüpfung.lnk [2012.11.15 17:18:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.15 17:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.04.27 23:47:08 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.04.27 23:47:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.04.25 00:42:59 | 000,027,264 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\net.telestream.wirecast.xml [2012.03.21 02:47:19 | 000,000,600 | ---- | C] () -- C:\Users\Daniel\AppData\Local\PUTTY.RND [2012.03.20 21:52:00 | 000,000,600 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\winscp.rnd [2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2011.05.25 17:46:30 | 000,099,932 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.02.15 02:10:21 | 000,007,597 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2011.01.10 01:15:13 | 000,000,094 | ---- | C] () -- C:\Users\Daniel\AppData\Local\fusioncache.dat [2011.01.10 01:14:12 | 001,766,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.05 01:25:29 | 000,000,484 | RHS- | C] () -- C:\Users\Daniel\ntuser.pol ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 07.12.2012 19:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Daniel
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,01% Memory free
19,95 Gb Paging File | 16,50 Gb Available in Paging File | 82,73% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 12258 12258 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 110,64 Gb Total Space | 70,09 Gb Free Space | 63,35% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 60,72 Gb Free Space | 22,45% Space Free | Partition Type: NTFS
Drive F: | 84,57 Gb Total Space | 76,67 Gb Free Space | 90,65% Space Free | Partition Type: NTFS
Computer Name: OMEGA | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2348:TCP" = 2348:TCP:*:Enabled:Remote Assistance Local
"12163:TCP" = 12163:TCP:*:Enabled:Remote Assistance Remote
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BA85675-C4D7-45E8-98A2-D118908138FC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0CC7DCA3-D975-4CB2-BEDA-F346FE386BE6}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{1C311768-9A4B-4EA6-BB6A-9FA5C700F70F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1D6AACE0-7DBB-4895-86F4-993165EE1D83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2647B604-246E-4F79-ABDF-012E89DFCE52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2779F6AB-325A-495D-95C3-DBCB1471E40C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{291B3B3D-A148-4165-B1CC-BC83A8F91092}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{29C4E386-F32C-4FB1-9AA7-08603EA078E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{2A13988D-E874-403C-A1CF-FEDAFCAEE73F}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{2BF60ADF-BD5F-4DF0-B38F-13B2805516BC}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{2ED9A9DC-CEE8-443F-9DD8-D65428F62188}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3122395C-CC61-4A72-82C0-DC22999F9D86}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{33F04DCB-3A50-4035-8961-2AF0BE92BF71}" = rport=138 | protocol=17 | dir=out | app=system |
"{37068FB8-8A7D-4356-B84F-14FD3486E124}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3B5D83F4-6BF2-48FD-ABDA-94CEEA31C2A2}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{4479856C-0F4E-4D63-8629-A71E4132DAEB}" = lport=137 | protocol=17 | dir=in | app=system |
"{46A00935-7094-4FF3-A4CB-B8EEE104CC1E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50487C7F-FEB6-47F2-8277-A90B9050F11F}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{507C6D76-F07F-45AD-A0B3-263E5F50CE5B}" = lport=49188 | protocol=6 | dir=in | name=akamai netsession interface |
"{5316A456-B7F4-4EF0-B73A-5714FB447F7E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{555A2C62-87CD-4871-9A27-302BA72AA34E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{5CF649AE-B181-40AB-9D0F-78F9B47FD52B}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{6BBD69FF-B326-432A-AE0E-2F07DD30CCE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CEACD0A-ED12-4F01-A794-B7B2E3D7CE82}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6D37ED22-54FF-4641-8390-6D313FC721BF}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher |
"{7B04A4CD-7725-4B1D-AB18-6AC697ECF6EB}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{80E2022A-75A0-4D5E-A686-C1755FBF726C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8948A36B-742F-4A25-8209-6A04321D7474}" = rport=137 | protocol=17 | dir=out | app=system |
"{8DDC334F-5594-4BCC-906B-64479A3902CC}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher |
"{908F9F5B-0828-44FB-8F2E-4B844B3B8C45}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{920232A8-FFD1-4D5A-A5AE-999E0817E4E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{92C58E56-43E4-48B0-B8B3-182CEFE33E2A}" = lport=6939 | protocol=6 | dir=in | name=league of legends launcher |
"{94227FF5-A35E-40C9-BCDA-E4EA973804D9}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher |
"{A8FDDFE7-2E35-4C35-9121-78B44EE5D3D1}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher |
"{ABB17169-9007-4A36-845D-E51B8A7A9C12}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC5A44D9-33C6-432E-AB2D-B63D962B2FA3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B1056114-D7E6-47E6-B72B-A1BBE2ECE289}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6466736-C763-4EE6-AF9E-9EAF250A2901}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCF22E97-19AA-4D0B-BE7B-4712C5B42517}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C7DB06E4-D7EE-4F5F-A52D-B76457BFBF68}" = lport=139 | protocol=6 | dir=in | app=system |
"{C94D95C7-0FF4-4F3E-BB6F-8F023E0CA3A3}" = lport=6939 | protocol=17 | dir=in | name=league of legends launcher |
"{C98720E8-10E9-4DDA-B9FA-E1AFEB53C6C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDF7E988-6B7C-46D7-B1E5-9A52A323D5B2}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{D244995C-B303-4C9B-971D-D577FDA21327}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4DAE12E-9F05-45BB-8A65-57A1F462D901}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{DC11FBB3-FF5F-48E3-9DFB-263765870646}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E35262B5-7A2A-4717-B326-3C92ED5D0D3E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5E00C1F-7F73-4491-9EDE-F386D17461D1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F5DAB5E3-875B-4675-8314-A29CFC4FFD45}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7CF63DD-A9B6-40FD-B338-13A6EE0897B0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8BBEEF1-453B-4E30-9CF1-FC57F2F2FB8D}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{FAD59611-AC29-467D-9EB2-9397A6B33ADE}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{FB155CB0-A3C1-470F-9DBE-3EBD8FE81D1D}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{FC49037C-ACAB-478F-8905-308B9AA5F0E5}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B81AE9-2DDE-486C-8A6C-3084ED0EA9BE}" = protocol=6 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{00C82591-B2FB-4ACE-8710-7F3C87824987}" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"{06B2B3F2-76E5-4917-839C-FC3EF93A7877}" = protocol=58 | dir=in | app=system |
"{09B98E11-0A03-4AAE-A2C4-F476BF3283B1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0A33E404-36D2-4A9E-9AEA-78F91AD8E565}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B7905CF-8759-4EE8-8468-025EBFD09975}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{14CDA463-5BAD-41AE-B8B9-D2C2F12466A2}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{158C2858-CAED-4C56-80E8-25082065E5E2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{207C592B-A65E-4CD0-8EFD-9DE21F9AC35B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{20CC9500-6C6D-4FAD-9AA4-2332FF20B448}" = protocol=6 | dir=in | app=d:\ff14\squareenix\final fantasy xiv\ffxivboot.exe |
"{242656C5-E125-43DE-AC3A-11D64FD1AFAE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{24685AA1-5581-4137-BE0F-06276A2A3CA0}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{25344E81-8F5F-43CB-9948-05AAB3FB317A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{27AD8AFE-B54F-4577-8115-A154B4F05490}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{280E919D-C52E-45C7-B3E7-5184D035B989}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{28FA7956-D7AC-4DD3-AA95-105C1A79D93D}" = protocol=17 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{29448AF4-F1F2-4687-8F46-9539639776F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike\hl.exe |
"{2C898769-1858-4F36-BCCA-27DE823E9328}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{2CB9E809-7D77-45F8-B250-E21B1C03E1E2}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{2D7DA1CB-DDAB-4C54-AD1A-197437F17B92}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{2F88AA94-B580-485D-9F6A-249D8E15A9CE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magicka\magicka.exe |
"{2FB9EF73-8E80-4A7B-A2C8-CB63A13C2B64}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{363BAE9A-ED63-41DE-8691-3BEB2325A661}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{389BBD7D-2CDF-421E-89D9-ED9E17B44072}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B8B264A-33B5-4C18-975B-EE78DE879307}" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{3BBB80E2-F734-48DB-8C40-DADEED1E4E48}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{40F2B205-37DD-45A7-8EA3-F544EBA7E3AD}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{418DAE0A-B465-423B-931E-D52389649F13}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{437C69D3-2A0E-4EBB-A7FA-CB554BACA353}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{460AA5E4-4EFD-4D8B-8649-5AD5A715AFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{47712B32-655E-4154-AFC3-F6468DD9BC86}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{47C77F3B-1D1E-40FD-8AB8-346D3E30170E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CA09633-3261-46FE-A73D-DEF44872BBA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4DFC394F-06CE-446F-97F9-F365FF824AAA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{52FFDDB4-6443-46F8-A50B-F88031505ACD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{54507D3F-65F4-46D3-BAE6-19136F7D5379}" = protocol=6 | dir=in | app=d:\league of legends\lol.launcher.exe |
"{57BF04B1-E64B-4216-89D9-B6325A2FEDCA}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{59A315AD-6A8D-4E9A-9EEE-025C3867F956}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59B46779-897B-4411-B285-A8AC1C2617E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B7E2F16-7293-42CB-91FE-783CC24EB5FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5DA24D4C-8DFB-423B-BC2B-E5A849EE5C14}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{70131628-4F37-4161-81FE-D26E5FEA3672}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{70B94AFF-2D48-4FC3-B39B-58402400A1E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{721B197D-7AC6-48C2-9C1A-42307DE3EE7B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7408E49E-B8AE-471F-93D1-A22D2D4069C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magicka\magicka.exe |
"{76314F73-C892-4178-B782-06639B6D1BC5}" = protocol=17 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{78E91BED-720D-42C4-972E-02A583416AFF}" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{7929D5F5-7333-4BB2-B3FB-2BD5A6906B7E}" = protocol=6 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"{7962AEA0-3176-4FD8-BBCB-BE2A0295B908}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BCADAE3-0C53-4DF2-8D19-90E1A3D5E7A9}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{7C996479-A03C-421B-9B30-BF044DA051AA}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8122E0BE-4D50-4E21-A467-C982FB14A7EA}" = protocol=6 | dir=in | app=d:\swtor\launcher.exe |
"{815E3C1B-3216-47A1-A982-057BEB0F8377}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{83AA9437-6D10-453A-853A-8C2AFAD242CA}" = protocol=17 | dir=in | app=d:\swtor\launcher.exe |
"{83BAD8B0-9BDE-452D-81C5-91D9152E463D}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{861E24D1-5D97-4065-B73F-D0B6361D364E}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{8DE834F1-BDE1-4A1D-8111-82EA8B708336}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0F6C14-26D9-4D2F-92AB-0A3AAF466EC0}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\local\apps\2.0\86p2pjto.49x\p59g20he.pqx\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{8E75FE85-9EA8-46F5-8CE1-B40849A0EA7B}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8F82BB43-A286-45A8-A530-667362660D6E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{8FBB5F84-AD7C-4F4A-BF70-BBF688816D70}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{9617EE7E-6D5B-477D-8494-2F60DAAAE3F9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{969E4652-9AFD-4B71-B83C-5A2F10709D01}" = protocol=17 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"{96F5ABBF-7301-4A0A-9CAC-D03556A60575}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"{9B096FD4-4A75-4329-B8B5-BD6B082F8058}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9C2EF51A-7138-48C0-BC79-CCC29C331DCB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E4EE8B7-5FE7-429D-A24B-6AE41D581B5F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{9FC83379-4808-4702-A1C5-6BF9F035482C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{A149F9FC-3B41-4E82-975C-D8480DBEC91C}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{A41B84C3-9D7F-4F4C-A80A-D52C2F52C5AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A61AF2B6-0ACE-4EB7-A265-519BE8F02CBD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{AAF616AB-3258-4B0B-B13B-7C444DD65228}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\local\akamai\netsession_win.exe |
"{AEA8EE92-FAF5-4625-B626-34765E5FC5CD}" = protocol=6 | dir=in | app=d:\swtor\launcher.exe |
"{AFE6E651-39FB-42C9-A951-075B353B91F5}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\local\apps\2.0\86p2pjto.49x\p59g20he.pqx\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{B3FD8C89-A520-46E4-9482-38747389C444}" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{BA56FD1A-6B55-436D-8F07-AA5226B9F4BB}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"{BB082149-5384-402F-A5F0-153429ADC3B6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{BB4A5469-56F0-4442-92A1-D51966AA019F}" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
"{BBA333A3-088F-4531-B977-0BE9CDF54EDE}" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{BE374FBD-201F-43BE-8A95-D978A1B148A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C087E23A-F56C-465D-AF9F-BE19E6167608}" = protocol=17 | dir=in | app=d:\dragon nest\dragonnest.exe |
"{C0DAA1A7-276F-4A03-AC70-9E44384B3831}" = protocol=6 | dir=in | app=d:\dragon nest\dragonnest.exe |
"{C1AEA930-8AC9-4391-971E-8C11302F6D82}" = protocol=6 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{C1BD6C82-3881-4B6F-8DAE-5683A7055AD1}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\local\akamai\netsession_win.exe |
"{C3A2B0FB-993D-49DC-8DF8-9418FD282572}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3F7C2AC-91C3-4F83-BDDA-94079AD0D697}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{C6CEF7A5-0E91-4DF9-9F1B-D3F4915E902E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C7AEE773-FCED-40CB-877B-145D0EC1EB7C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CF660575-4EA4-4A22-BAC9-FBDC8D8D910F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{CF9CF928-C3A0-4177-BE7E-D625ECCCB25A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{D0450D7E-3F70-4729-B9C6-8C38477A560D}" = protocol=6 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike source\hl2.exe |
"{D0DB9684-F755-48EE-BF2A-90F1E8098203}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{D153E2C7-8189-4177-B53C-0CD8661B5C1A}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{D6CA6D61-C6EB-4507-83A4-46225400D44B}" = protocol=17 | dir=in | app=d:\league of legends\lol.launcher.exe |
"{D7E0E58C-3EF3-42A2-B5D4-B45183970E01}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D84E7D49-3997-4987-8B11-BEC3F639C368}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D8AA5C5C-AF1E-4F1B-981F-545851A63F90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D9524492-ECAA-412A-987F-3E1E4653AA35}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC880B4E-97EA-4C9A-A531-2E52342CD0D8}" = protocol=17 | dir=in | app=d:\swtor\launcher.exe |
"{DF2207C6-1A60-45E8-9F41-816D318DAC45}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{E0C9609B-755F-45E7-8AAF-4237EFF0549D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe |
"{E8E800E6-EB9C-415E-9EFE-D3AFAD395D9E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EC3CE8B6-6ED0-4D9D-8179-55565AEEC172}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC812715-0A2B-42DC-80F1-98D89DF3D0C1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe |
"{EE258E7F-8404-4E41-B3BF-E101A7246C7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EFF78B35-A817-4B78-8C2D-70853EB5C0D5}" = protocol=17 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike source\hl2.exe |
"{F2B91EE5-72F3-45F7-8DF2-FDE0E35B5271}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{F3461369-DC4A-4155-9741-FBC4E68FC9B2}" = protocol=17 | dir=in | app=d:\ff14\squareenix\final fantasy xiv\ffxivboot.exe |
"{F398E91E-5D9B-4696-BE73-19E2714C80CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike\hl.exe |
"{F5E6069B-22D6-42C8-A97D-36BD4BCD846C}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{F67A997F-EFD7-4C5F-A1E3-11E268FBC378}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F78FDBD4-8C30-4AF7-8291-A56EB3C23A01}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{FD4679EF-6F0C-4D32-A4ED-8FBABDBBBAA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FF0A0680-1D1D-49D1-B777-A08D972A39FD}" = protocol=6 | dir=out | app=system |
"TCP Query User{17C8F416-3260-409C-A46D-4F8A9F320C26}D:\java\bin\java.exe" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"TCP Query User{2A8FC19E-B318-4DE9-9E42-7E563F553C2B}F:\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=f:\dc universe online live\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{3D81D930-DB3D-46EF-A89C-DF01BCE26D4C}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{4444A59C-FD41-4892-BB74-7C590B06FD10}F:\star wars the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=f:\star wars the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{997AA031-6AFA-4620-A1AB-631D5BC01F16}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{CA5F7B8A-E8A3-4F7D-9267-AFC647D23A7A}D:\java\bin\javaw.exe" = protocol=6 | dir=in | app=d:\java\bin\javaw.exe |
"TCP Query User{F3BD8FBF-6BCE-4F7A-872F-43ABDD07601A}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{119780BF-06BE-4416-B875-AB2A527EF5B0}F:\star wars the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=f:\star wars the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{425B978B-BD4E-4BBC-B5EE-ACB01942D4C4}D:\java\bin\javaw.exe" = protocol=17 | dir=in | app=d:\java\bin\javaw.exe |
"UDP Query User{58CC67FC-D153-437D-A213-AC55FDD5FE57}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{84A583FE-3BE0-494F-81C0-71A02F626865}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{9D264B53-8BFC-4090-A721-911956757C4B}D:\java\bin\java.exe" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
"UDP Query User{A9D8EA52-B153-4E3D-BABA-F4B25C57883A}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{E310657D-7B40-4679-B831-3DA20801B6B1}F:\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=f:\dc universe online live\unreal3\binaries\win32\dcgame.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F42AB02-6626-45DE-AA69-E141FDB82CDF}" = Vegas Pro 9.0 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}" = PDF-XChange Viewer
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0429B343-D023-4524-89BC-0478E0D9E3C3}" = Sound Blaster World of Warcraft Headset
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 vibration driver version 0.100
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{55725CAB-ED4D-4169-A22E-20249EFCF2B5}" = Ragnarok_Europe
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{70184743-6B98-4DEA-A847-9B8B3F6F56ED}" = XSplit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.6.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BitTorrent" = BitTorrent
"CraftBukkit" = CraftBukkit
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"jdownloader09" = JDownloader 0.9
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Messenger Plus!" = Messenger Plus! 6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"ScummVM_is1" = ScummVM 1.0.0
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 42910" = Magicka
"Steam App 570" = Dota 2
"Steam App 57300" = Amnesia: The Dark Descent
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.3.7
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"GameRanger" = GameRanger
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.06.2012 19:24:21 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll,
Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x000ccb60 ID des fehlerhaften Prozesses: 0x1544 Startzeit der fehlerhaften Anwendung:
0x01cd4da96aef7fd4 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
Berichtskennung:
bb2335c3-b99c-11e1-8357-90e6ba1e8a94
Error - 19.06.2012 20:00:55 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x794 Startzeit der fehlerhaften Anwendung: 0x01cd4e57c97bc5ca Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 01262a5f-ba6b-11e1-9fdd-90e6ba1e8a94
Error - 20.06.2012 18:46:11 | Computer Name = Omega | Source = Application Hang | ID = 1002
Description = Programm LolClient.exe, Version 2.0.2.12610 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 162c Startzeit: 01cd4f325560ef6a Endzeit: 3 Anwendungspfad: D:\League
of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Berichts-ID:
b90ba466-bb29-11e1-9728-90e6ba1e8a94
Error - 21.06.2012 09:01:13 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x1124 Startzeit der fehlerhaften Anwendung: 0x01cd4fa6afa5cd7d Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 2dc59b84-bba1-11e1-a879-90e6ba1e8a94
Error - 21.06.2012 13:21:50 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.06.2012 19:17:41 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x568 Startzeit der fehlerhaften Anwendung: 0x01cd4fe056de3317 Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 4bfbb0bf-bbf7-11e1-a879-90e6ba1e8a94
Error - 21.06.2012 21:49:57 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 0.0.0.0,
Zeitstempel: 0x49d43eaf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x5c0 Startzeit der fehlerhaften Anwendung: 0x01cd4f9f6bb41aee Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 91bca406-bc0c-11e1-a879-90e6ba1e8a94
Error - 24.06.2012 08:50:12 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.06.2012 07:34:30 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.06.2012 08:55:02 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 21.10.2010 09:13:46 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 15:13:46 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 27.03.2011 10:00:23 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 16:00:23 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 27.03.2011 10:02:24 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 16:02:00 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
[ System Events ]
Error - 07.12.2012 10:48:17 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:21 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:23 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:55 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:59 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:05 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:15 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:16 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:19 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:51:35 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
< End of report >
Danke im Voraus^^ |
|
08.12.2012, 13:17
| #2 |
| /// TB-Ausbilder   | Firefox, Umleitungen und Internetstörungen. Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Die Umleitungen betreffen nur Firefox? Wie sieht es mit dem IE aus? Schritt 1 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Schritt 2 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt 3 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
08.12.2012, 13:54
| #3 |
| | Firefox, Umleitungen und Internetstörungen. Hi Matthias,
__________________danke für die Hilfe^^ Ich habe soweit alle Schritte erfolgreich abgeschlossen. Deine Frage: Die Umleitungen betreffen nur Firefox? Wie sieht es mit dem IE aus? Das kann ich dir jetzt nicht mehr beantworten. Seit ich gestern den Log mit Malwarebytes erstellt habe (in etwa diese Zeit, keine Ahnung ob es damit zusammenhängt), leitet er mich nicht mehr um, nirgendwo. Jedoch sind noch einige Internetdienste eingeschränkt oder ganz blockiert. z.B kann ich keine Youtube Videos mehr hoch laden, was vor den Problemen gestern noch wunderbar funktioniert hat (Upload wird gestartet... ohne jemals zu starten). Sonst habe ich bisher nichts auf eigene Faust unternommen. Zu den Punkten: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:32 on 08/12/2012 (Daniel)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-08 13:39:43
-----------------------------
13:39:43.555 OS Version: Windows x64 6.1.7601 Service Pack 1
13:39:43.555 Number of processors: 8 586 0x1E05
13:39:43.555 ComputerName: OMEGA UserName:
13:39:44.226 Initialize success
13:39:51.107 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
13:39:51.107 Disk 0 Vendor: WDC_WD5001AALS-00LWTA0 01.01V01 Size: 476940MB BusType: 3
13:39:51.123 Disk 0 MBR read successfully
13:39:51.123 Disk 0 MBR scan
13:39:51.123 Disk 0 Windows 7 default MBR code
13:39:51.123 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:39:51.123 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 113295 MB offset 206848
13:39:51.138 Disk 0 Partition - 00 0F Extended LBA 86605 MB offset 232235008
13:39:51.138 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 276938 MB offset 409602048
13:39:51.170 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 86604 MB offset 232237056
13:39:51.185 Disk 0 scanning C:\Windows\system32\drivers
13:39:56.177 Service scanning
13:40:08.954 Modules scanning
13:40:08.954 Disk 0 trace - called modules:
13:40:08.969 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
13:40:08.985 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dd1790]
13:40:08.985 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8004bd1520]
13:40:08.985 5 ACPI.sys[fffff88000d5e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004bcd680]
13:40:09.000 Scan finished successfully
13:40:18.470 Disk 0 MBR has been saved successfully to "C:\Users\Daniel\Desktop\MBR.dat"
13:40:18.470 The log file has been saved successfully to "C:\Users\Daniel\Desktop\aswMBR.txt"
Code:
ATTFilter 13:42:08.0297 4000 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:42:08.0468 4000 ============================================================
13:42:08.0468 4000 Current date / time: 2012/12/08 13:42:08.0468
13:42:08.0468 4000 SystemInfo:
13:42:08.0468 4000
13:42:08.0468 4000 OS Version: 6.1.7601 ServicePack: 1.0
13:42:08.0468 4000 Product type: Workstation
13:42:08.0468 4000 ComputerName: OMEGA
13:42:08.0468 4000 UserName: Daniel
13:42:08.0468 4000 Windows directory: C:\Windows
13:42:08.0468 4000 System windows directory: C:\Windows
13:42:08.0468 4000 Running under WOW64
13:42:08.0468 4000 Processor architecture: Intel x64
13:42:08.0468 4000 Number of processors: 8
13:42:08.0468 4000 Page size: 0x1000
13:42:08.0468 4000 Boot type: Normal boot
13:42:08.0468 4000 ============================================================
13:42:09.0233 4000 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:09.0233 4000 ============================================================
13:42:09.0233 4000 \Device\Harddisk0\DR0:
13:42:09.0233 4000 MBR partitions:
13:42:09.0233 4000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:09.0233 4000 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDD47800
13:42:09.0248 4000 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xDD7A800, BlocksNum 0xA926000
13:42:09.0248 4000 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x21CE5000
13:42:09.0248 4000 ============================================================
13:42:09.0280 4000 C: <-> \Device\Harddisk0\DR0\Partition2
13:42:09.0311 4000 D: <-> \Device\Harddisk0\DR0\Partition4
13:42:09.0342 4000 F: <-> \Device\Harddisk0\DR0\Partition3
13:42:09.0342 4000 ============================================================
13:42:09.0342 4000 Initialize success
13:42:09.0342 4000 ============================================================
13:42:35.0035 4720 ============================================================
13:42:35.0035 4720 Scan started
13:42:35.0035 4720 Mode: Manual;
13:42:35.0035 4720 ============================================================
13:42:35.0534 4720 ================ Scan system memory ========================
13:42:35.0534 4720 System memory - ok
13:42:35.0550 4720 ================ Scan services =============================
13:42:35.0644 4720 1394hub - ok
13:42:35.0675 4720 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:42:35.0675 4720 1394ohci - ok
13:42:35.0690 4720 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:42:35.0690 4720 ACPI - ok
13:42:35.0722 4720 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:42:35.0722 4720 AcpiPmi - ok
13:42:35.0737 4720 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:42:35.0737 4720 adp94xx - ok
13:42:35.0753 4720 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:42:35.0753 4720 adpahci - ok
13:42:35.0768 4720 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:42:35.0768 4720 adpu320 - ok
13:42:35.0800 4720 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:42:35.0800 4720 AeLookupSvc - ok
13:42:35.0831 4720 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:42:35.0831 4720 AFD - ok
13:42:35.0862 4720 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:42:35.0862 4720 agp440 - ok
13:42:35.0862 4720 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:42:35.0862 4720 ALG - ok
13:42:35.0878 4720 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:42:35.0878 4720 aliide - ok
13:42:35.0878 4720 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:42:35.0878 4720 amdide - ok
13:42:35.0893 4720 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:42:35.0893 4720 AmdK8 - ok
13:42:35.0909 4720 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:42:35.0909 4720 AmdPPM - ok
13:42:35.0924 4720 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:42:35.0924 4720 amdsata - ok
13:42:35.0940 4720 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:42:35.0940 4720 amdsbs - ok
13:42:35.0956 4720 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:42:35.0956 4720 amdxata - ok
13:42:36.0018 4720 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:42:36.0018 4720 AntiVirSchedulerService - ok
13:42:36.0049 4720 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:42:36.0049 4720 AntiVirService - ok
13:42:36.0096 4720 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
13:42:36.0096 4720 AppHostSvc - ok
13:42:36.0127 4720 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:42:36.0127 4720 AppID - ok
13:42:36.0158 4720 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:42:36.0158 4720 AppIDSvc - ok
13:42:36.0190 4720 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:42:36.0190 4720 Appinfo - ok
13:42:36.0221 4720 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:42:36.0221 4720 AppMgmt - ok
13:42:36.0221 4720 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:42:36.0221 4720 arc - ok
13:42:36.0236 4720 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:42:36.0236 4720 arcsas - ok
13:42:36.0283 4720 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
13:42:36.0283 4720 AsIO - ok
13:42:36.0361 4720 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:36.0377 4720 aspnet_state - ok
13:42:36.0377 4720 AsSysCtrlService - ok
13:42:36.0377 4720 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:36.0377 4720 AsyncMac - ok
13:42:36.0408 4720 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:42:36.0408 4720 atapi - ok
13:42:36.0424 4720 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:36.0439 4720 AudioEndpointBuilder - ok
13:42:36.0439 4720 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:42:36.0439 4720 AudioSrv - ok
13:42:36.0486 4720 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:42:36.0486 4720 avgntflt - ok
13:42:36.0517 4720 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:42:36.0517 4720 avipbb - ok
13:42:36.0548 4720 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:42:36.0548 4720 avkmgr - ok
13:42:36.0564 4720 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:42:36.0580 4720 AxInstSV - ok
13:42:36.0595 4720 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:42:36.0595 4720 b06bdrv - ok
13:42:36.0626 4720 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:36.0626 4720 b57nd60a - ok
13:42:36.0642 4720 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:42:36.0642 4720 BDESVC - ok
13:42:36.0658 4720 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:42:36.0658 4720 Beep - ok
13:42:36.0704 4720 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:42:36.0704 4720 BFE - ok
13:42:36.0736 4720 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:42:36.0751 4720 BITS - ok
13:42:36.0767 4720 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:36.0767 4720 blbdrive - ok
13:42:36.0782 4720 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:42:36.0782 4720 bowser - ok
13:42:36.0798 4720 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:42:36.0798 4720 BrFiltLo - ok
13:42:36.0814 4720 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:42:36.0814 4720 BrFiltUp - ok
13:42:36.0829 4720 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:42:36.0829 4720 Browser - ok
13:42:36.0845 4720 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:42:36.0845 4720 Brserid - ok
13:42:36.0860 4720 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:36.0860 4720 BrSerWdm - ok
13:42:36.0860 4720 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:36.0860 4720 BrUsbMdm - ok
13:42:36.0860 4720 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:36.0860 4720 BrUsbSer - ok
13:42:36.0876 4720 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:42:36.0876 4720 BTHMODEM - ok
13:42:36.0892 4720 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:42:36.0892 4720 bthserv - ok
13:42:36.0892 4720 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:42:36.0892 4720 cdfs - ok
13:42:36.0923 4720 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:42:36.0923 4720 cdrom - ok
13:42:36.0938 4720 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:42:36.0938 4720 CertPropSvc - ok
13:42:36.0938 4720 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:42:36.0938 4720 circlass - ok
13:42:36.0970 4720 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:42:36.0970 4720 CLFS - ok
13:42:37.0001 4720 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:37.0001 4720 clr_optimization_v2.0.50727_32 - ok
13:42:37.0032 4720 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:37.0032 4720 clr_optimization_v2.0.50727_64 - ok
13:42:37.0063 4720 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:37.0079 4720 clr_optimization_v4.0.30319_32 - ok
13:42:37.0094 4720 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:37.0094 4720 clr_optimization_v4.0.30319_64 - ok
13:42:37.0094 4720 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:42:37.0094 4720 CmBatt - ok
13:42:37.0110 4720 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:42:37.0110 4720 cmdide - ok
13:42:37.0141 4720 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
13:42:37.0141 4720 CNG - ok
13:42:37.0157 4720 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:42:37.0157 4720 Compbatt - ok
13:42:37.0172 4720 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:42:37.0172 4720 CompositeBus - ok
13:42:37.0188 4720 COMSysApp - ok
13:42:37.0188 4720 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:42:37.0188 4720 crcdisk - ok
13:42:37.0219 4720 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
13:42:37.0219 4720 Creative ALchemy AL6 Licensing Service - ok
13:42:37.0250 4720 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
13:42:37.0250 4720 Creative Audio Engine Licensing Service - ok
13:42:37.0266 4720 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:42:37.0282 4720 CryptSvc - ok
13:42:37.0297 4720 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:42:37.0297 4720 CSC - ok
13:42:37.0328 4720 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:42:37.0328 4720 CscService - ok
13:42:37.0375 4720 [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
13:42:37.0375 4720 CTAudSvcService - ok
13:42:37.0406 4720 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:42:37.0406 4720 DcomLaunch - ok
13:42:37.0438 4720 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:42:37.0438 4720 defragsvc - ok
13:42:37.0469 4720 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:42:37.0469 4720 DfsC - ok
13:42:37.0500 4720 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:42:37.0500 4720 Dhcp - ok
13:42:37.0500 4720 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:42:37.0516 4720 discache - ok
13:42:37.0531 4720 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:42:37.0531 4720 Disk - ok
13:42:37.0562 4720 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:42:37.0562 4720 Dnscache - ok
13:42:37.0578 4720 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:42:37.0594 4720 dot3svc - ok
13:42:37.0625 4720 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:42:37.0625 4720 Dot4 - ok
13:42:37.0656 4720 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
13:42:37.0656 4720 Dot4Print - ok
13:42:37.0672 4720 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:42:37.0672 4720 dot4usb - ok
13:42:37.0687 4720 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:42:37.0687 4720 DPS - ok
13:42:37.0703 4720 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:42:37.0703 4720 drmkaud - ok
13:42:37.0734 4720 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:42:37.0750 4720 DXGKrnl - ok
13:42:37.0765 4720 EagleX64 - ok
13:42:37.0765 4720 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:42:37.0765 4720 EapHost - ok
13:42:37.0828 4720 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:42:37.0859 4720 ebdrv - ok
13:42:37.0890 4720 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:42:37.0890 4720 EFS - ok
13:42:37.0921 4720 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:42:37.0921 4720 ehRecvr - ok
13:42:37.0937 4720 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:42:37.0937 4720 ehSched - ok
13:42:37.0952 4720 EIO64 - ok
13:42:37.0984 4720 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:42:37.0984 4720 elxstor - ok
13:42:38.0015 4720 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:42:38.0015 4720 ErrDev - ok
13:42:38.0030 4720 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:42:38.0030 4720 EventSystem - ok
13:42:38.0046 4720 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:42:38.0046 4720 exfat - ok
13:42:38.0062 4720 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:42:38.0062 4720 fastfat - ok
13:42:38.0093 4720 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:42:38.0093 4720 Fax - ok
13:42:38.0108 4720 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:42:38.0108 4720 fdc - ok
13:42:38.0124 4720 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:42:38.0124 4720 fdPHost - ok
13:42:38.0124 4720 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:42:38.0124 4720 FDResPub - ok
13:42:38.0140 4720 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:42:38.0140 4720 FileInfo - ok
13:42:38.0140 4720 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:42:38.0140 4720 Filetrace - ok
13:42:38.0155 4720 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:42:38.0155 4720 flpydisk - ok
13:42:38.0171 4720 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:42:38.0171 4720 FltMgr - ok
13:42:38.0202 4720 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:42:38.0218 4720 FontCache - ok
13:42:38.0249 4720 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:38.0249 4720 FontCache3.0.0.0 - ok
13:42:38.0264 4720 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:42:38.0264 4720 FsDepends - ok
13:42:38.0280 4720 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:42:38.0280 4720 Fs_Rec - ok
13:42:38.0296 4720 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:42:38.0296 4720 fvevol - ok
13:42:38.0311 4720 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:42:38.0311 4720 gagp30kx - ok
13:42:38.0342 4720 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:42:38.0342 4720 gpsvc - ok
13:42:38.0374 4720 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
13:42:38.0374 4720 hamachi - ok
13:42:38.0420 4720 Hamachi2Svc - ok
13:42:38.0436 4720 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:42:38.0436 4720 hcw85cir - ok
13:42:38.0452 4720 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:38.0467 4720 HdAudAddService - ok
13:42:38.0467 4720 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:42:38.0467 4720 HDAudBus - ok
13:42:38.0483 4720 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:42:38.0483 4720 HidBatt - ok
13:42:38.0498 4720 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:42:38.0498 4720 HidBth - ok
13:42:38.0514 4720 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:42:38.0514 4720 HidIr - ok
13:42:38.0545 4720 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:42:38.0545 4720 hidserv - ok
13:42:38.0576 4720 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:42:38.0576 4720 HidUsb - ok
13:42:38.0592 4720 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:42:38.0592 4720 hkmsvc - ok
13:42:38.0608 4720 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:38.0608 4720 HomeGroupListener - ok
13:42:38.0639 4720 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:38.0639 4720 HomeGroupProvider - ok
13:42:38.0701 4720 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:42:38.0717 4720 hpqcxs08 - ok
13:42:38.0717 4720 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:42:38.0717 4720 hpqddsvc - ok
13:42:38.0732 4720 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:42:38.0732 4720 HpSAMD - ok
13:42:38.0779 4720 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:42:38.0779 4720 HTTP - ok
13:42:38.0795 4720 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:42:38.0810 4720 hwpolicy - ok
13:42:38.0842 4720 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:42:38.0842 4720 i8042prt - ok
13:42:38.0857 4720 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:42:38.0873 4720 iaStorV - ok
13:42:38.0935 4720 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:42:38.0935 4720 IDriverT - ok
13:42:38.0966 4720 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:38.0966 4720 idsvc - ok
13:42:38.0982 4720 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:42:38.0982 4720 iirsp - ok
13:42:39.0029 4720 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
13:42:39.0029 4720 IISADMIN - ok
13:42:39.0060 4720 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:42:39.0060 4720 IKEEXT - ok
13:42:39.0076 4720 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:42:39.0076 4720 intelide - ok
13:42:39.0076 4720 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:42:39.0076 4720 intelppm - ok
13:42:39.0091 4720 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:42:39.0091 4720 IPBusEnum - ok
13:42:39.0122 4720 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:39.0122 4720 IpFilterDriver - ok
13:42:39.0154 4720 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:42:39.0154 4720 iphlpsvc - ok
13:42:39.0169 4720 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:42:39.0169 4720 IPMIDRV - ok
13:42:39.0185 4720 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:42:39.0185 4720 IPNAT - ok
13:42:39.0200 4720 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:42:39.0200 4720 IRENUM - ok
13:42:39.0216 4720 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:42:39.0216 4720 isapnp - ok
13:42:39.0216 4720 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:42:39.0216 4720 iScsiPrt - ok
13:42:39.0232 4720 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:39.0232 4720 kbdclass - ok
13:42:39.0263 4720 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:42:39.0263 4720 kbdhid - ok
13:42:39.0263 4720 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:42:39.0263 4720 KeyIso - ok
13:42:39.0294 4720 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:42:39.0294 4720 KSecDD - ok
13:42:39.0310 4720 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:42:39.0310 4720 KSecPkg - ok
13:42:39.0325 4720 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:42:39.0325 4720 ksthunk - ok
13:42:39.0341 4720 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:42:39.0341 4720 KtmRm - ok
13:42:39.0356 4720 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:42:39.0356 4720 LanmanServer - ok
13:42:39.0388 4720 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:39.0388 4720 LanmanWorkstation - ok
13:42:39.0419 4720 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:42:39.0434 4720 LHidFilt - ok
13:42:39.0434 4720 libusb0 - ok
13:42:39.0466 4720 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:42:39.0466 4720 lltdio - ok
13:42:39.0466 4720 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:42:39.0481 4720 lltdsvc - ok
13:42:39.0481 4720 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:42:39.0497 4720 lmhosts - ok
13:42:39.0497 4720 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:42:39.0497 4720 LMouFilt - ok
13:42:39.0512 4720 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:42:39.0512 4720 LSI_FC - ok
13:42:39.0512 4720 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:42:39.0528 4720 LSI_SAS - ok
13:42:39.0528 4720 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:42:39.0544 4720 LSI_SAS2 - ok
13:42:39.0544 4720 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:42:39.0544 4720 LSI_SCSI - ok
13:42:39.0575 4720 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:42:39.0575 4720 luafv - ok
13:42:39.0606 4720 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:42:39.0606 4720 MBAMProtector - ok
13:42:39.0653 4720 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler D:\Malwarebytes\mbamscheduler.exe
13:42:39.0653 4720 MBAMScheduler - ok
13:42:39.0684 4720 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService D:\Malwarebytes\mbamservice.exe
13:42:39.0684 4720 MBAMService - ok
13:42:39.0700 4720 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:42:39.0700 4720 Mcx2Svc - ok
13:42:39.0715 4720 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:42:39.0715 4720 megasas - ok
13:42:39.0715 4720 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:42:39.0731 4720 MegaSR - ok
13:42:39.0778 4720 Microsoft SharePoint Workspace Audit Service - ok
13:42:39.0793 4720 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:42:39.0793 4720 MMCSS - ok
13:42:39.0809 4720 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:42:39.0809 4720 Modem - ok
13:42:39.0824 4720 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:42:39.0824 4720 monitor - ok
13:42:39.0871 4720 [ FC44AD48746FFA5FD640EF1260AB5EC2 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
13:42:39.0871 4720 MotioninJoyXFilter - ok
13:42:39.0887 4720 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:42:39.0887 4720 mouclass - ok
13:42:39.0918 4720 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:42:39.0918 4720 mouhid - ok
13:42:39.0934 4720 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:42:39.0934 4720 mountmgr - ok
13:42:39.0980 4720 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:42:39.0980 4720 MozillaMaintenance - ok
13:42:39.0996 4720 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:42:39.0996 4720 mpio - ok
13:42:40.0012 4720 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:42:40.0012 4720 mpsdrv - ok
13:42:40.0027 4720 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:42:40.0043 4720 MpsSvc - ok
13:42:40.0074 4720 [ CD22D2563039DDA6793F7624719363A7 ] MQAC C:\Windows\system32\drivers\mqac.sys
13:42:40.0074 4720 MQAC - ok
13:42:40.0090 4720 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:42:40.0090 4720 MRxDAV - ok
13:42:40.0121 4720 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:40.0121 4720 mrxsmb - ok
13:42:40.0136 4720 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:40.0136 4720 mrxsmb10 - ok
13:42:40.0136 4720 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:40.0152 4720 mrxsmb20 - ok
13:42:40.0168 4720 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:42:40.0168 4720 msahci - ok
13:42:40.0183 4720 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:42:40.0183 4720 msdsm - ok
13:42:40.0183 4720 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:42:40.0183 4720 MSDTC - ok
13:42:40.0199 4720 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:42:40.0199 4720 Msfs - ok
13:42:40.0214 4720 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:42:40.0214 4720 mshidkmdf - ok
13:42:40.0214 4720 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:42:40.0214 4720 msisadrv - ok
13:42:40.0246 4720 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:42:40.0246 4720 MSiSCSI - ok
13:42:40.0246 4720 msiserver - ok
13:42:40.0261 4720 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:42:40.0261 4720 MSKSSRV - ok
13:42:40.0277 4720 [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ C:\Windows\system32\mqsvc.exe
13:42:40.0277 4720 MSMQ - ok
13:42:40.0308 4720 [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
13:42:40.0308 4720 MSMQTriggers - ok
13:42:40.0324 4720 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:40.0324 4720 MSPCLOCK - ok
13:42:40.0324 4720 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:42:40.0324 4720 MSPQM - ok
13:42:40.0339 4720 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:42:40.0339 4720 MsRPC - ok
13:42:40.0370 4720 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:42:40.0370 4720 mssmbios - ok
13:42:40.0370 4720 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:42:40.0370 4720 MSTEE - ok
13:42:40.0370 4720 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:42:40.0370 4720 MTConfig - ok
13:42:40.0402 4720 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:42:40.0402 4720 MTsensor - ok
13:42:40.0417 4720 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:42:40.0417 4720 Mup - ok
13:42:40.0448 4720 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:42:40.0448 4720 napagent - ok
13:42:40.0480 4720 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:42:40.0480 4720 NativeWifiP - ok
13:42:40.0511 4720 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:42:40.0511 4720 NDIS - ok
13:42:40.0526 4720 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:40.0526 4720 NdisCap - ok
13:42:40.0542 4720 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:40.0542 4720 NdisTapi - ok
13:42:40.0558 4720 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:40.0558 4720 Ndisuio - ok
13:42:40.0573 4720 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:40.0573 4720 NdisWan - ok
13:42:40.0589 4720 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:42:40.0589 4720 NDProxy - ok
13:42:40.0620 4720 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:42:40.0620 4720 Net Driver HPZ12 - ok
13:42:40.0620 4720 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:42:40.0636 4720 NetBIOS - ok
13:42:40.0651 4720 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:42:40.0651 4720 NetBT - ok
13:42:40.0651 4720 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:42:40.0651 4720 Netlogon - ok
13:42:40.0698 4720 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:42:40.0698 4720 Netman - ok
13:42:40.0729 4720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0729 4720 NetMsmqActivator - ok
13:42:40.0729 4720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0729 4720 NetPipeActivator - ok
13:42:40.0729 4720 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:42:40.0745 4720 netprofm - ok
13:42:40.0745 4720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0745 4720 NetTcpActivator - ok
13:42:40.0745 4720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0745 4720 NetTcpPortSharing - ok
13:42:40.0776 4720 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:42:40.0776 4720 nfrd960 - ok
13:42:40.0807 4720 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:42:40.0807 4720 NlaSvc - ok
13:42:40.0854 4720 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
13:42:40.0854 4720 NPF - ok
13:42:40.0854 4720 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:42:40.0854 4720 Npfs - ok
13:42:40.0870 4720 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:42:40.0870 4720 nsi - ok
13:42:40.0885 4720 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:42:40.0885 4720 nsiproxy - ok
13:42:40.0916 4720 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:42:40.0948 4720 Ntfs - ok
13:42:40.0948 4720 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:42:40.0948 4720 Null - ok
13:42:40.0979 4720 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:42:40.0979 4720 NVHDA - ok
13:42:41.0150 4720 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:42:41.0306 4720 nvlddmkm - ok
13:42:41.0338 4720 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:42:41.0353 4720 nvraid - ok
13:42:41.0369 4720 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:42:41.0369 4720 nvstor - ok
13:42:41.0400 4720 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
13:42:41.0400 4720 nvsvc - ok
13:42:41.0462 4720 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:42:41.0462 4720 nvUpdatusService - ok
13:42:41.0494 4720 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:42:41.0494 4720 nv_agp - ok
13:42:41.0525 4720 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:42:41.0525 4720 ohci1394 - ok
13:42:41.0556 4720 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:42:41.0572 4720 ose - ok
13:42:41.0681 4720 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:42:41.0743 4720 osppsvc - ok
13:42:41.0759 4720 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:42:41.0774 4720 p2pimsvc - ok
13:42:41.0790 4720 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:42:41.0790 4720 p2psvc - ok
13:42:41.0806 4720 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:42:41.0806 4720 Parport - ok
13:42:41.0837 4720 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:42:41.0837 4720 partmgr - ok
13:42:41.0837 4720 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:42:41.0837 4720 PcaSvc - ok
13:42:41.0852 4720 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:42:41.0852 4720 pci - ok
13:42:41.0868 4720 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:42:41.0868 4720 pciide - ok
13:42:41.0884 4720 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:42:41.0884 4720 pcmcia - ok
13:42:41.0899 4720 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:42:41.0899 4720 pcw - ok
13:42:41.0899 4720 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:42:41.0915 4720 PEAUTH - ok
13:42:41.0946 4720 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:42:41.0962 4720 PeerDistSvc - ok
13:42:42.0008 4720 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:42:42.0008 4720 PerfHost - ok
13:42:42.0040 4720 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:42:42.0055 4720 pla - ok
13:42:42.0071 4720 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:42:42.0086 4720 PlugPlay - ok
13:42:42.0102 4720 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:42:42.0102 4720 Pml Driver HPZ12 - ok
13:42:42.0118 4720 PnkBstrA - ok
13:42:42.0133 4720 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:42:42.0133 4720 PNRPAutoReg - ok
13:42:42.0149 4720 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:42:42.0149 4720 PNRPsvc - ok
13:42:42.0180 4720 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:42:42.0180 4720 PolicyAgent - ok
13:42:42.0196 4720 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:42:42.0196 4720 Power - ok
13:42:42.0227 4720 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:42:42.0227 4720 PptpMiniport - ok
13:42:42.0242 4720 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:42:42.0242 4720 Processor - ok
13:42:42.0274 4720 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:42:42.0274 4720 ProfSvc - ok
13:42:42.0274 4720 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:42:42.0289 4720 ProtectedStorage - ok
13:42:42.0305 4720 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:42:42.0305 4720 Psched - ok
13:42:42.0336 4720 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:42:42.0336 4720 ql2300 - ok
13:42:42.0352 4720 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:42:42.0352 4720 ql40xx - ok
13:42:42.0383 4720 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:42:42.0383 4720 QWAVE - ok
13:42:42.0398 4720 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:42:42.0398 4720 QWAVEdrv - ok
13:42:42.0398 4720 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:42:42.0398 4720 RasAcd - ok
13:42:42.0414 4720 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:42.0414 4720 RasAgileVpn - ok
13:42:42.0430 4720 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:42:42.0430 4720 RasAuto - ok
13:42:42.0445 4720 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:42.0461 4720 Rasl2tp - ok
13:42:42.0476 4720 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:42:42.0476 4720 RasMan - ok
13:42:42.0476 4720 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:42.0476 4720 RasPppoe - ok
13:42:42.0492 4720 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:42:42.0492 4720 RasSstp - ok
13:42:42.0508 4720 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:42:42.0508 4720 rdbss - ok
13:42:42.0508 4720 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:42:42.0508 4720 rdpbus - ok
13:42:42.0523 4720 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:42.0523 4720 RDPCDD - ok
13:42:42.0539 4720 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:42:42.0539 4720 RDPDR - ok
13:42:42.0554 4720 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:42:42.0554 4720 RDPENCDD - ok
13:42:42.0554 4720 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:42:42.0554 4720 RDPREFMP - ok
13:42:42.0586 4720 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:42:42.0586 4720 RdpVideoMiniport - ok
13:42:42.0601 4720 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:42:42.0617 4720 RDPWD - ok
13:42:42.0648 4720 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:42:42.0648 4720 rdyboost - ok
13:42:42.0664 4720 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:42:42.0664 4720 RemoteAccess - ok
13:42:42.0679 4720 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:42:42.0679 4720 RemoteRegistry - ok
13:42:42.0710 4720 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
13:42:42.0726 4720 RMCAST - ok
13:42:42.0742 4720 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
13:42:42.0742 4720 rpcapd - ok
13:42:42.0757 4720 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:42:42.0757 4720 RpcEptMapper - ok
13:42:42.0788 4720 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:42:42.0788 4720 RpcLocator - ok
13:42:42.0804 4720 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:42:42.0804 4720 RpcSs - ok
13:42:42.0820 4720 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:42:42.0820 4720 rspndr - ok
13:42:42.0835 4720 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:42:42.0851 4720 RTL8167 - ok
13:42:42.0866 4720 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:42:42.0866 4720 s3cap - ok
13:42:42.0866 4720 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:42:42.0866 4720 SamSs - ok
13:42:42.0898 4720 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:42:42.0898 4720 sbp2port - ok
13:42:42.0913 4720 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:42:42.0913 4720 SCardSvr - ok
13:42:42.0929 4720 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:42:42.0929 4720 scfilter - ok
13:42:42.0976 4720 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:42:42.0976 4720 Schedule - ok
13:42:43.0007 4720 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:42:43.0007 4720 SCPolicySvc - ok
13:42:43.0022 4720 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:42:43.0038 4720 SDRSVC - ok
13:42:43.0038 4720 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:42:43.0038 4720 secdrv - ok
13:42:43.0054 4720 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:42:43.0069 4720 seclogon - ok
13:42:43.0069 4720 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:42:43.0069 4720 SENS - ok
13:42:43.0069 4720 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:42:43.0069 4720 SensrSvc - ok
13:42:43.0085 4720 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:42:43.0085 4720 Serenum - ok
13:42:43.0100 4720 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:42:43.0100 4720 Serial - ok
13:42:43.0116 4720 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:42:43.0116 4720 sermouse - ok
13:42:43.0132 4720 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:42:43.0132 4720 SessionEnv - ok
13:42:43.0147 4720 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:42:43.0147 4720 sffdisk - ok
13:42:43.0163 4720 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:42:43.0163 4720 sffp_mmc - ok
13:42:43.0178 4720 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:42:43.0178 4720 sffp_sd - ok
13:42:43.0178 4720 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:42:43.0178 4720 sfloppy - ok
13:42:43.0210 4720 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:42:43.0210 4720 SharedAccess - ok
13:42:43.0241 4720 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:42:43.0241 4720 ShellHWDetection - ok
13:42:43.0256 4720 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:42:43.0256 4720 SiSRaid2 - ok
13:42:43.0256 4720 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:42:43.0256 4720 SiSRaid4 - ok
13:42:43.0288 4720 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:42:43.0288 4720 Smb - ok
13:42:43.0303 4720 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:42:43.0303 4720 SNMPTRAP - ok
13:42:43.0334 4720 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
13:42:43.0334 4720 speedfan - ok
13:42:43.0334 4720 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:42:43.0334 4720 spldr - ok
13:42:43.0366 4720 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:42:43.0366 4720 Spooler - ok
13:42:43.0412 4720 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:42:43.0459 4720 sppsvc - ok
13:42:43.0459 4720 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:42:43.0475 4720 sppuinotify - ok
13:42:43.0522 4720 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys
13:42:43.0522 4720 sptd - ok
13:42:43.0553 4720 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:42:43.0553 4720 srv - ok
13:42:43.0568 4720 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:42:43.0568 4720 srv2 - ok
13:42:43.0584 4720 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:42:43.0584 4720 srvnet - ok
13:42:43.0600 4720 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:42:43.0600 4720 SSDPSRV - ok
13:42:43.0600 4720 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:42:43.0615 4720 SstpSvc - ok
13:42:43.0631 4720 Steam Client Service - ok
13:42:43.0693 4720 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:42:43.0693 4720 Stereo Service - ok
13:42:43.0724 4720 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:42:43.0724 4720 stexstor - ok
13:42:43.0756 4720 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:42:43.0756 4720 stisvc - ok
13:42:43.0771 4720 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:42:43.0771 4720 storflt - ok
13:42:43.0787 4720 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:42:43.0787 4720 StorSvc - ok
13:42:43.0802 4720 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:42:43.0802 4720 storvsc - ok
13:42:43.0818 4720 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:42:43.0818 4720 swenum - ok
13:42:43.0834 4720 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:42:43.0834 4720 swprv - ok
13:42:43.0880 4720 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:42:43.0896 4720 SysMain - ok
13:42:43.0912 4720 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:42:43.0912 4720 TabletInputService - ok
13:42:43.0943 4720 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:42:43.0943 4720 TapiSrv - ok
13:42:43.0974 4720 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:42:43.0974 4720 TBS - ok
13:42:44.0005 4720 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:42:44.0036 4720 Tcpip - ok
13:42:44.0068 4720 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:42:44.0068 4720 TCPIP6 - ok
13:42:44.0099 4720 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:42:44.0099 4720 tcpipreg - ok
13:42:44.0099 4720 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:42:44.0114 4720 TDPIPE - ok
13:42:44.0130 4720 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:42:44.0130 4720 TDTCP - ok
13:42:44.0161 4720 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:42:44.0161 4720 tdx - ok
13:42:44.0161 4720 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:42:44.0161 4720 TermDD - ok
13:42:44.0177 4720 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:42:44.0192 4720 TermService - ok
13:42:44.0192 4720 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:42:44.0192 4720 Themes - ok
13:42:44.0208 4720 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:42:44.0208 4720 THREADORDER - ok
13:42:44.0224 4720 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:42:44.0224 4720 TrkWks - ok
13:42:44.0270 4720 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:42:44.0270 4720 TrustedInstaller - ok
13:42:44.0286 4720 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:42:44.0286 4720 tssecsrv - ok
13:42:44.0302 4720 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:42:44.0302 4720 TsUsbFlt - ok
13:42:44.0333 4720 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:42:44.0333 4720 tunnel - ok
13:42:44.0348 4720 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:42:44.0348 4720 uagp35 - ok
13:42:44.0364 4720 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:42:44.0364 4720 udfs - ok
13:42:44.0380 4720 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:42:44.0380 4720 UI0Detect - ok
13:42:44.0395 4720 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:42:44.0395 4720 uliagpkx - ok
13:42:44.0426 4720 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:42:44.0426 4720 umbus - ok
13:42:44.0442 4720 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:42:44.0442 4720 UmPass - ok
13:42:44.0442 4720 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:42:44.0458 4720 UmRdpService - ok
13:42:44.0473 4720 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:42:44.0473 4720 upnphost - ok
13:42:44.0504 4720 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:42:44.0504 4720 usbaudio - ok
13:42:44.0536 4720 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:42:44.0536 4720 usbccgp - ok
13:42:44.0551 4720 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:42:44.0551 4720 usbcir - ok
13:42:44.0567 4720 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:42:44.0567 4720 usbehci - ok
13:42:44.0582 4720 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:42:44.0582 4720 usbhub - ok
13:42:44.0598 4720 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:42:44.0598 4720 usbohci - ok
13:42:44.0629 4720 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:42:44.0629 4720 usbprint - ok
13:42:44.0645 4720 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:42:44.0645 4720 usbscan - ok
13:42:44.0660 4720 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:42:44.0660 4720 USBSTOR - ok
13:42:44.0676 4720 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:42:44.0676 4720 usbuhci - ok
13:42:44.0692 4720 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:42:44.0692 4720 UxSms - ok
13:42:44.0692 4720 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:42:44.0692 4720 VaultSvc - ok
13:42:44.0707 4720 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:42:44.0707 4720 vdrvroot - ok
13:42:44.0723 4720 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:42:44.0738 4720 vds - ok
13:42:44.0738 4720 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:42:44.0738 4720 vga - ok
13:42:44.0738 4720 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:42:44.0738 4720 VgaSave - ok
13:42:44.0770 4720 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:42:44.0770 4720 vhdmp - ok
13:42:44.0816 4720 [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
13:42:44.0816 4720 VIAHdAudAddService - ok
13:42:44.0832 4720 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:42:44.0832 4720 viaide - ok
13:42:44.0863 4720 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:42:44.0863 4720 vmbus - ok
13:42:44.0879 4720 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:42:44.0879 4720 VMBusHID - ok
13:42:44.0894 4720 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:42:44.0894 4720 volmgr - ok
13:42:44.0910 4720 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:42:44.0926 4720 volmgrx - ok
13:42:44.0941 4720 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:42:44.0941 4720 volsnap - ok
13:42:44.0957 4720 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:42:44.0957 4720 vsmraid - ok
13:42:44.0988 4720 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:42:45.0019 4720 VSS - ok
13:42:45.0019 4720 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:42:45.0019 4720 vwifibus - ok
13:42:45.0050 4720 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:42:45.0050 4720 W32Time - ok
13:42:45.0113 4720 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
13:42:45.0113 4720 W3SVC - ok
13:42:45.0113 4720 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:42:45.0113 4720 WacomPen - ok
13:42:45.0128 4720 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:42:45.0128 4720 WANARP - ok
13:42:45.0128 4720 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:42:45.0128 4720 Wanarpv6 - ok
13:42:45.0160 4720 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
13:42:45.0160 4720 WAS - ok
13:42:45.0206 4720 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:42:45.0222 4720 WatAdminSvc - ok
13:42:45.0253 4720 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:42:45.0269 4720 wbengine - ok
13:42:45.0284 4720 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:42:45.0284 4720 WbioSrvc - ok
13:42:45.0300 4720 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:42:45.0300 4720 wcncsvc - ok
13:42:45.0316 4720 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:42:45.0316 4720 WcsPlugInService - ok
13:42:45.0331 4720 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:42:45.0331 4720 Wd - ok
13:42:45.0362 4720 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:42:45.0362 4720 Wdf01000 - ok
13:42:45.0378 4720 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:42:45.0378 4720 WdiServiceHost - ok
13:42:45.0378 4720 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:42:45.0378 4720 WdiSystemHost - ok
13:42:45.0394 4720 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:42:45.0394 4720 WebClient - ok
13:42:45.0409 4720 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:42:45.0409 4720 Wecsvc - ok
13:42:45.0425 4720 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:42:45.0425 4720 wercplsupport - ok
13:42:45.0440 4720 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:42:45.0440 4720 WerSvc - ok
13:42:45.0456 4720 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:42:45.0456 4720 WfpLwf - ok
13:42:45.0456 4720 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:42:45.0456 4720 WIMMount - ok
13:42:45.0456 4720 WinDefend - ok
13:42:45.0472 4720 WinHttpAutoProxySvc - ok
13:42:45.0503 4720 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:42:45.0503 4720 Winmgmt - ok
13:42:45.0565 4720 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 D:\Razer Game Booster\Driver\WinRing0x64.sys
13:42:45.0565 4720 WinRing0_1_2_0 - ok
13:42:45.0612 4720 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:42:45.0628 4720 WinRM - ok
13:42:45.0674 4720 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:42:45.0674 4720 WinUsb - ok
13:42:45.0690 4720 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:42:45.0706 4720 Wlansvc - ok
13:42:45.0784 4720 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:42:45.0815 4720 wlidsvc - ok
13:42:45.0830 4720 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:42:45.0830 4720 WmiAcpi - ok
13:42:45.0846 4720 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:42:45.0846 4720 wmiApSrv - ok
13:42:45.0862 4720 WMPNetworkSvc - ok
13:42:45.0862 4720 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:42:45.0862 4720 WPCSvc - ok
13:42:45.0893 4720 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:42:45.0893 4720 WPDBusEnum - ok
13:42:45.0924 4720 [ 754C8BF43F0DD4B54865F174A62761E9 ] WRfiltv C:\Windows\system32\drivers\WRfiltv.sys
13:42:45.0924 4720 WRfiltv - ok
13:42:45.0940 4720 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:42:45.0940 4720 ws2ifsl - ok
13:42:45.0955 4720 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:42:45.0955 4720 wscsvc - ok
13:42:45.0955 4720 WSearch - ok
13:42:46.0002 4720 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:42:46.0033 4720 wuauserv - ok
13:42:46.0064 4720 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:42:46.0064 4720 WudfPf - ok
13:42:46.0080 4720 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:42:46.0080 4720 WUDFRd - ok
13:42:46.0096 4720 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:42:46.0096 4720 wudfsvc - ok
13:42:46.0111 4720 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:42:46.0111 4720 WwanSvc - ok
13:42:46.0205 4720 X6va005 - ok
13:42:46.0283 4720 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:42:46.0283 4720 xusb21 - ok
13:42:46.0298 4720 ================ Scan global ===============================
13:42:46.0314 4720 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:42:46.0330 4720 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:42:46.0330 4720 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:42:46.0361 4720 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:42:46.0376 4720 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:42:46.0376 4720 [Global] - ok
13:42:46.0376 4720 ================ Scan MBR ==================================
13:42:46.0392 4720 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:42:46.0517 4720 \Device\Harddisk0\DR0 - ok
13:42:46.0517 4720 ================ Scan VBR ==================================
13:42:46.0517 4720 [ 11C3F1563D22CF031F11654C129AFD2B ] \Device\Harddisk0\DR0\Partition1
13:42:46.0517 4720 \Device\Harddisk0\DR0\Partition1 - ok
13:42:46.0532 4720 [ D8ECC2BDE782817CF9D645B31521361F ] \Device\Harddisk0\DR0\Partition2
13:42:46.0532 4720 \Device\Harddisk0\DR0\Partition2 - ok
13:42:46.0532 4720 [ 4B4C81B843230179BAF032A797F1A3E1 ] \Device\Harddisk0\DR0\Partition3
13:42:46.0548 4720 \Device\Harddisk0\DR0\Partition3 - ok
13:42:46.0548 4720 [ 9D01F80285FA0AC14F25E6DC14780344 ] \Device\Harddisk0\DR0\Partition4
13:42:46.0548 4720 \Device\Harddisk0\DR0\Partition4 - ok
13:42:46.0548 4720 ============================================================
13:42:46.0548 4720 Scan finished
13:42:46.0548 4720 ============================================================
13:42:46.0564 6056 Detected object count: 0
13:42:46.0564 6056 Actual detected object count: 0
13:43:18.0860 1848 Deinitialize success
Danke im Voraus! |
|
08.12.2012, 20:27
| #4 |
| /// TB-Ausbilder | Firefox, Umleitungen und Internetstörungen. Servus, Ein bisschen Adware seh ich in den Logdateien. Darum kümmern wir uns jetzt erst mal.  Schritt 1 Ich sehe, dass du sogenannte Peer to Peer oder Filesharing Programme verwendest. In deinem Fall BitTorrent. Diese Programme erlauben es dir, Daten mit anderen Usern auszutauschen. Leider ist auch p2p oder Filesharing nicht ausgenommen, infizierte Dateien zu verteilen und das ist auch ein Grund warum sich Malware so schnell verbreitet. Es ist also möglich, dass du dir eine infizierte Datei herunter ladest. Du kannst niemals wissen, woher diese stammen. Daher sollte diese Art von Software mit äußerster Vorsicht benutzt werden. Ein ebenfalls wichtiger Punkt ist, dass das Verbreiten von Media und Entertainment Dateien in den meisten Ländern der Welt gegen Copyright Rechte verstößt. Natürlich gibt es auch einen legalen Weg zur Nutzung dieses Service. Zum Beispiel zum Downloaden von Linux oder Open Office. Denoch würde ich dich ersuchen, diese Art von Software nicht weiterhin zu verwenden. Bitte gehe zu Start --> Systemsteuerung --> Software / Programme deinstallieren und deinstalliere die oben genannte Software. Bitte sag bescheid wenn Du eines der gelisteten Programme nicht finden kannst. Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.  Bitte lade Junkware Removal Tool auf Deinen Desktop.
Schritt 3 Starte bitte OTL.exe und drücke den Quick Scan Button. Poste die OTL.txt hier in deinen Thread. Bitte poste mit deiner nächsten Antwort
|
|
09.12.2012, 03:16
| #5 |
| | Firefox, Umleitungen und Internetstörungen. Ich habe mich jetzt doch dazu entschieden, Windows neu aufzusetzen. Erschien mir wohl am sinnvollsten und es war schon länger wiedermal nötig^^ Ich danke dir trotzdem für deine Bemühungen und hoffe, dass ich nicht zuviele Umstände gemacht habe. Wünsche ein frohen Advent^^ |
|
09.12.2012, 21:42
| #6 |
| /// TB-Ausbilder | Firefox, Umleitungen und Internetstörungen. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Firefox, Umleitungen und Internetstörungen. |
| .dll, antivir, application/pdf:, avg, desktop, einloggen, eudora, fehler, firefox, free, google, hängen, install.exe, java6, jdownloader, league of legends, leitet, libusb0.sys, log, lösung, modul, msvcrt, nvidia update, plug-in, problem, probleme, programme, prozesse, registry, reset, seiten, störungen, svchost.exe, system32, tracker, vdeck.exe, warnung, windows |
Linear-Darstellung
