Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.06.2012, 13:21   #1
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Frage

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Seit einigen Wochen, wie auch immer habe ich mir die nervende Werbung eingefangen, welche sich beim surfen immer wieder von unten rechts einschiebt.

Evtl. kann mir jemand kurz behilflich sein. Alle Virenscanner finden nichts.

Hier mal die Log Datei von HijackThis und Malwarebytes

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:33, on 30.06.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OneMediaHub\pushfnbl.exe
C:\Users\L5566\AppData\Roaming\Wuala\Wuala.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AcroTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\L5566\Desktop\HiJackThis204.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 149.5.18.172 www.google-analytics.com.
O1 - Hosts: 149.5.18.172 ad-emea.doubleclick.net.
O1 - Hosts: 149.5.18.172 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OneMediaHub.lnk = C:\Program Files (x86)\OneMediaHub\pushfnbl.exe
O4 - Startup: Wuala.lnk = L5566\AppData\Roaming\Wuala\Wuala.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: M4-Service - Unknown owner - C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10470 bytes



*******************




Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.30.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
L5566 :: L5566-PC [Administrator]

Schutz: Deaktiviert

30.06.2012 14:12:28
mbam-log-2012-06-30 (14-12-28).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206811
Laufzeit: 3 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Besten Dank!

Alt 30.06.2012, 13:24   #2
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



hi
1. gibts eig ganz deutlich nen hinweis, wir möchten keine hjt logs sehen :-)
2. sind das alle Malwarebytes logs?
3.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 02.07.2012, 12:16   #3
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Hier die Dateien

OTL:
lOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.07.2012 12:22:28 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\L5566\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 66,82% Memory free
7,49 Gb Paging File | 5,97 Gb Available in Paging File | 79,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 82,50 Gb Free Space | 56,36% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 121,32 Gb Free Space | 80,02% Space Free | Partition Type: NTFS
 
Computer Name: L5566-PC | User Name: L5566 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.02 11:49:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe
PRC - [2012.06.22 10:14:42 | 000,145,408 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\pushfnbl.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.24 19:59:49 | 001,592,160 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Capture.exe
PRC - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.01.16 12:04:46 | 001,007,472 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe
PRC - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe
PRC - [2011.09.09 19:46:10 | 008,158,720 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe
PRC - [2011.07.06 05:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2011.06.15 23:12:58 | 002,158,160 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
PRC - [2011.06.15 22:14:06 | 007,057,488 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
PRC - [2011.06.04 18:18:22 | 002,213,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
PRC - [2011.04.14 21:38:50 | 000,727,120 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
PRC - [2011.02.17 02:03:20 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.22 10:14:42 | 000,145,408 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\pushfnbl.exe
MOD - [2012.06.22 10:14:38 | 001,544,704 | ---- | M] () -- C:\Program Files (x86)\OneMediaHub\winmainclientdll.dll
MOD - [2011.02.17 02:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll
MOD - [2006.08.12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.08.11 01:47:10 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012.06.26 08:32:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.16 12:04:46 | 001,007,472 | ---- | M] () [Auto | Running] -- C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe -- (M4-Service)
SRV - [2011.09.12 11:53:02 | 000,024,576 | ---- | M] (BISS GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe -- (WinRiskXASmClSoftwareUpdate)
SRV - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2011.09.09 19:46:10 | 008,158,720 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql)
SRV - [2011.07.28 00:34:30 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2011.07.06 05:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.09 16:27:34 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.09 04:21:34 | 000,206,128 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.08.11 02:39:32 | 009,981,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.08.11 01:10:06 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.12 19:48:40 | 000,146,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.07.12 19:48:36 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.07.12 19:48:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.07.05 21:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.05.16 23:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.30 20:31:36 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.03.18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.23 00:51:08 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.17 22:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.28 16:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2007.06.14 14:43:36 | 000,543,232 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys -- (Ltn_stk7070P_64)
DRV:64bit: - [2007.06.13 19:29:40 | 000,016,256 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys -- (Ltn_stkrc_64)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2012.02.01 14:24:02 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.munich-broker.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF 5B 7B FA 5C E7 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.12 14:36:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.03.27 20:40:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 08:32:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 20:40:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 08:32:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 20:40:40 | 000,000,000 | ---D | M]
 
[2012.02.10 10:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L5566\AppData\Roaming\mozilla\Extensions
[2012.06.29 08:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L5566\AppData\Roaming\mozilla\Firefox\Profiles\7vqytien.default\extensions
[2012.06.09 15:38:00 | 000,000,000 | ---D | M] (GraphOn GO-Global) -- C:\Users\L5566\AppData\Roaming\mozilla\Firefox\Profiles\7vqytien.default\extensions\support@graphon.com
[2012.05.28 23:11:01 | 000,001,494 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Mozilla\Firefox\Profiles\7vqytien.default\searchplugins\web-search-powered-by-google.xml
[2012.02.10 10:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.18 11:46:35 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\L5566\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7VQYTIEN.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012.06.26 08:32:40 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.26 08:32:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.26 08:32:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.26 08:32:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.26 08:32:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.26 08:32:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.26 08:32:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.03.27 18:15:31 | 000,003,589 | -HS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.adobe.com 
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com 
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com 
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com 
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com 
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com 
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 wip3.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 wip4.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com 
O1 - Hosts: 127.0.0.1 adobeereg.com 
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 
O1 - Hosts: 250 more lines...
O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk = C:\Program Files (x86)\OneMediaHub\pushfnbl.exe ()
O4 - Startup: C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk = C:\Users\L5566\AppData\Roaming\Wuala\Wuala.exe (LaCie)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{420F407E-9FAA-4FCB-BCC5-9E18FF7BE504}: DhcpNameServer = 192.168.2.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F52B3DA6-F761-4149-9899-969880E581C9}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O27:64bit: - HKLM IFEO\bwclrhost.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\eraser.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nv_o2o_teilnehmer_de.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\bwclrhost.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\eraser.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nv_o2o_teilnehmer_de.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.02 11:49:01 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe
[2012.07.02 08:10:01 | 000,000,000 | ---D | C] -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.06.30 11:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.30 11:38:36 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.30 11:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.30 09:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.06.30 09:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.06.29 14:25:55 | 000,000,000 | ---D | C] -- C:\Users\L5566\Desktop\formulare
[2012.06.26 08:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OneMediaHub
[2012.06.15 19:57:27 | 000,000,000 | ---D | C] -- C:\Users\L5566\AppData\Roaming\Avira
[2012.06.15 19:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.06.15 19:50:53 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.15 19:50:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.06.15 19:50:52 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.06.15 19:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.06.15 19:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.06.13 18:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.02 12:05:01 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 12:05:01 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 11:55:06 | 000,001,920 | ---- | M] () -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk
[2012.07.02 11:54:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.02 11:54:39 | 3016,753,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.02 11:49:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\L5566\Desktop\OTL.exe
[2012.07.02 10:51:52 | 000,001,456 | ---- | M] () -- C:\Users\L5566\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.06.30 14:18:48 | 000,010,473 | ---- | M] () -- C:\Users\L5566\Desktop\log30.06
[2012.06.29 12:22:51 | 000,002,092 | -H-- | M] () -- C:\Users\L5566\Documents\Default.rdp
[2012.06.27 07:59:42 | 000,070,099 | ---- | M] () -- C:\Users\L5566\AppData\Local\WinRisk_Background.jpg
[2012.06.27 07:59:42 | 000,005,345 | ---- | M] () -- C:\Users\L5566\AppData\Local\BWSmartClientAppRes.WinRisk_Login.html
[2012.06.27 07:59:42 | 000,002,028 | ---- | M] () -- C:\Users\L5566\AppData\Local\IR_LoginBtn.gif
[2012.06.27 07:59:42 | 000,000,405 | ---- | M] () -- C:\Users\L5566\AppData\Local\WinRisk_Smile.gif
[2012.06.27 07:59:42 | 000,000,077 | ---- | M] () -- C:\Users\L5566\AppData\Local\bullet.gif
[2012.06.15 21:39:53 | 004,899,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.15 20:27:51 | 000,705,572 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.15 20:27:51 | 000,659,826 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.15 20:27:51 | 000,151,888 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.15 20:27:51 | 000,124,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.15 20:27:50 | 001,659,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.15 18:15:02 | 000,022,520 | ---- | M] () -- C:\Users\L5566\Desktop\Skandia-Logo.jpg
[2012.06.14 18:46:06 | 000,638,218 | ---- | M] () -- C:\Users\L5566\Desktop\bu-comdirect.pdf
 
========== Files Created - No Company Name ==========
 
[2012.06.30 11:19:33 | 000,010,473 | ---- | C] () -- C:\Users\L5566\Desktop\log30.06
[2012.06.26 08:39:03 | 000,001,920 | ---- | C] () -- C:\Users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneMediaHub.lnk
[2012.06.15 18:15:00 | 000,022,520 | ---- | C] () -- C:\Users\L5566\Desktop\Skandia-Logo.jpg
[2012.06.14 18:36:10 | 000,638,218 | ---- | C] () -- C:\Users\L5566\Desktop\bu-comdirect.pdf
[2012.05.05 13:04:46 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.04.05 17:34:05 | 000,000,132 | ---- | C] () -- C:\Users\L5566\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.03.05 13:50:29 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\QL56F.DLL
[2012.03.04 15:36:59 | 000,000,280 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.02.15 20:07:49 | 000,070,099 | ---- | C] () -- C:\Users\L5566\AppData\Local\WinRisk_Background.jpg
[2012.02.15 20:07:49 | 000,005,345 | ---- | C] () -- C:\Users\L5566\AppData\Local\BWSmartClientAppRes.WinRisk_Login.html
[2012.02.15 20:07:49 | 000,002,028 | ---- | C] () -- C:\Users\L5566\AppData\Local\IR_LoginBtn.gif
[2012.02.15 20:07:49 | 000,000,405 | ---- | C] () -- C:\Users\L5566\AppData\Local\WinRisk_Smile.gif
[2012.02.15 20:07:49 | 000,000,077 | ---- | C] () -- C:\Users\L5566\AppData\Local\bullet.gif
[2012.02.09 12:01:00 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.02.09 12:01:00 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.02.09 11:59:56 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.02.09 11:59:56 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7820N.DAT
[2012.02.09 11:58:28 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.02.07 21:01:22 | 000,001,456 | ---- | C] () -- C:\Users\L5566\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.02.07 18:08:54 | 001,659,876 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.03 20:56:01 | 000,007,603 | ---- | C] () -- C:\Users\L5566\AppData\Local\Resmon.ResmonCfg
[2012.02.03 16:02:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.03 15:08:56 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== LOP Check ==========
 
[2012.02.11 10:08:39 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\avidemux
[2012.04.28 17:03:22 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\BitTorrent
[2012.07.02 12:21:37 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\FileZilla
[2012.02.25 08:49:30 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Funambol
[2012.03.21 20:29:31 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\ICAClient
[2012.05.05 12:59:06 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\ImgBurn
[2012.03.07 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\IrfanView
[2012.02.24 20:00:41 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Mikogo 4
[2012.03.06 16:56:17 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\MORGEN & MORGEN
[2012.03.04 15:36:47 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Simon Brown, HB9DRV
[2012.02.09 11:21:17 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\TeamViewer
[2012.02.12 18:27:21 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\TuneUp Software
[2012.03.06 12:14:33 | 000,000,000 | ---D | M] -- C:\Users\L5566\AppData\Roaming\Wuala
[2012.03.31 18:27:26 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.02.03 15:52:48 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.03.27 20:17:24 | 000,000,000 | R--D | M] -- C:\Adobe CS5_5
[2012.06.15 20:39:31 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2012.03.06 16:48:27 | 000,000,000 | ---D | M] -- C:\cvw410
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.03.13 10:18:01 | 000,000,000 | ---D | M] -- C:\DRIVERS
[2012.03.06 16:54:35 | 000,000,000 | ---D | M] -- C:\kvw809
[2012.03.06 16:57:19 | 000,000,000 | ---D | M] -- C:\lvw811
[2012.02.03 23:03:37 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.06.02 09:42:54 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.06.30 11:38:36 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.06.30 09:17:55 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.02.03 15:52:32 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.07.02 12:25:29 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.02.03 15:52:41 | 000,000,000 | R--D | M] -- C:\Users
[2012.05.22 17:48:44 | 000,000,000 | ---D | M] -- C:\Windows
[2012.03.21 09:35:52 | 000,000,000 | ---D | M] -- C:\xampp
[2012.03.20 21:23:35 | 000,000,000 | ---D | M] -- C:\xampplite
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.07.02 12:41:50 | 002,883,584 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT
[2012.07.02 12:41:50 | 000,262,144 | -HS- | M] () -- C:\Users\L5566\ntuser.dat.LOG1
[2012.02.03 15:52:41 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\ntuser.dat.LOG2
[2012.03.27 08:14:31 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_new.LOG1
[2012.03.27 08:14:31 | 000,000,000 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_new.LOG2
[2012.05.22 14:46:35 | 002,883,584 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT_tureg_old
[2012.02.03 16:01:59 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.02.03 16:01:59 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.02.03 16:01:59 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.05.23 09:06:18 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TM.blf
[2012.05.23 09:06:18 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2012.05.23 09:06:18 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{90a05f69-a425-11e1-b193-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2012.03.27 09:00:51 | 000,065,536 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TM.blf
[2012.03.27 09:00:51 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2012.03.27 09:00:51 | 000,524,288 | -HS- | M] () -- C:\Users\L5566\NTUSER.DAT{9cbbfd1f-77d3-11e1-a60c-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2012.02.03 15:52:42 | 000,000,020 | -HS- | M] () -- C:\Users\L5566\ntuser.ini
[2012.02.09 16:06:22 | 000,000,000 | ---- | M] () -- C:\Users\L5566\Sti_Trace.log
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:638A9051428ED7E7

< End of report >
         
--- --- ---



Extra:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.07.2012 12:22:28 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\L5566\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 66,82% Memory free
7,49 Gb Paging File | 5,97 Gb Available in Paging File | 79,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 82,50 Gb Free Space | 56,36% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 121,32 Gb Free Space | 80,02% Space Free | Partition Type: NTFS
 
Computer Name: L5566-PC | User Name: L5566 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server -- (WIBU-SYSTEMS AG)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15BB5DD1-1C45-43FB-BE8B-1ABE7F3B0A43}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2FD65B50-81DE-4CD6-AB7E-945D7FC3288C}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
"{3F3E6CAF-B5D5-489B-9119-0200A06C67D4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{41A4C6C7-6789-4FA5-85EF-D8C498D22C44}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{46ECBE37-ED00-489D-8B6C-DEE6A2132D2E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4AF07023-E387-42F3-98D8-ACA340E041A5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4DD4B959-E701-4F43-8459-5673AA113FA0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5E617879-0217-43AB-A789-9C639A24A995}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6E5F94D3-49B2-439A-872C-E8CC124DE72B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{744BB372-4231-45C9-8522-7EB049AE802C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8804A1AC-0FCB-4EDB-B1E1-DC06652259CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B25402DE-1CE1-4C77-A08C-F691F6C1AB93}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B4DCA09A-F2FD-49C7-B1B8-F54CDF8B4B94}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B7DCABDF-3801-429E-9CB2-57D744F7634D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BE0F02DC-5E91-4E21-ACF7-9BCBA2917433}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{C6524984-6058-445A-9A8D-18E378C5FEB8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C7A0AC78-1329-4E9D-9EA0-D6895DA85BC1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D28EBA31-3A62-49AC-93DF-B5B342E149EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D5A95CE4-464F-4A6C-A0D7-9E339EBE4771}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D6F8911A-126E-4469-ABDC-C98B5FBFDEDD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{D9400377-AC33-46DC-A14C-F2572DF6E11F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{EB064320-20A0-45E6-8335-9E3D51058197}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FA3F3025-3AB8-454F-A28C-C252821AB5BA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FD54E06B-F240-41BF-A512-30E5483C830D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FFF8289D-334F-4C46-AEB0-510BE01DD387}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0558EAE9-527A-4869-9795-D2FF0AF614F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{099BD194-09A6-4AB9-8F02-528DD2FB774E}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe | 
"{1B022277-4211-43B3-A905-08C6CA2A3865}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{257FF820-DEB6-4C05-B025-3397170C42F7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{269A5456-7B85-4127-BFC3-73DD6DCB112D}" = dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe | 
"{281DDEB3-1435-4580-B31C-2750C52F367D}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe | 
"{2DFB9FF5-F6D4-4A88-95C4-E8364FC4331B}" = protocol=6 | dir=out | app=system | 
"{2F43C7B4-B683-4FB2-AFF1-932525EB803B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{346A3803-9437-4AE6-BE4C-5748E3B96414}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3A12D18D-FAF9-493C-8F66-2595399368C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3D665B3D-5E44-4817-8B4C-069F8567D790}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{43B421BF-DCD4-4E50-A964-2A6A5E1A60FF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5CFE8673-5FFC-42DB-96BC-B274C97A804E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5DD1A59C-CCEB-4A87-AE0A-483DED8A3672}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{78A81413-FD60-4835-9B93-EA3847081573}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8F91F951-78CC-4168-A022-1BC3528BE3BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A05F0ECC-0AD6-44E6-92C8-D46114677117}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{A0FD8419-37EA-42DF-AB56-2266D652811A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A6E5AE81-0BA2-4D99-9507-1E2C0C32B2B8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B13B320D-75A6-4F22-87A9-DF1C51A670DA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B39D6228-5E38-4757-BA31-39C5D2AEF9AA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{B6538E2B-5FB9-4D84-BA21-D936FE5DB6A7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{B6EFCD28-5724-448F-838B-AD101658B85B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BBBBBE25-3688-48AE-A0AA-8D0C511EBAB3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CEB158F7-2769-4720-AEE8-A604B232867B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D51EC984-1252-4220-A0E9-1F41AA43BE57}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D8CC6C04-BC29-4F55-9427-F36784787023}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{DA139DD9-03F2-4158-AB85-50BCD5D8A5A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EAA44F16-E03E-4922-B5D4-0D62184365D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ED04495D-8E50-4C68-BDF7-5174E5D296F1}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe | 
"{F785647A-B527-4726-B4D1-16E7565FDC91}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe | 
"{F8AD4B64-AFBD-4D4F-9EBD-22CA6EE9C5B0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{F9C212B9-6C65-4F30-B3E0-DD4383750846}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{0E233885-A91C-4F73-8658-0AB109EBF713}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe | 
"TCP Query User{1186D4B6-E33F-4985-AC05-45DD55B81C7C}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{24657E65-C0B7-40C3-A9D4-7CF764D88266}C:\xampplite\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampplite\apache\bin\httpd.exe | 
"TCP Query User{38E7E53B-5130-4DE8-BFA7-DA4C2976D296}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe | 
"TCP Query User{88040AA8-0E04-4CF0-9AB7-352D7112EEBB}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe | 
"TCP Query User{96951AD4-7F69-4565-8582-2677DE1920B6}C:\xampplite\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampplite\mysql\bin\mysqld.exe | 
"TCP Query User{E67C1D69-2ACD-472F-9FE9-8A1B97198BA7}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{FD665BA6-55FC-48CE-8274-B9414AA60F6E}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
"UDP Query User{0D71D216-290B-445E-96AE-287BE8E231FF}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe | 
"UDP Query User{5D7F112C-303E-4845-A401-13C3E1A526BF}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{7359B8D7-E1ED-4666-BF61-07B2A26BCE54}C:\users\L5566\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\L5566\appdata\roaming\wuala\wuala.exe | 
"UDP Query User{A572C1D8-C370-461D-9CC6-DE9541665C89}C:\xampplite\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampplite\mysql\bin\mysqld.exe | 
"UDP Query User{ABD7D1F1-037F-4F74-98C4-1E899911AE06}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe | 
"UDP Query User{AE7039C0-5E76-427C-9144-DD55E6A2CAB9}C:\xampplite\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampplite\apache\bin\httpd.exe | 
"UDP Query User{CDD0F888-FD82-4E9D-BB85-C85191C28F69}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{FBB4DD89-73D1-46A6-9F63-AEC68334348C}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}" = Eraser 6.0.9.2343
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B25CE7B1-4C28-4C77-B8F0-BA00989CD697}" = CodeMeter Runtime Kit v4.30c
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Elantech" = ETDWare PS/2-X64 10.7.5.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C3736A1-D934-4CC0-9E6F-6FD77432A3DC}" = InterRisk WinRisk Smart-Client 4.9.0
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Samsung Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DF979D5-464C-4926-AF73-54C1C219F06A}" = Ham Radio Deluxe
"{54613ADC-0DDC-4BFE-8D25-281272D58D5D}" = KV-WIN
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7C01245B-7B67-4E2B-926D-8E917C2AE77A}" = CV-WIN
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.4.1
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OUTLOOKR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OUTLOOKR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_OUTLOOKR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OUTLOOKR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AEDEA4E0-2B49-4D9F-8CF6-F5B086A244FF}_is1" = AltersvorsorgePLANER VersicherungsPraxis24
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BFC1E04D-AA94-4E5F-A220-89209FF0FA3A}" = LV-WIN
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7820N
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF0E815B-0853-4F90-AA9D-368EE44A7D3F}_is1" = Awh_MC
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Setup" = DivX-Setup
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OneMediaHub" = OneMediaHub 11.0.4
"OUTLOOKR" = Microsoft Office Outlook 2007
"PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.0
"Winamp" = Winamp
"WinMerge_is1" = WinMerge 2.12.4
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
"xampp" = XAMPP 1.7.7
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
"Mikogo 4" = Mikogo 4
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Wuala" = Wuala
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.06.2012 12:57:31 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
 
Error - 27.06.2012 08:10:51 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
 
Error - 28.06.2012 09:20:05 | Computer Name = L5566-PC | Source = Application Hang | ID = 1002
Description = Programm Acrobat.exe, Version 10.0.0.396 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: a08    Startzeit: 
01cd552616ab4dbe    Endzeit: 175    Anwendungspfad: C:\Program Files (x86)\Adobe\Acrobat
 10.0\Acrobat\Acrobat.exe    Berichts-ID:   
 
Error - 28.06.2012 16:54:11 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
 
Error - 29.06.2012 02:29:38 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070015.
 
Error - 30.06.2012 03:16:56 | Computer Name = L5566-PC | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070422.
 
Error - 30.06.2012 08:45:04 | Computer Name = L5566-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 01.07.2012 12:23:48 | Computer Name = L5566-PC | Source = MsiInstaller | ID = 11316
Description = 
 
Error - 01.07.2012 13:18:09 | Computer Name = L5566-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 13.0.1.4548,
 Zeitstempel: 0x4fda5ff0  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce6c3  ID des fehlerhaften
 Prozesses: 0x1a44  Startzeit der fehlerhaften Anwendung: 0x01cd57ad677e2564  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: ba55c2c6-c3a0-11e1-a9f8-90a4de9d12e8
 
Error - 02.07.2012 05:51:51 | Computer Name = L5566-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.53.1 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 700    Startzeit: 
01cd5837f09f00aa    Endzeit: 12    Anwendungspfad: C:\Users\L5566\Desktop\OTL.exe    Berichts-ID:
   
 
[ Media Center Events ]
Error - 24.06.2012 00:09:55 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 06:09:52 - Fehler beim Herstellen der Internetverbindung.  06:09:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.06.2012 01:03:44 | Computer Name = L5566-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) PCTV DiBcom
 BDA Digital Tuner (Dev1 Path0) 
 
Error - 28.06.2012 01:04:15 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 07:04:14 - Fehler beim Herstellen der Internetverbindung.  07:04:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.06.2012 01:04:33 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 07:04:21 - Fehler beim Herstellen der Internetverbindung.  07:04:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 21:34:18 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 03:34:18 - Fehler beim Herstellen der Internetverbindung.  03:34:18 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 21:34:31 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 03:34:23 - Fehler beim Herstellen der Internetverbindung.  03:34:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 22:34:40 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 04:34:40 - Fehler beim Herstellen der Internetverbindung.  04:34:40 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 22:34:52 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 04:34:45 - Fehler beim Herstellen der Internetverbindung.  04:34:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 23:34:57 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 05:34:57 - Fehler beim Herstellen der Internetverbindung.  05:34:57 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.06.2012 23:35:06 | Computer Name = L5566-PC | Source = MCUpdate | ID = 0
Description = 05:35:03 - Fehler beim Herstellen der Internetverbindung.  05:35:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 07.02.2012 13:30:35 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 17.02.2012 11:37:11 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 18.02.2012 05:07:03 | Computer Name = L5566-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 23.06.2012 01:42:39 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.06.2012 01:43:39 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.06.2012 02:25:32 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.06.2012 02:26:38 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.06.2012 02:26:44 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.06.2012 02:27:10 | Computer Name = L5566-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 23.06.2012 02:27:45 | Computer Name = L5566-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 23.06.2012 02:29:23 | Computer Name = L5566-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
 beendet: %%1.
 
Error - 23.06.2012 02:32:45 | Computer Name = L5566-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 23.06.2012 13:21:55 | Computer Name = L5566-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 02.07.2012, 17:21   #4
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.07.2012, 17:49   #5
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



18:40:20.0138 6056 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
18:40:20.0261 6056 ============================================================
18:40:20.0261 6056 Current date / time: 2012/07/02 18:40:20.0261
18:40:20.0261 6056 SystemInfo:
18:40:20.0261 6056
18:40:20.0261 6056 OS Version: 6.1.7601 ServicePack: 1.0
18:40:20.0261 6056 Product type: Workstation
18:40:20.0262 6056 ComputerName: L5566-PC
18:40:20.0262 6056 UserName: L5566
18:40:20.0262 6056 Windows directory: C:\Windows
18:40:20.0262 6056 System windows directory: C:\Windows
18:40:20.0262 6056 Running under WOW64
18:40:20.0262 6056 Processor architecture: Intel x64
18:40:20.0262 6056 Number of processors: 2
18:40:20.0262 6056 Page size: 0x1000
18:40:20.0262 6056 Boot type: Normal boot
18:40:20.0262 6056 ============================================================
18:40:21.0858 6056 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:40:21.0870 6056 ============================================================
18:40:21.0870 6056 \Device\Harddisk0\DR0:
18:40:21.0870 6056 MBR partitions:
18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C6000
18:40:21.0870 6056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x12F35800
18:40:21.0870 6056 ============================================================
18:40:21.0891 6056 C: <-> \Device\Harddisk0\DR0\Partition1
18:40:21.0930 6056 D: <-> \Device\Harddisk0\DR0\Partition2
18:40:21.0930 6056 ============================================================
18:40:21.0930 6056 Initialize success
18:40:21.0930 6056 ============================================================
18:40:30.0910 1744 ============================================================
18:40:30.0910 1744 Scan started
18:40:30.0910 1744 Mode: Manual; SigCheck; TDLFS;
18:40:30.0910 1744 ============================================================
18:40:31.0859 1744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:40:31.0960 1744 1394ohci - ok
18:40:32.0024 1744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:40:32.0054 1744 ACPI - ok
18:40:32.0086 1744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:40:32.0116 1744 AcpiPmi - ok
18:40:32.0184 1744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:40:32.0218 1744 adp94xx - ok
18:40:32.0249 1744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:40:32.0279 1744 adpahci - ok
18:40:32.0335 1744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:40:32.0363 1744 adpu320 - ok
18:40:32.0402 1744 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:40:32.0475 1744 AeLookupSvc - ok
18:40:32.0527 1744 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:40:32.0563 1744 AFD - ok
18:40:32.0604 1744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:40:32.0627 1744 agp440 - ok
18:40:32.0658 1744 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:40:32.0689 1744 ALG - ok
18:40:32.0716 1744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:40:32.0737 1744 aliide - ok
18:40:32.0780 1744 AMD External Events Utility (8743eeca8cea54555fc584090b16de9d) C:\Windows\system32\atiesrxx.exe
18:40:32.0812 1744 AMD External Events Utility - ok
18:40:32.0834 1744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:40:32.0857 1744 amdide - ok
18:40:32.0889 1744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:40:32.0914 1744 AmdK8 - ok
18:40:33.0522 1744 amdkmdag (0a97540b21807e5e77dfd6ff2ca86e2a) C:\Windows\system32\DRIVERS\atikmdag.sys
18:40:33.0755 1744 amdkmdag - ok
18:40:33.0964 1744 amdkmdap (a11c4af5e8777f13ce7df011e892239c) C:\Windows\system32\DRIVERS\atikmpag.sys
18:40:33.0997 1744 amdkmdap - ok
18:40:34.0031 1744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:40:34.0056 1744 AmdPPM - ok
18:40:34.0088 1744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:40:34.0112 1744 amdsata - ok
18:40:34.0151 1744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:40:34.0185 1744 amdsbs - ok
18:40:34.0222 1744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:40:34.0243 1744 amdxata - ok
18:40:34.0333 1744 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:40:34.0358 1744 AntiVirSchedulerService - ok
18:40:34.0385 1744 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:40:34.0406 1744 AntiVirService - ok
18:40:34.0458 1744 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) c:\xampp\apache\bin\httpd.exe
18:40:34.0467 1744 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
18:40:34.0468 1744 Apache2.2 - detected UnsignedFile.Multi.Generic (1)
18:40:34.0500 1744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:40:34.0563 1744 AppID - ok
18:40:34.0605 1744 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:40:34.0674 1744 AppIDSvc - ok
18:40:34.0695 1744 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:40:34.0760 1744 Appinfo - ok
18:40:34.0794 1744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:40:34.0818 1744 arc - ok
18:40:34.0849 1744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:40:34.0872 1744 arcsas - ok
18:40:34.0990 1744 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:40:35.0010 1744 aspnet_state - ok
18:40:35.0030 1744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:40:35.0096 1744 AsyncMac - ok
18:40:35.0120 1744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:40:35.0143 1744 atapi - ok
18:40:35.0183 1744 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
18:40:35.0214 1744 AtiHDAudioService - ok
18:40:35.0280 1744 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:40:35.0356 1744 AudioEndpointBuilder - ok
18:40:35.0371 1744 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:40:35.0447 1744 AudioSrv - ok
18:40:35.0512 1744 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
18:40:35.0535 1744 avgntflt - ok
18:40:35.0561 1744 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
18:40:35.0585 1744 avipbb - ok
18:40:35.0625 1744 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
18:40:35.0647 1744 avkmgr - ok
18:40:35.0685 1744 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:40:35.0722 1744 AxInstSV - ok
18:40:35.0779 1744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:40:35.0813 1744 b06bdrv - ok
18:40:35.0852 1744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:40:35.0881 1744 b57nd60a - ok
18:40:36.0163 1744 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:40:36.0311 1744 BCM43XX - ok
18:40:36.0415 1744 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:40:36.0442 1744 BDESVC - ok
18:40:36.0501 1744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:40:36.0568 1744 Beep - ok
18:40:36.0645 1744 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:40:36.0721 1744 BFE - ok
18:40:36.0787 1744 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:40:36.0869 1744 BITS - ok
18:40:36.0936 1744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:40:36.0960 1744 blbdrive - ok
18:40:37.0001 1744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:40:37.0025 1744 bowser - ok
18:40:37.0053 1744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:40:37.0083 1744 BrFiltLo - ok
18:40:37.0093 1744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:40:37.0123 1744 BrFiltUp - ok
18:40:37.0160 1744 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:40:37.0229 1744 Browser - ok
18:40:37.0276 1744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:40:37.0306 1744 Brserid - ok
18:40:37.0315 1744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:40:37.0346 1744 BrSerWdm - ok
18:40:37.0353 1744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:40:37.0383 1744 BrUsbMdm - ok
18:40:37.0391 1744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:40:37.0420 1744 BrUsbSer - ok
18:40:37.0451 1744 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
18:40:37.0480 1744 BthEnum - ok
18:40:37.0516 1744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:40:37.0546 1744 BTHMODEM - ok
18:40:37.0581 1744 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:40:37.0611 1744 BthPan - ok
18:40:37.0667 1744 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
18:40:37.0699 1744 BTHPORT - ok
18:40:37.0728 1744 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:40:37.0795 1744 bthserv - ok
18:40:37.0834 1744 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
18:40:37.0860 1744 BTHUSB - ok
18:40:37.0917 1744 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys
18:40:37.0952 1744 BTWAMPFL - ok
18:40:37.0979 1744 btwaudio (24bff9d75310f3059ee44f38bf0de0b2) C:\Windows\system32\drivers\btwaudio.sys
18:40:38.0001 1744 btwaudio - ok
18:40:38.0031 1744 btwavdt (858b305ade425732cff9ded182f94fb8) C:\Windows\system32\DRIVERS\btwavdt.sys
18:40:38.0054 1744 btwavdt - ok
18:40:38.0171 1744 btwdins (305097081be9a372484360c696f025ee) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
18:40:38.0212 1744 btwdins - ok
18:40:38.0244 1744 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:40:38.0265 1744 btwl2cap - ok
18:40:38.0281 1744 btwrchid (3bd876387d6c538690300f9ec198856b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:40:38.0301 1744 btwrchid - ok
18:40:38.0345 1744 cbfs3 (555fa105c22b1616094edad1cbfb0551) C:\Windows\system32\drivers\cbfs3.sys
18:40:38.0379 1744 cbfs3 - ok
18:40:38.0422 1744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:40:38.0492 1744 cdfs - ok
18:40:38.0531 1744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:40:38.0557 1744 cdrom - ok
18:40:38.0594 1744 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:40:38.0662 1744 CertPropSvc - ok
18:40:38.0690 1744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:40:38.0718 1744 circlass - ok
18:40:38.0748 1744 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE
18:40:38.0773 1744 CISVC - ok
18:40:38.0820 1744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:40:38.0851 1744 CLFS - ok
18:40:38.0931 1744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:40:38.0952 1744 clr_optimization_v2.0.50727_32 - ok
18:40:39.0024 1744 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:40:39.0047 1744 clr_optimization_v2.0.50727_64 - ok
18:40:39.0107 1744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:40:39.0129 1744 clr_optimization_v4.0.30319_32 - ok
18:40:39.0162 1744 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:40:39.0184 1744 clr_optimization_v4.0.30319_64 - ok
18:40:39.0192 1744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:40:39.0217 1744 CmBatt - ok
18:40:39.0249 1744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:40:39.0271 1744 cmdide - ok
18:40:39.0323 1744 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:40:39.0370 1744 CNG - ok
18:40:39.0558 1744 CodeMeter.exe (1c15404ea8fc42dab8a7b3765ed53e58) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:40:39.0636 1744 CodeMeter.exe - ok
18:40:39.0771 1744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:40:39.0794 1744 Compbatt - ok
18:40:39.0826 1744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:40:39.0857 1744 CompositeBus - ok
18:40:39.0866 1744 COMSysApp - ok
18:40:39.0903 1744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:40:39.0926 1744 crcdisk - ok
18:40:39.0969 1744 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:40:39.0996 1744 CryptSvc - ok
18:40:40.0057 1744 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:40:40.0132 1744 DcomLaunch - ok
18:40:40.0181 1744 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:40:40.0254 1744 defragsvc - ok
18:40:40.0297 1744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:40:40.0363 1744 DfsC - ok
18:40:40.0406 1744 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:40:40.0476 1744 Dhcp - ok
18:40:40.0509 1744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:40:40.0577 1744 discache - ok
18:40:40.0601 1744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:40:40.0624 1744 Disk - ok
18:40:40.0659 1744 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:40:40.0685 1744 Dnscache - ok
18:40:40.0735 1744 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:40:40.0804 1744 dot3svc - ok
18:40:40.0844 1744 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:40:40.0910 1744 DPS - ok
18:40:40.0935 1744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:40:40.0965 1744 drmkaud - ok
18:40:41.0047 1744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:40:41.0095 1744 DXGKrnl - ok
18:40:41.0121 1744 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:40:41.0191 1744 EapHost - ok
18:40:41.0409 1744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:40:41.0492 1744 ebdrv - ok
18:40:41.0600 1744 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:40:41.0626 1744 EFS - ok
18:40:41.0725 1744 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:40:41.0767 1744 ehRecvr - ok
18:40:41.0808 1744 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:40:41.0839 1744 ehSched - ok
18:40:41.0941 1744 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys
18:40:41.0964 1744 ElbyCDFL - ok
18:40:41.0980 1744 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
18:40:42.0003 1744 ElbyCDIO - ok
18:40:42.0070 1744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:40:42.0106 1744 elxstor - ok
18:40:42.0132 1744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:40:42.0158 1744 ErrDev - ok
18:40:42.0203 1744 ETD (a06dd18ea3630cb2d7ecede15ac21678) C:\Windows\system32\DRIVERS\ETD.sys
18:40:42.0230 1744 ETD - ok
18:40:42.0298 1744 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:40:42.0374 1744 EventSystem - ok
18:40:42.0418 1744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:40:42.0489 1744 exfat - ok
18:40:42.0517 1744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:40:42.0587 1744 fastfat - ok
18:40:42.0664 1744 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:40:42.0700 1744 Fax - ok
18:40:42.0727 1744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:40:42.0751 1744 fdc - ok
18:40:42.0789 1744 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:40:42.0856 1744 fdPHost - ok
18:40:42.0869 1744 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:40:42.0937 1744 FDResPub - ok
18:40:42.0960 1744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:40:42.0983 1744 FileInfo - ok
18:40:43.0018 1744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:40:43.0085 1744 Filetrace - ok
18:40:43.0106 1744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:40:43.0131 1744 flpydisk - ok
18:40:43.0183 1744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:40:43.0212 1744 FltMgr - ok
18:40:43.0319 1744 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:40:43.0364 1744 FontCache - ok
18:40:43.0445 1744 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:40:43.0464 1744 FontCache3.0.0.0 - ok
18:40:43.0507 1744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:40:43.0530 1744 FsDepends - ok
18:40:43.0556 1744 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:40:43.0579 1744 Fs_Rec - ok
18:40:43.0612 1744 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys
18:40:43.0633 1744 FTDIBUS - ok
18:40:43.0643 1744 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys
18:40:43.0662 1744 FTSER2K - ok
18:40:43.0706 1744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:40:43.0739 1744 fvevol - ok
18:40:43.0772 1744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:40:43.0795 1744 gagp30kx - ok
18:40:43.0878 1744 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:40:43.0956 1744 gpsvc - ok
18:40:43.0977 1744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:40:44.0002 1744 hcw85cir - ok
18:40:44.0051 1744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:40:44.0085 1744 HdAudAddService - ok
18:40:44.0108 1744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:40:44.0138 1744 HDAudBus - ok
18:40:44.0171 1744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:40:44.0196 1744 HidBatt - ok
18:40:44.0225 1744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:40:44.0256 1744 HidBth - ok
18:40:44.0264 1744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:40:44.0293 1744 HidIr - ok
18:40:44.0321 1744 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:40:44.0389 1744 hidserv - ok
18:40:44.0426 1744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:40:44.0451 1744 HidUsb - ok
18:40:44.0485 1744 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:40:44.0556 1744 hkmsvc - ok
18:40:44.0591 1744 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:40:44.0619 1744 HomeGroupListener - ok
18:40:44.0657 1744 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:40:44.0686 1744 HomeGroupProvider - ok
18:40:44.0719 1744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:40:44.0742 1744 HpSAMD - ok
18:40:44.0805 1744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:40:44.0884 1744 HTTP - ok
18:40:44.0925 1744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:40:44.0946 1744 hwpolicy - ok
18:40:44.0970 1744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:40:44.0996 1744 i8042prt - ok
18:40:45.0047 1744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:40:45.0083 1744 iaStorV - ok
18:40:45.0223 1744 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:40:45.0264 1744 idsvc - ok
18:40:45.0294 1744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:40:45.0319 1744 iirsp - ok
18:40:45.0401 1744 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:40:45.0485 1744 IKEEXT - ok
18:40:45.0684 1744 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys
18:40:45.0779 1744 IntcAzAudAddService - ok
18:40:45.0912 1744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:40:45.0933 1744 intelide - ok
18:40:45.0957 1744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:40:45.0983 1744 intelppm - ok
18:40:46.0023 1744 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:40:46.0095 1744 IPBusEnum - ok
18:40:46.0128 1744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:40:46.0195 1744 IpFilterDriver - ok
18:40:46.0268 1744 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:40:46.0346 1744 iphlpsvc - ok
18:40:46.0390 1744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:40:46.0415 1744 IPMIDRV - ok
18:40:46.0452 1744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:40:46.0521 1744 IPNAT - ok
18:40:46.0540 1744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:40:46.0573 1744 IRENUM - ok
18:40:46.0615 1744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:40:46.0640 1744 isapnp - ok
18:40:46.0679 1744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:40:46.0708 1744 iScsiPrt - ok
18:40:46.0734 1744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:40:46.0759 1744 kbdclass - ok
18:40:46.0793 1744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:40:46.0818 1744 kbdhid - ok
18:40:46.0854 1744 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:40:46.0883 1744 KeyIso - ok
18:40:46.0904 1744 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:40:46.0929 1744 KSecDD - ok
18:40:46.0948 1744 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:40:46.0973 1744 KSecPkg - ok
18:40:47.0002 1744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:40:47.0070 1744 ksthunk - ok
18:40:47.0121 1744 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:40:47.0204 1744 KtmRm - ok
18:40:47.0262 1744 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:40:47.0337 1744 LanmanServer - ok
18:40:47.0378 1744 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:40:47.0458 1744 LanmanWorkstation - ok
18:40:47.0478 1744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:40:47.0549 1744 lltdio - ok
18:40:47.0600 1744 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:40:47.0676 1744 lltdsvc - ok
18:40:47.0697 1744 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:40:47.0768 1744 lmhosts - ok
18:40:47.0800 1744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:40:47.0825 1744 LSI_FC - ok
18:40:47.0869 1744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:40:47.0894 1744 LSI_SAS - ok
18:40:47.0911 1744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:40:47.0937 1744 LSI_SAS2 - ok
18:40:47.0966 1744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:40:47.0991 1744 LSI_SCSI - ok
18:40:48.0100 1744 Ltn_stk7070P_64 (639d24e769bdbec6145e4c1921669b73) C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys
18:40:48.0132 1744 Ltn_stk7070P_64 - ok
18:40:48.0182 1744 Ltn_stkrc_64 (e028df5a96827a87898d4d7eb768e3ab) C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys
18:40:48.0206 1744 Ltn_stkrc_64 - ok
18:40:48.0227 1744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:40:48.0298 1744 luafv - ok
18:40:48.0446 1744 M4-Service (f1d72877fa97d617be70aefb3a30cd91) C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe
18:40:48.0491 1744 M4-Service - ok
18:40:48.0535 1744 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:40:48.0559 1744 MBAMProtector - ok
18:40:48.0678 1744 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:40:48.0716 1744 MBAMService - ok
18:40:48.0759 1744 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:40:48.0789 1744 Mcx2Svc - ok
18:40:48.0818 1744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:40:48.0842 1744 megasas - ok
18:40:48.0898 1744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:40:48.0928 1744 MegaSR - ok
18:40:48.0973 1744 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:40:49.0045 1744 MMCSS - ok
18:40:49.0063 1744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:40:49.0128 1744 Modem - ok
18:40:49.0157 1744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:40:49.0185 1744 monitor - ok
18:40:49.0214 1744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:40:49.0236 1744 mouclass - ok
18:40:49.0264 1744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:40:49.0288 1744 mouhid - ok
18:40:49.0327 1744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:40:49.0351 1744 mountmgr - ok
18:40:49.0419 1744 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:40:49.0445 1744 MozillaMaintenance - ok
18:40:49.0486 1744 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
18:40:49.0530 1744 MpFilter - ok
18:40:49.0571 1744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:40:49.0603 1744 mpio - ok
18:40:49.0656 1744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:40:49.0725 1744 mpsdrv - ok
18:40:49.0799 1744 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:40:49.0892 1744 MpsSvc - ok
18:40:49.0922 1744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:40:49.0956 1744 MRxDAV - ok
18:40:49.0990 1744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:40:50.0014 1744 mrxsmb - ok
18:40:50.0040 1744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:40:50.0067 1744 mrxsmb10 - ok
18:40:50.0080 1744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:40:50.0104 1744 mrxsmb20 - ok
18:40:50.0132 1744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:40:50.0154 1744 msahci - ok
18:40:50.0184 1744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:40:50.0208 1744 msdsm - ok
18:40:50.0246 1744 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:40:50.0273 1744 MSDTC - ok
18:40:50.0308 1744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:40:50.0372 1744 Msfs - ok
18:40:50.0383 1744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:40:50.0446 1744 mshidkmdf - ok
18:40:50.0467 1744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:40:50.0488 1744 msisadrv - ok
18:40:50.0530 1744 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:40:50.0598 1744 MSiSCSI - ok
18:40:50.0607 1744 msiserver - ok
18:40:50.0634 1744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:40:50.0698 1744 MSKSSRV - ok
18:40:50.0762 1744 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:40:50.0784 1744 MsMpSvc - ok
18:40:50.0813 1744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:40:50.0886 1744 MSPCLOCK - ok
18:40:50.0924 1744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:40:51.0001 1744 MSPQM - ok
18:40:51.0060 1744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:40:51.0094 1744 MsRPC - ok
18:40:51.0138 1744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:40:51.0161 1744 mssmbios - ok
18:40:51.0202 1744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:40:51.0273 1744 MSTEE - ok
18:40:51.0284 1744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:40:51.0310 1744 MTConfig - ok
18:40:51.0330 1744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:40:51.0354 1744 Mup - ok
18:40:51.0426 1744 mysql - ok
18:40:51.0487 1744 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:40:51.0566 1744 napagent - ok
18:40:51.0614 1744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:40:51.0655 1744 NativeWifiP - ok
18:40:51.0735 1744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:40:51.0785 1744 NDIS - ok
18:40:51.0911 1744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:40:51.0984 1744 NdisCap - ok
18:40:52.0031 1744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:40:52.0121 1744 NdisTapi - ok
18:40:52.0208 1744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:40:52.0288 1744 Ndisuio - ok
18:40:52.0365 1744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:40:52.0444 1744 NdisWan - ok
18:40:52.0497 1744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:40:52.0571 1744 NDProxy - ok
18:40:52.0608 1744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:40:52.0679 1744 NetBIOS - ok
18:40:52.0728 1744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:40:52.0802 1744 NetBT - ok
18:40:52.0839 1744 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:40:52.0871 1744 Netlogon - ok
18:40:52.0918 1744 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:40:52.0995 1744 Netman - ok
18:40:53.0105 1744 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:53.0128 1744 NetMsmqActivator - ok
18:40:53.0137 1744 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:53.0158 1744 NetPipeActivator - ok
18:40:53.0217 1744 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:40:53.0304 1744 netprofm - ok
18:40:53.0313 1744 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:53.0335 1744 NetTcpActivator - ok
18:40:53.0342 1744 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:53.0369 1744 NetTcpPortSharing - ok
18:40:53.0428 1744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:40:53.0450 1744 nfrd960 - ok
18:40:53.0490 1744 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:40:53.0511 1744 NisDrv - ok
18:40:53.0609 1744 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
18:40:53.0642 1744 NisSrv - ok
18:40:53.0700 1744 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:40:53.0777 1744 NlaSvc - ok
18:40:53.0799 1744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:40:53.0867 1744 Npfs - ok
18:40:53.0905 1744 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:40:53.0973 1744 nsi - ok
18:40:54.0024 1744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:40:54.0105 1744 nsiproxy - ok
18:40:54.0248 1744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:40:54.0317 1744 Ntfs - ok
18:40:54.0450 1744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:40:54.0518 1744 Null - ok
18:40:54.0555 1744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:40:54.0581 1744 nvraid - ok
18:40:54.0612 1744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:40:54.0641 1744 nvstor - ok
18:40:54.0665 1744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:40:54.0692 1744 nv_agp - ok
18:40:54.0809 1744 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:40:54.0840 1744 odserv - ok
18:40:54.0875 1744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:40:54.0901 1744 ohci1394 - ok
18:40:54.0941 1744 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:40:54.0965 1744 ose - ok
18:40:55.0021 1744 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:40:55.0053 1744 p2pimsvc - ok
18:40:55.0104 1744 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:40:55.0140 1744 p2psvc - ok
18:40:55.0188 1744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:40:55.0216 1744 Parport - ok
18:40:55.0260 1744 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:40:55.0285 1744 partmgr - ok
18:40:55.0334 1744 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:40:55.0379 1744 PcaSvc - ok
18:40:55.0427 1744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:40:55.0454 1744 pci - ok
18:40:55.0481 1744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:40:55.0503 1744 pciide - ok
18:40:55.0546 1744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:40:55.0575 1744 pcmcia - ok
18:40:55.0598 1744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:40:55.0622 1744 pcw - ok
18:40:55.0725 1744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:40:55.0807 1744 PEAUTH - ok
18:40:55.0920 1744 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:40:55.0970 1744 PerfHost - ok
18:40:56.0163 1744 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:40:56.0255 1744 pla - ok
18:40:56.0302 1744 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:40:56.0336 1744 PlugPlay - ok
18:40:56.0358 1744 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:40:56.0386 1744 PNRPAutoReg - ok
18:40:56.0421 1744 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:40:56.0456 1744 PNRPsvc - ok
18:40:56.0526 1744 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:40:56.0617 1744 PolicyAgent - ok
18:40:56.0662 1744 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:40:56.0734 1744 Power - ok
18:40:56.0793 1744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:40:56.0859 1744 PptpMiniport - ok
18:40:56.0891 1744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:40:56.0916 1744 Processor - ok
18:40:56.0985 1744 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:40:57.0014 1744 ProfSvc - ok
18:40:57.0033 1744 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:40:57.0056 1744 ProtectedStorage - ok
18:40:57.0093 1744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:40:57.0159 1744 Psched - ok
18:40:57.0276 1744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:40:57.0344 1744 ql2300 - ok
18:40:57.0493 1744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:40:57.0518 1744 ql40xx - ok
18:40:57.0575 1744 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:40:57.0615 1744 QWAVE - ok
18:40:57.0647 1744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:40:57.0681 1744 QWAVEdrv - ok
18:40:57.0727 1744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:40:57.0792 1744 RasAcd - ok
18:40:57.0818 1744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:40:57.0885 1744 RasAgileVpn - ok
18:40:57.0921 1744 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:40:57.0992 1744 RasAuto - ok
18:40:58.0032 1744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:40:58.0102 1744 Rasl2tp - ok
18:40:58.0163 1744 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:40:58.0233 1744 RasMan - ok
18:40:58.0266 1744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:40:58.0338 1744 RasPppoe - ok
18:40:58.0351 1744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:40:58.0439 1744 RasSstp - ok
18:40:58.0481 1744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:40:58.0564 1744 rdbss - ok
18:40:58.0597 1744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:40:58.0626 1744 rdpbus - ok
18:40:58.0645 1744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:40:58.0711 1744 RDPCDD - ok
18:40:58.0729 1744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:40:58.0793 1744 RDPENCDD - ok
18:40:58.0805 1744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:40:58.0869 1744 RDPREFMP - ok
18:40:58.0905 1744 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:40:58.0930 1744 RDPWD - ok
18:40:58.0974 1744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:40:59.0001 1744 rdyboost - ok
18:40:59.0043 1744 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:40:59.0113 1744 RemoteAccess - ok
18:40:59.0149 1744 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:40:59.0219 1744 RemoteRegistry - ok
18:40:59.0257 1744 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:40:59.0288 1744 RFCOMM - ok
18:40:59.0337 1744 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:40:59.0404 1744 RpcEptMapper - ok
18:40:59.0431 1744 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:40:59.0456 1744 RpcLocator - ok
18:40:59.0528 1744 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:40:59.0605 1744 RpcSs - ok
18:40:59.0645 1744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:40:59.0711 1744 rspndr - ok
18:40:59.0779 1744 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:40:59.0812 1744 RTL8167 - ok
18:40:59.0833 1744 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
18:40:59.0852 1744 SABI - ok
18:40:59.0877 1744 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:40:59.0901 1744 SamSs - ok
18:40:59.0939 1744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:40:59.0963 1744 sbp2port - ok
18:41:00.0005 1744 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:41:00.0074 1744 SCardSvr - ok
18:41:00.0106 1744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:41:00.0200 1744 scfilter - ok
18:41:00.0311 1744 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:41:00.0407 1744 Schedule - ok
18:41:00.0439 1744 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:41:00.0505 1744 SCPolicySvc - ok
18:41:00.0538 1744 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:41:00.0565 1744 SDRSVC - ok
18:41:00.0615 1744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:41:00.0682 1744 secdrv - ok
18:41:00.0709 1744 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:41:00.0775 1744 seclogon - ok
18:41:00.0816 1744 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:41:00.0884 1744 SENS - ok
18:41:00.0899 1744 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:41:00.0926 1744 SensrSvc - ok
18:41:00.0952 1744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:41:00.0976 1744 Serenum - ok
18:41:00.0998 1744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:41:01.0023 1744 Serial - ok
18:41:01.0063 1744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:41:01.0085 1744 sermouse - ok
18:41:01.0140 1744 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:41:01.0207 1744 SessionEnv - ok
18:41:01.0243 1744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:41:01.0303 1744 sffdisk - ok
18:41:01.0320 1744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:41:01.0344 1744 sffp_mmc - ok
18:41:01.0360 1744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:41:01.0387 1744 sffp_sd - ok
18:41:01.0419 1744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:41:01.0441 1744 sfloppy - ok
18:41:01.0506 1744 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:41:01.0577 1744 SharedAccess - ok
18:41:01.0633 1744 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:41:01.0705 1744 ShellHWDetection - ok
18:41:01.0726 1744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:41:01.0747 1744 SiSRaid2 - ok
18:41:01.0783 1744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:41:01.0806 1744 SiSRaid4 - ok
18:41:01.0878 1744 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
18:41:01.0900 1744 SkypeUpdate - ok
18:41:01.0928 1744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:41:01.0996 1744 Smb - ok
18:41:02.0098 1744 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:41:02.0138 1744 SNMPTRAP - ok
18:41:02.0177 1744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:41:02.0198 1744 spldr - ok
18:41:02.0262 1744 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:41:02.0339 1744 Spooler - ok
18:41:02.0590 1744 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:41:02.0748 1744 sppsvc - ok
18:41:02.0861 1744 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:41:02.0936 1744 sppuinotify - ok
18:41:03.0013 1744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:41:03.0044 1744 srv - ok
18:41:03.0072 1744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:41:03.0100 1744 srv2 - ok
18:41:03.0116 1744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:41:03.0140 1744 srvnet - ok
18:41:03.0197 1744 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:41:03.0268 1744 SSDPSRV - ok
18:41:03.0289 1744 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:41:03.0369 1744 SstpSvc - ok
18:41:03.0434 1744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:41:03.0459 1744 stexstor - ok
18:41:03.0493 1744 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
18:41:03.0520 1744 StillCam - ok
18:41:03.0585 1744 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:41:03.0637 1744 stisvc - ok
18:41:03.0669 1744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:41:03.0691 1744 swenum - ok
18:41:03.0811 1744 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:41:03.0850 1744 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:41:03.0850 1744 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:41:03.0915 1744 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:41:03.0992 1744 swprv - ok
18:41:04.0154 1744 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:41:04.0224 1744 SysMain - ok
18:41:04.0347 1744 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:41:04.0389 1744 TabletInputService - ok
18:41:04.0438 1744 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:41:04.0509 1744 TapiSrv - ok
18:41:04.0552 1744 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:41:04.0621 1744 TBS - ok
18:41:04.0806 1744 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:41:04.0889 1744 Tcpip - ok
18:41:05.0147 1744 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:41:05.0223 1744 TCPIP6 - ok
18:41:05.0366 1744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:41:05.0438 1744 tcpipreg - ok
18:41:05.0480 1744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:41:05.0504 1744 TDPIPE - ok
18:41:05.0534 1744 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:41:05.0558 1744 TDTCP - ok
18:41:05.0603 1744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:41:05.0671 1744 tdx - ok
18:41:06.0102 1744 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:41:06.0208 1744 TeamViewer7 - ok
18:41:06.0353 1744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:41:06.0378 1744 TermDD - ok
18:41:06.0451 1744 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:41:06.0532 1744 TermService - ok
18:41:06.0571 1744 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:41:06.0609 1744 Themes - ok
18:41:06.0651 1744 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:41:06.0722 1744 THREADORDER - ok
18:41:06.0771 1744 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:41:06.0841 1744 TrkWks - ok
18:41:06.0914 1744 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:41:06.0985 1744 TrustedInstaller - ok
18:41:07.0021 1744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:41:07.0089 1744 tssecsrv - ok
18:41:07.0123 1744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:41:07.0149 1744 TsUsbFlt - ok
18:41:07.0493 1744 TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:41:07.0570 1744 TuneUp.UtilitiesSvc - ok
18:41:07.0643 1744 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:41:07.0664 1744 TuneUpUtilitiesDrv - ok
18:41:07.0803 1744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:41:07.0872 1744 tunnel - ok
18:41:07.0902 1744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:41:07.0926 1744 uagp35 - ok
18:41:07.0983 1744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:41:08.0054 1744 udfs - ok
18:41:08.0102 1744 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:41:08.0131 1744 UI0Detect - ok
18:41:08.0157 1744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:41:08.0180 1744 uliagpkx - ok
18:41:08.0206 1744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:41:08.0231 1744 umbus - ok
18:41:08.0268 1744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:41:08.0291 1744 UmPass - ok
18:41:08.0345 1744 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:41:08.0420 1744 upnphost - ok
18:41:08.0456 1744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:41:08.0481 1744 usbccgp - ok
18:41:08.0515 1744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:41:08.0546 1744 usbcir - ok
18:41:08.0568 1744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:41:08.0591 1744 usbehci - ok
18:41:08.0628 1744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:41:08.0659 1744 usbhub - ok
18:41:08.0688 1744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:41:08.0715 1744 usbohci - ok
18:41:08.0742 1744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:41:08.0771 1744 usbprint - ok
18:41:08.0793 1744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:41:08.0818 1744 USBSTOR - ok
18:41:08.0852 1744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:41:08.0875 1744 usbuhci - ok
18:41:08.0911 1744 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:41:08.0949 1744 usbvideo - ok
18:41:08.0985 1744 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:41:09.0055 1744 UxSms - ok
18:41:09.0121 1744 UxTuneUp (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll
18:41:09.0143 1744 UxTuneUp - ok
18:41:09.0167 1744 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:41:09.0196 1744 VaultSvc - ok
18:41:09.0229 1744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:41:09.0250 1744 vdrvroot - ok
18:41:09.0306 1744 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:41:09.0384 1744 vds - ok
18:41:09.0415 1744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:41:09.0448 1744 vga - ok
18:41:09.0468 1744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:41:09.0537 1744 VgaSave - ok
18:41:09.0588 1744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:41:09.0617 1744 vhdmp - ok
18:41:09.0639 1744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:41:09.0663 1744 viaide - ok
18:41:09.0692 1744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:41:09.0717 1744 volmgr - ok
18:41:09.0779 1744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:41:09.0811 1744 volmgrx - ok
18:41:09.0861 1744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:41:09.0891 1744 volsnap - ok
18:41:09.0935 1744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:41:09.0962 1744 vsmraid - ok
18:41:10.0079 1744 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:41:10.0176 1744 VSS - ok
18:41:10.0297 1744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:41:10.0327 1744 vwifibus - ok
18:41:10.0344 1744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:41:10.0378 1744 vwififlt - ok
18:41:10.0399 1744 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:41:10.0431 1744 vwifimp - ok
18:41:10.0485 1744 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:41:10.0561 1744 W32Time - ok
18:41:10.0588 1744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:41:10.0612 1744 WacomPen - ok
18:41:10.0649 1744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:41:10.0724 1744 WANARP - ok
18:41:10.0731 1744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:41:10.0800 1744 Wanarpv6 - ok
18:41:11.0082 1744 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:41:11.0137 1744 WatAdminSvc - ok
18:41:11.0260 1744 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:41:11.0313 1744 wbengine - ok
18:41:11.0423 1744 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:41:11.0463 1744 WbioSrvc - ok
18:41:11.0518 1744 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:41:11.0560 1744 wcncsvc - ok
18:41:11.0596 1744 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:41:11.0624 1744 WcsPlugInService - ok
18:41:11.0680 1744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:41:11.0702 1744 Wd - ok
18:41:11.0768 1744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:41:11.0806 1744 Wdf01000 - ok
18:41:11.0843 1744 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:41:11.0882 1744 WdiServiceHost - ok
18:41:11.0890 1744 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:41:11.0927 1744 WdiSystemHost - ok
18:41:11.0973 1744 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:41:12.0013 1744 WebClient - ok
18:41:12.0060 1744 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:41:12.0134 1744 Wecsvc - ok
18:41:12.0162 1744 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:41:12.0236 1744 wercplsupport - ok
18:41:12.0261 1744 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:41:12.0333 1744 WerSvc - ok
18:41:12.0487 1744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:41:12.0553 1744 WfpLwf - ok
18:41:12.0578 1744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:41:12.0601 1744 WIMMount - ok
18:41:12.0627 1744 WinDefend - ok
18:41:12.0648 1744 WinHttpAutoProxySvc - ok
18:41:12.0725 1744 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:41:12.0796 1744 Winmgmt - ok
18:41:12.0851 1744 WinRiskXASmClSoftwareUpdate (e694974965e268f8224cc37fabb67596) C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe
18:41:12.0861 1744 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - warning
18:41:12.0861 1744 WinRiskXASmClSoftwareUpdate - detected UnsignedFile.Multi.Generic (1)
18:41:13.0015 1744 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:41:13.0119 1744 WinRM - ok
18:41:13.0309 1744 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:41:13.0361 1744 Wlansvc - ok
18:41:13.0417 1744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:41:13.0442 1744 WmiAcpi - ok
18:41:13.0515 1744 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:41:13.0543 1744 wmiApSrv - ok
18:41:13.0573 1744 WMPNetworkSvc - ok
18:41:13.0602 1744 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:41:13.0629 1744 WPCSvc - ok
18:41:13.0672 1744 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:41:13.0702 1744 WPDBusEnum - ok
18:41:13.0726 1744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:41:13.0791 1744 ws2ifsl - ok
18:41:13.0838 1744 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:41:13.0874 1744 wscsvc - ok
18:41:13.0882 1744 WSearch - ok
18:41:14.0068 1744 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:41:14.0156 1744 wuauserv - ok
18:41:14.0286 1744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:41:14.0352 1744 WudfPf - ok
18:41:14.0387 1744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:41:14.0454 1744 WUDFRd - ok
18:41:14.0504 1744 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:41:14.0574 1744 wudfsvc - ok
18:41:14.0621 1744 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:41:14.0661 1744 WwanSvc - ok
18:41:14.0704 1744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:41:15.0069 1744 \Device\Harddisk0\DR0 - ok
18:41:15.0077 1744 Boot (0x1200) (3efce229d8639413c350b46bacaf68ec) \Device\Harddisk0\DR0\Partition0
18:41:15.0080 1744 \Device\Harddisk0\DR0\Partition0 - ok
18:41:15.0160 1744 Boot (0x1200) (f379b40a9d0f84d17e5e28a143d0d8a9) \Device\Harddisk0\DR0\Partition1
18:41:15.0178 1744 \Device\Harddisk0\DR0\Partition1 - ok
18:41:15.0217 1744 Boot (0x1200) (bf212a161a988d745538ff01a672611e) \Device\Harddisk0\DR0\Partition2
18:41:15.0311 1744 \Device\Harddisk0\DR0\Partition2 - ok
18:41:15.0314 1744 ============================================================
18:41:15.0315 1744 Scan finished
18:41:15.0315 1744 ============================================================
18:41:15.0341 4304 Detected object count: 3
18:41:15.0341 4304 Actual detected object count: 3
18:41:25.0845 4304 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:41:25.0845 4304 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:41:25.0846 4304 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:41:25.0846 4304 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:41:25.0851 4304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
18:41:25.0852 4304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:43:13.0446 2304 ============================================================
18:43:13.0446 2304 Scan started
18:43:13.0446 2304 Mode: Manual; SigCheck; TDLFS;
18:43:13.0446 2304 ============================================================
18:43:13.0906 2304 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:43:13.0947 2304 1394ohci - ok
18:43:13.0990 2304 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:43:14.0019 2304 ACPI - ok
18:43:14.0043 2304 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:43:14.0071 2304 AcpiPmi - ok
18:43:14.0139 2304 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:43:14.0173 2304 adp94xx - ok
18:43:14.0207 2304 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:43:14.0236 2304 adpahci - ok
18:43:14.0281 2304 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:43:14.0306 2304 adpu320 - ok
18:43:14.0347 2304 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:43:14.0414 2304 AeLookupSvc - ok
18:43:14.0474 2304 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:43:14.0506 2304 AFD - ok
18:43:14.0538 2304 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:43:14.0560 2304 agp440 - ok
18:43:14.0594 2304 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:43:14.0618 2304 ALG - ok
18:43:14.0650 2304 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:43:14.0670 2304 aliide - ok
18:43:14.0716 2304 AMD External Events Utility (8743eeca8cea54555fc584090b16de9d) C:\Windows\system32\atiesrxx.exe
18:43:14.0747 2304 AMD External Events Utility - ok
18:43:14.0769 2304 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:43:14.0790 2304 amdide - ok
18:43:14.0813 2304 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:43:14.0837 2304 AmdK8 - ok
18:43:15.0480 2304 amdkmdag (0a97540b21807e5e77dfd6ff2ca86e2a) C:\Windows\system32\DRIVERS\atikmdag.sys
18:43:15.0685 2304 amdkmdag - ok
18:43:15.0871 2304 amdkmdap (a11c4af5e8777f13ce7df011e892239c) C:\Windows\system32\DRIVERS\atikmpag.sys
18:43:15.0925 2304 amdkmdap - ok
18:43:15.0955 2304 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:43:15.0977 2304 AmdPPM - ok
18:43:16.0012 2304 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:43:16.0035 2304 amdsata - ok
18:43:16.0076 2304 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:43:16.0102 2304 amdsbs - ok
18:43:16.0135 2304 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:43:16.0156 2304 amdxata - ok
18:43:16.0236 2304 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:43:16.0280 2304 AntiVirSchedulerService - ok
18:43:16.0298 2304 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:43:16.0318 2304 AntiVirService - ok
18:43:16.0371 2304 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) c:\xampp\apache\bin\httpd.exe
18:43:16.0378 2304 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
18:43:16.0378 2304 Apache2.2 - detected UnsignedFile.Multi.Generic (1)
18:43:16.0413 2304 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:43:16.0476 2304 AppID - ok
18:43:16.0508 2304 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:43:16.0572 2304 AppIDSvc - ok
18:43:16.0598 2304 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:43:16.0660 2304 Appinfo - ok
18:43:16.0686 2304 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:43:16.0710 2304 arc - ok
18:43:16.0741 2304 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:43:16.0764 2304 arcsas - ok
18:43:16.0880 2304 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:43:16.0916 2304 aspnet_state - ok
18:43:16.0944 2304 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:43:17.0008 2304 AsyncMac - ok
18:43:17.0044 2304 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:43:17.0065 2304 atapi - ok
18:43:17.0110 2304 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
18:43:17.0139 2304 AtiHDAudioService - ok
18:43:17.0220 2304 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:43:17.0298 2304 AudioEndpointBuilder - ok
18:43:17.0310 2304 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:43:17.0385 2304 AudioSrv - ok
18:43:17.0425 2304 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
18:43:17.0447 2304 avgntflt - ok
18:43:17.0473 2304 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
18:43:17.0497 2304 avipbb - ok
18:43:17.0516 2304 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
18:43:17.0536 2304 avkmgr - ok
18:43:17.0576 2304 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:43:17.0609 2304 AxInstSV - ok
18:43:17.0662 2304 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:43:17.0691 2304 b06bdrv - ok
18:43:17.0720 2304 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:43:17.0747 2304 b57nd60a - ok
18:43:18.0093 2304 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:43:18.0234 2304 BCM43XX - ok
18:43:18.0340 2304 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:43:18.0369 2304 BDESVC - ok
18:43:18.0425 2304 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:43:18.0502 2304 Beep - ok
18:43:18.0575 2304 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:43:18.0661 2304 BFE - ok
18:43:18.0743 2304 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:43:18.0821 2304 BITS - ok
18:43:18.0882 2304 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:43:18.0912 2304 blbdrive - ok
18:43:18.0947 2304 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:43:18.0969 2304 bowser - ok
18:43:19.0000 2304 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:43:19.0026 2304 BrFiltLo - ok
18:43:19.0033 2304 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:43:19.0061 2304 BrFiltUp - ok
18:43:19.0096 2304 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:43:19.0160 2304 Browser - ok
18:43:19.0213 2304 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:43:19.0243 2304 Brserid - ok
18:43:19.0251 2304 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:43:19.0279 2304 BrSerWdm - ok
18:43:19.0286 2304 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:43:19.0315 2304 BrUsbMdm - ok
18:43:19.0321 2304 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:43:19.0345 2304 BrUsbSer - ok
18:43:19.0374 2304 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
18:43:19.0397 2304 BthEnum - ok
18:43:19.0429 2304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:43:19.0457 2304 BTHMODEM - ok
18:43:19.0495 2304 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:43:19.0525 2304 BthPan - ok
18:43:19.0585 2304 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
18:43:19.0621 2304 BTHPORT - ok
18:43:19.0652 2304 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:43:19.0717 2304 bthserv - ok
18:43:19.0756 2304 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
18:43:19.0778 2304 BTHUSB - ok
18:43:19.0833 2304 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys
18:43:19.0863 2304 BTWAMPFL - ok
18:43:19.0903 2304 btwaudio (24bff9d75310f3059ee44f38bf0de0b2) C:\Windows\system32\drivers\btwaudio.sys
18:43:19.0925 2304 btwaudio - ok
18:43:19.0955 2304 btwavdt (858b305ade425732cff9ded182f94fb8) C:\Windows\system32\DRIVERS\btwavdt.sys
18:43:19.0977 2304 btwavdt - ok
18:43:20.0108 2304 btwdins (305097081be9a372484360c696f025ee) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
18:43:20.0169 2304 btwdins - ok
18:43:20.0236 2304 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:43:20.0257 2304 btwl2cap - ok
18:43:20.0328 2304 btwrchid (3bd876387d6c538690300f9ec198856b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:43:20.0347 2304 btwrchid - ok
18:43:20.0426 2304 cbfs3 (555fa105c22b1616094edad1cbfb0551) C:\Windows\system32\drivers\cbfs3.sys
18:43:20.0463 2304 cbfs3 - ok
18:43:20.0502 2304 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:43:20.0571 2304 cdfs - ok
18:43:20.0611 2304 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:43:20.0636 2304 cdrom - ok
18:43:20.0674 2304 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:43:20.0740 2304 CertPropSvc - ok
18:43:20.0769 2304 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:43:20.0799 2304 circlass - ok
18:43:20.0828 2304 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE
18:43:20.0853 2304 CISVC - ok
18:43:20.0901 2304 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:43:20.0932 2304 CLFS - ok
18:43:21.0000 2304 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:21.0021 2304 clr_optimization_v2.0.50727_32 - ok
18:43:21.0092 2304 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:43:21.0114 2304 clr_optimization_v2.0.50727_64 - ok
18:43:21.0176 2304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:43:21.0197 2304 clr_optimization_v4.0.30319_32 - ok
18:43:21.0230 2304 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:43:21.0254 2304 clr_optimization_v4.0.30319_64 - ok
18:43:21.0260 2304 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:43:21.0284 2304 CmBatt - ok
18:43:21.0317 2304 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:43:21.0339 2304 cmdide - ok
18:43:21.0393 2304 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:43:21.0440 2304 CNG - ok
18:43:21.0633 2304 CodeMeter.exe (1c15404ea8fc42dab8a7b3765ed53e58) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:43:21.0712 2304 CodeMeter.exe - ok
18:43:21.0851 2304 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:43:21.0877 2304 Compbatt - ok
18:43:21.0905 2304 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:43:21.0932 2304 CompositeBus - ok
18:43:21.0939 2304 COMSysApp - ok
18:43:21.0971 2304 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:43:21.0992 2304 crcdisk - ok
18:43:22.0039 2304 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:43:22.0065 2304 CryptSvc - ok
18:43:22.0129 2304 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:43:22.0212 2304 DcomLaunch - ok
18:43:22.0263 2304 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:43:22.0336 2304 defragsvc - ok
18:43:22.0377 2304 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:43:22.0441 2304 DfsC - ok
18:43:22.0489 2304 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:43:22.0558 2304 Dhcp - ok
18:43:22.0577 2304 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:43:22.0642 2304 discache - ok
18:43:22.0659 2304 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:43:22.0681 2304 Disk - ok
18:43:22.0716 2304 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:43:22.0740 2304 Dnscache - ok
18:43:22.0783 2304 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:43:22.0857 2304 dot3svc - ok
18:43:22.0901 2304 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:43:22.0966 2304 DPS - ok
18:43:22.0992 2304 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:43:23.0019 2304 drmkaud - ok
18:43:23.0118 2304 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:43:23.0163 2304 DXGKrnl - ok
18:43:23.0201 2304 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:43:23.0273 2304 EapHost - ok
18:43:23.0514 2304 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:43:23.0602 2304 ebdrv - ok
18:43:23.0701 2304 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:43:23.0727 2304 EFS - ok
18:43:23.0811 2304 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:43:23.0846 2304 ehRecvr - ok
18:43:23.0886 2304 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:43:23.0911 2304 ehSched - ok
18:43:23.0977 2304 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys
18:43:24.0018 2304 ElbyCDFL - ok
18:43:24.0037 2304 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
18:43:24.0057 2304 ElbyCDIO - ok
18:43:24.0120 2304 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:43:24.0173 2304 elxstor - ok
18:43:24.0212 2304 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:43:24.0237 2304 ErrDev - ok
18:43:24.0292 2304 ETD (a06dd18ea3630cb2d7ecede15ac21678) C:\Windows\system32\DRIVERS\ETD.sys
18:43:24.0319 2304 ETD - ok
18:43:24.0399 2304 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:43:24.0478 2304 EventSystem - ok
18:43:24.0521 2304 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:43:24.0588 2304 exfat - ok
18:43:24.0619 2304 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:43:24.0686 2304 fastfat - ok
18:43:24.0761 2304 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:43:24.0796 2304 Fax - ok
18:43:24.0830 2304 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:43:24.0868 2304 fdc - ok
18:43:24.0902 2304 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:43:24.0967 2304 fdPHost - ok
18:43:24.0975 2304 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:43:25.0040 2304 FDResPub - ok
18:43:25.0062 2304 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:43:25.0084 2304 FileInfo - ok
18:43:25.0120 2304 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:43:25.0184 2304 Filetrace - ok
18:43:25.0198 2304 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:25.0220 2304 flpydisk - ok
18:43:25.0265 2304 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:43:25.0294 2304 FltMgr - ok
18:43:25.0436 2304 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:43:25.0487 2304 FontCache - ok
18:43:25.0573 2304 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:25.0595 2304 FontCache3.0.0.0 - ok
18:43:25.0655 2304 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:43:25.0678 2304 FsDepends - ok
18:43:25.0703 2304 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:43:25.0725 2304 Fs_Rec - ok
18:43:25.0759 2304 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys
18:43:25.0777 2304 FTDIBUS - ok
18:43:25.0787 2304 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys
18:43:25.0806 2304 FTSER2K - ok
18:43:25.0854 2304 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:43:25.0888 2304 fvevol - ok
18:43:25.0919 2304 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:43:25.0942 2304 gagp30kx - ok
18:43:26.0022 2304 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:43:26.0110 2304 gpsvc - ok
18:43:26.0146 2304 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:43:26.0176 2304 hcw85cir - ok
18:43:26.0236 2304 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:43:26.0279 2304 HdAudAddService - ok
18:43:26.0311 2304 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:43:26.0346 2304 HDAudBus - ok
18:43:26.0373 2304 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:43:26.0395 2304 HidBatt - ok
18:43:26.0416 2304 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:43:26.0444 2304 HidBth - ok
18:43:26.0451 2304 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:43:26.0479 2304 HidIr - ok
18:43:26.0501 2304 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:43:26.0568 2304 hidserv - ok
18:43:26.0595 2304 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:43:26.0618 2304 HidUsb - ok
18:43:26.0653 2304 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:43:26.0718 2304 hkmsvc - ok
18:43:26.0762 2304 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:43:26.0788 2304 HomeGroupListener - ok
18:43:26.0817 2304 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:43:26.0843 2304 HomeGroupProvider - ok
18:43:26.0889 2304 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:43:26.0911 2304 HpSAMD - ok
18:43:26.0979 2304 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:43:27.0058 2304 HTTP - ok
18:43:27.0083 2304 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:43:27.0104 2304 hwpolicy - ok
18:43:27.0129 2304 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:43:27.0152 2304 i8042prt - ok
18:43:27.0207 2304 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:43:27.0242 2304 iaStorV - ok
18:43:27.0397 2304 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:43:27.0443 2304 idsvc - ok
18:43:27.0474 2304 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:43:27.0496 2304 iirsp - ok
18:43:27.0584 2304 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:43:27.0661 2304 IKEEXT - ok
18:43:27.0872 2304 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys
18:43:27.0975 2304 IntcAzAudAddService - ok
18:43:28.0103 2304 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:43:28.0129 2304 intelide - ok
18:43:28.0175 2304 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:43:28.0197 2304 intelppm - ok
18:43:28.0238 2304 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:43:28.0305 2304 IPBusEnum - ok
18:43:28.0331 2304 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:28.0394 2304 IpFilterDriver - ok
18:43:28.0460 2304 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:43:28.0539 2304 iphlpsvc - ok
18:43:28.0582 2304 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:43:28.0605 2304 IPMIDRV - ok
18:43:28.0644 2304 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:43:28.0710 2304 IPNAT - ok
18:43:28.0732 2304 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:43:28.0761 2304 IRENUM - ok
18:43:28.0796 2304 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:43:28.0817 2304 isapnp - ok
18:43:28.0848 2304 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:43:28.0876 2304 iScsiPrt - ok
18:43:28.0902 2304 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:43:28.0923 2304 kbdclass - ok
18:43:28.0951 2304 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:43:28.0974 2304 kbdhid - ok
18:43:29.0002 2304 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:43:29.0024 2304 KeyIso - ok
18:43:29.0045 2304 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:43:29.0068 2304 KSecDD - ok
18:43:29.0095 2304 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:43:29.0120 2304 KSecPkg - ok
18:43:29.0148 2304 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:43:29.0212 2304 ksthunk - ok
18:43:29.0268 2304 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:43:29.0346 2304 KtmRm - ok
18:43:29.0386 2304 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:43:29.0454 2304 LanmanServer - ok
18:43:29.0486 2304 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:43:29.0553 2304 LanmanWorkstation - ok
18:43:29.0569 2304 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:43:29.0634 2304 lltdio - ok
18:43:29.0689 2304 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:43:29.0776 2304 lltdsvc - ok
18:43:29.0799 2304 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:43:29.0864 2304 lmhosts - ok
18:43:29.0890 2304 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:43:29.0914 2304 LSI_FC - ok
18:43:29.0949 2304 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:43:29.0973 2304 LSI_SAS - ok
18:43:29.0991 2304 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:43:30.0013 2304 LSI_SAS2 - ok
18:43:30.0034 2304 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:43:30.0058 2304 LSI_SCSI - ok
18:43:30.0121 2304 Ltn_stk7070P_64 (639d24e769bdbec6145e4c1921669b73) C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys
18:43:30.0153 2304 Ltn_stk7070P_64 - ok
18:43:30.0183 2304 Ltn_stkrc_64 (e028df5a96827a87898d4d7eb768e3ab) C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys
18:43:30.0202 2304 Ltn_stkrc_64 - ok
18:43:30.0227 2304 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:43:30.0292 2304 luafv - ok
18:43:30.0663 2304 M4-Service (f1d72877fa97d617be70aefb3a30cd91) C:\Users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe
18:43:30.0714 2304 M4-Service - ok
18:43:30.0737 2304 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:43:30.0760 2304 MBAMProtector - ok
18:43:30.0881 2304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:43:30.0920 2304 MBAMService - ok
18:43:30.0960 2304 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:43:30.0991 2304 Mcx2Svc - ok
18:43:31.0031 2304 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:43:31.0054 2304 megasas - ok
18:43:31.0103 2304 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:43:31.0133 2304 MegaSR - ok
18:43:31.0177 2304 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:43:31.0249 2304 MMCSS - ok
18:43:31.0264 2304 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:43:31.0330 2304 Modem - ok
18:43:31.0359 2304 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:43:31.0387 2304 monitor - ok
18:43:31.0415 2304 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:43:31.0437 2304 mouclass - ok
18:43:31.0465 2304 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:43:31.0488 2304 mouhid - ok
18:43:31.0528 2304 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:43:31.0552 2304 mountmgr - ok
18:43:31.0599 2304 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:43:31.0621 2304 MozillaMaintenance - ok
18:43:31.0655 2304 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
18:43:31.0683 2304 MpFilter - ok
18:43:31.0722 2304 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:43:31.0747 2304 mpio - ok
18:43:31.0776 2304 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:43:31.0841 2304 mpsdrv - ok
18:43:31.0931 2304 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:43:32.0026 2304 MpsSvc - ok
18:43:32.0068 2304 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:43:32.0109 2304 MRxDAV - ok
18:43:32.0157 2304 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:32.0185 2304 mrxsmb - ok
18:43:32.0224 2304 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:32.0253 2304 mrxsmb10 - ok
18:43:32.0265 2304 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:32.0288 2304 mrxsmb20 - ok
18:43:32.0311 2304 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:43:32.0332 2304 msahci - ok
18:43:32.0362 2304 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:43:32.0387 2304 msdsm - ok
18:43:32.0425 2304 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:43:32.0452 2304 MSDTC - ok
18:43:32.0487 2304 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:43:32.0550 2304 Msfs - ok
18:43:32.0562 2304 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:43:32.0625 2304 mshidkmdf - ok
18:43:32.0646 2304 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:43:32.0667 2304 msisadrv - ok
18:43:32.0709 2304 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:43:32.0779 2304 MSiSCSI - ok
18:43:32.0791 2304 msiserver - ok
18:43:32.0833 2304 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:43:32.0905 2304 MSKSSRV - ok
18:43:32.0963 2304 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:43:32.0986 2304 MsMpSvc - ok
18:43:33.0015 2304 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:33.0097 2304 MSPCLOCK - ok
18:43:33.0125 2304 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:43:33.0200 2304 MSPQM - ok
18:43:33.0256 2304 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:43:33.0287 2304 MsRPC - ok
18:43:33.0317 2304 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:43:33.0339 2304 mssmbios - ok
18:43:33.0389 2304 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:43:33.0477 2304 MSTEE - ok
18:43:33.0484 2304 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:43:33.0506 2304 MTConfig - ok
18:43:33.0532 2304 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:43:33.0554 2304 Mup - ok
18:43:33.0627 2304 mysql - ok
18:43:33.0690 2304 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:43:33.0773 2304 napagent - ok
18:43:33.0824 2304 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:43:33.0866 2304 NativeWifiP - ok
18:43:33.0949 2304 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:43:34.0000 2304 NDIS - ok
18:43:34.0025 2304 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:43:34.0089 2304 NdisCap - ok
18:43:34.0105 2304 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:34.0169 2304 NdisTapi - ok
18:43:34.0193 2304 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:34.0256 2304 Ndisuio - ok
18:43:34.0293 2304 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:34.0358 2304 NdisWan - ok
18:43:34.0387 2304 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:43:34.0450 2304 NDProxy - ok
18:43:34.0487 2304 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:43:34.0552 2304 NetBIOS - ok
18:43:34.0599 2304 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:43:34.0665 2304 NetBT - ok
18:43:34.0690 2304 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:43:34.0713 2304 Netlogon - ok
18:43:34.0766 2304 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:43:34.0842 2304 Netman - ok
18:43:34.0951 2304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:34.0974 2304 NetMsmqActivator - ok
18:43:34.0989 2304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:35.0012 2304 NetPipeActivator - ok
18:43:35.0091 2304 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:43:35.0171 2304 netprofm - ok
18:43:35.0189 2304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:35.0219 2304 NetTcpActivator - ok
18:43:35.0239 2304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:35.0261 2304 NetTcpPortSharing - ok
18:43:35.0330 2304 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:43:35.0353 2304 nfrd960 - ok
18:43:35.0387 2304 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:43:35.0409 2304 NisDrv - ok
18:43:35.0491 2304 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
18:43:35.0529 2304 NisSrv - ok
18:43:35.0576 2304 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:43:35.0646 2304 NlaSvc - ok
18:43:35.0669 2304 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:43:35.0735 2304 Npfs - ok
18:43:35.0820 2304 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:43:35.0895 2304 nsi - ok
18:43:35.0915 2304 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:43:35.0980 2304 nsiproxy - ok
18:43:36.0120 2304 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:43:36.0187 2304 Ntfs - ok
18:43:36.0318 2304 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:43:36.0403 2304 Null - ok
18:43:36.0448 2304 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:43:36.0475 2304 nvraid - ok
18:43:36.0513 2304 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:43:36.0547 2304 nvstor - ok
18:43:36.0581 2304 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:43:36.0606 2304 nv_agp - ok
18:43:36.0736 2304 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:43:36.0766 2304 odserv - ok
18:43:36.0810 2304 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:43:36.0835 2304 ohci1394 - ok
18:43:36.0877 2304 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:36.0899 2304 ose - ok
18:43:36.0974 2304 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:43:37.0009 2304 p2pimsvc - ok
18:43:37.0064 2304 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:43:37.0101 2304 p2psvc - ok
18:43:37.0129 2304 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:43:37.0153 2304 Parport - ok
18:43:37.0184 2304 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:43:37.0206 2304 partmgr - ok
18:43:37.0248 2304 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:43:37.0283 2304 PcaSvc - ok
18:43:37.0328 2304 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:43:37.0354 2304 pci - ok
18:43:37.0371 2304 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:43:37.0392 2304 pciide - ok
18:43:37.0425 2304 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:43:37.0452 2304 pcmcia - ok
18:43:37.0477 2304 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:43:37.0499 2304 pcw - ok
18:43:37.0560 2304 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:43:37.0648 2304 PEAUTH - ok
18:43:37.0755 2304 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:43:37.0781 2304 PerfHost - ok
18:43:37.0913 2304 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:43:38.0010 2304 pla - ok
18:43:38.0073 2304 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:43:38.0113 2304 PlugPlay - ok
18:43:38.0137 2304 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:43:38.0161 2304 PNRPAutoReg - ok
18:43:38.0202 2304 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:43:38.0231 2304 PNRPsvc - ok
18:43:38.0293 2304 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:43:38.0365 2304 PolicyAgent - ok
18:43:38.0407 2304 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:43:38.0476 2304 Power - ok
18:43:38.0527 2304 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:43:38.0599 2304 PptpMiniport - ok
18:43:38.0626 2304 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:43:38.0649 2304 Processor - ok
18:43:38.0697 2304 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:43:38.0728 2304 ProfSvc - ok
18:43:38.0757 2304 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:43:38.0780 2304 ProtectedStorage - ok
18:43:38.0816 2304 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:43:38.0884 2304 Psched - ok
18:43:39.0013 2304 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:43:39.0078 2304 ql2300 - ok
18:43:39.0236 2304 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:43:39.0260 2304 ql40xx - ok
18:43:39.0299 2304 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:43:39.0335 2304 QWAVE - ok
18:43:39.0349 2304 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:43:39.0379 2304 QWAVEdrv - ok
18:43:39.0405 2304 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:43:39.0469 2304 RasAcd - ok
18:43:39.0486 2304 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:43:39.0551 2304 RasAgileVpn - ok
18:43:39.0579 2304 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:43:39.0647 2304 RasAuto - ok
18:43:39.0678 2304 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:39.0744 2304 Rasl2tp - ok
18:43:39.0788 2304 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:43:39.0864 2304 RasMan - ok
18:43:39.0904 2304 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:39.0975 2304 RasPppoe - ok
18:43:39.0996 2304 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:43:40.0066 2304 RasSstp - ok
18:43:40.0114 2304 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:43:40.0183 2304 rdbss - ok
18:43:40.0210 2304 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:43:40.0237 2304 rdpbus - ok
18:43:40.0258 2304 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:43:40.0322 2304 RDPCDD - ok
18:43:40.0342 2304 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:43:40.0406 2304 RDPENCDD - ok
18:43:40.0418 2304 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:43:40.0482 2304 RDPREFMP - ok
18:43:40.0518 2304 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:43:40.0543 2304 RDPWD - ok
18:43:40.0587 2304 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:43:40.0613 2304 rdyboost - ok
18:43:40.0644 2304 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:43:40.0711 2304 RemoteAccess - ok
18:43:40.0751 2304 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:43:40.0819 2304 RemoteRegistry - ok
18:43:40.0869 2304 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:43:40.0899 2304 RFCOMM - ok
18:43:40.0938 2304 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:43:41.0005 2304 RpcEptMapper - ok
18:43:41.0032 2304 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:43:41.0057 2304 RpcLocator - ok
18:43:41.0118 2304 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:43:41.0193 2304 RpcSs - ok
18:43:41.0235 2304 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:43:41.0301 2304 rspndr - ok
18:43:41.0370 2304 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:43:41.0412 2304 RTL8167 - ok
18:43:41.0434 2304 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
18:43:41.0453 2304 SABI - ok
18:43:41.0479 2304 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:43:41.0502 2304 SamSs - ok
18:43:41.0530 2304 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:43:41.0553 2304 sbp2port - ok
18:43:41.0595 2304 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:43:41.0667 2304 SCardSvr - ok
18:43:41.0696 2304 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:43:41.0761 2304 scfilter - ok
18:43:41.0848 2304 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:43:41.0939 2304 Schedule - ok
18:43:41.0975 2304 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:43:42.0040 2304 SCPolicySvc - ok
18:43:42.0061 2304 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:43:42.0088 2304 SDRSVC - ok
18:43:42.0139 2304 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:43:42.0203 2304 secdrv - ok
18:43:42.0234 2304 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:43:42.0299 2304 seclogon - ok
18:43:42.0329 2304 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:43:42.0397 2304 SENS - ok
18:43:42.0413 2304 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:43:42.0437 2304 SensrSvc - ok
18:43:42.0465 2304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:43:42.0487 2304 Serenum - ok
18:43:42.0512 2304 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:43:42.0536 2304 Serial - ok
18:43:42.0576 2304 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:43:42.0599 2304 sermouse - ok
18:43:42.0653 2304 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:43:42.0726 2304 SessionEnv - ok
18:43:42.0764 2304 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:43:42.0786 2304 sffdisk - ok
18:43:42.0800 2304 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:43:42.0821 2304 sffp_mmc - ok
18:43:42.0840 2304 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:43:42.0869 2304 sffp_sd - ok
18:43:42.0899 2304 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:43:42.0921 2304 sfloppy - ok
18:43:42.0975 2304 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:43:43.0053 2304 SharedAccess - ok
18:43:43.0103 2304 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:43:43.0181 2304 ShellHWDetection - ok
18:43:43.0206 2304 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:43:43.0228 2304 SiSRaid2 - ok
18:43:43.0264 2304 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:43:43.0286 2304 SiSRaid4 - ok
18:43:43.0371 2304 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
18:43:43.0406 2304 SkypeUpdate - ok
18:43:43.0429 2304 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:43:43.0495 2304 Smb - ok
18:43:43.0535 2304 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:43:43.0561 2304 SNMPTRAP - ok
18:43:43.0575 2304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:43:43.0598 2304 spldr - ok
18:43:43.0661 2304 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:43:43.0735 2304 Spooler - ok
18:43:43.0989 2304 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:43:44.0118 2304 sppsvc - ok
18:43:44.0232 2304 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:43:44.0304 2304 sppuinotify - ok
18:43:44.0384 2304 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:43:44.0421 2304 srv - ok
18:43:44.0451 2304 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:43:44.0484 2304 srv2 - ok
18:43:44.0504 2304 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:43:44.0528 2304 srvnet - ok
18:43:44.0567 2304 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:43:44.0638 2304 SSDPSRV - ok
18:43:44.0658 2304 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:43:44.0729 2304 SstpSvc - ok
18:43:44.0758 2304 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:43:44.0779 2304 stexstor - ok
18:43:44.0807 2304 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
18:43:44.0836 2304 StillCam - ok
18:43:44.0900 2304 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:43:44.0947 2304 stisvc - ok
18:43:44.0972 2304 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:43:44.0993 2304 swenum - ok
18:43:45.0112 2304 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:43:45.0146 2304 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:43:45.0146 2304 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:43:45.0217 2304 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:43:45.0293 2304 swprv - ok
18:43:45.0433 2304 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:43:45.0501 2304 SysMain - ok
18:43:45.0626 2304 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:43:45.0667 2304 TabletInputService - ok
18:43:45.0708 2304 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:43:45.0778 2304 TapiSrv - ok
18:43:45.0820 2304 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:43:45.0888 2304 TBS - ok
18:43:46.0073 2304 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:43:46.0154 2304 Tcpip - ok
18:43:46.0405 2304 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:43:46.0486 2304 TCPIP6 - ok
18:43:46.0613 2304 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:43:46.0718 2304 tcpipreg - ok
18:43:46.0748 2304 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:43:46.0770 2304 TDPIPE - ok
18:43:46.0802 2304 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:43:46.0822 2304 TDTCP - ok
18:43:46.0870 2304 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:43:46.0935 2304 tdx - ok
18:43:47.0191 2304 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:43:47.0290 2304 TeamViewer7 - ok
18:43:47.0411 2304 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:43:47.0438 2304 TermDD - ok
18:43:47.0513 2304 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:43:47.0601 2304 TermService - ok
18:43:47.0673 2304 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:43:47.0716 2304 Themes - ok
18:43:47.0826 2304 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:43:47.0928 2304 THREADORDER - ok
18:43:47.0948 2304 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:43:48.0018 2304 TrkWks - ok
18:43:48.0072 2304 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:43:48.0148 2304 TrustedInstaller - ok
18:43:48.0190 2304 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:48.0253 2304 tssecsrv - ok
18:43:48.0289 2304 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:43:48.0311 2304 TsUsbFlt - ok
18:43:48.0532 2304 TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
18:43:48.0606 2304 TuneUp.UtilitiesSvc - ok
18:43:48.0679 2304 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
18:43:48.0714 2304 TuneUpUtilitiesDrv - ok
18:43:48.0852 2304 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:43:48.0934 2304 tunnel - ok
18:43:48.0970 2304 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:43:48.0993 2304 uagp35 - ok
18:43:49.0040 2304 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:43:49.0107 2304 udfs - ok
18:43:49.0148 2304 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:43:49.0175 2304 UI0Detect - ok
18:43:49.0203 2304 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:43:49.0225 2304 uliagpkx - ok
18:43:49.0241 2304 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:43:49.0265 2304 umbus - ok
18:43:49.0300 2304 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:43:49.0322 2304 UmPass - ok
18:43:49.0370 2304 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:43:49.0451 2304 upnphost - ok
18:43:49.0491 2304 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:43:49.0515 2304 usbccgp - ok
18:43:49.0538 2304 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:43:49.0568 2304 usbcir - ok
18:43:49.0590 2304 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:43:49.0612 2304 usbehci - ok
18:43:49.0653 2304 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:43:49.0680 2304 usbhub - ok
18:43:49.0700 2304 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:43:49.0722 2304 usbohci - ok
18:43:49.0755 2304 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:43:49.0783 2304 usbprint - ok
18:43:49.0805 2304 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:43:49.0827 2304 USBSTOR - ok
18:43:49.0865 2304 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:43:49.0886 2304 usbuhci - ok
18:43:49.0913 2304 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:43:49.0944 2304 usbvideo - ok
18:43:49.0985 2304 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:43:50.0052 2304 UxSms - ok
18:43:50.0090 2304 UxTuneUp (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll
18:43:50.0109 2304 UxTuneUp - ok
18:43:50.0135 2304 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:43:50.0158 2304 VaultSvc - ok
18:43:50.0186 2304 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:43:50.0207 2304 vdrvroot - ok
18:43:50.0265 2304 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:43:50.0344 2304 vds - ok
18:43:50.0372 2304 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:43:50.0399 2304 vga - ok
18:43:50.0414 2304 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:43:50.0479 2304 VgaSave - ok
18:43:50.0523 2304 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:43:50.0549 2304 vhdmp - ok
18:43:50.0573 2304 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:43:50.0595 2304 viaide - ok
18:43:50.0615 2304 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:43:50.0637 2304 volmgr - ok
18:43:50.0692 2304 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:43:50.0728 2304 volmgrx - ok
18:43:50.0765 2304 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:43:50.0794 2304 volsnap - ok
18:43:50.0827 2304 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:43:50.0855 2304 vsmraid - ok
18:43:50.0978 2304 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:43:51.0073 2304 VSS - ok
18:43:51.0198 2304 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:43:51.0241 2304 vwifibus - ok
18:43:51.0264 2304 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:43:51.0295 2304 vwififlt - ok
18:43:51.0311 2304 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:43:51.0342 2304 vwifimp - ok
18:43:51.0399 2304 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:43:51.0473 2304 W32Time - ok
18:43:51.0501 2304 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:43:51.0524 2304 WacomPen - ok
18:43:51.0561 2304 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:43:51.0625 2304 WANARP - ok
18:43:51.0633 2304 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:43:51.0697 2304 Wanarpv6 - ok
18:43:51.0816 2304 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:43:51.0873 2304 WatAdminSvc - ok
18:43:51.0995 2304 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:43:52.0050 2304 wbengine - ok
18:43:52.0161 2304 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:43:52.0211 2304 WbioSrvc - ok
18:43:52.0266 2304 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:43:52.0307 2304 wcncsvc - ok
18:43:52.0342 2304 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:43:52.0367 2304 WcsPlugInService - ok
18:43:52.0427 2304 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:43:52.0455 2304 Wd - ok
18:43:52.0516 2304 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:43:52.0560 2304 Wdf01000 - ok
18:43:52.0599 2304 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:43:52.0635 2304 WdiServiceHost - ok
18:43:52.0641 2304 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:43:52.0677 2304 WdiSystemHost - ok
18:43:52.0713 2304 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:43:52.0751 2304 WebClient - ok
18:43:52.0795 2304 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:43:52.0868 2304 Wecsvc - ok
18:43:52.0895 2304 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:43:52.0964 2304 wercplsupport - ok
18:43:52.0984 2304 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:43:53.0052 2304 WerSvc - ok
18:43:53.0099 2304 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:43:53.0163 2304 WfpLwf - ok
18:43:53.0179 2304 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:43:53.0201 2304 WIMMount - ok
18:43:53.0229 2304 WinDefend - ok
18:43:53.0248 2304 WinHttpAutoProxySvc - ok
18:43:53.0328 2304 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:43:53.0411 2304 Winmgmt - ok
18:43:53.0453 2304 WinRiskXASmClSoftwareUpdate (e694974965e268f8224cc37fabb67596) C:\Program Files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe
18:43:53.0461 2304 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - warning
18:43:53.0461 2304 WinRiskXASmClSoftwareUpdate - detected UnsignedFile.Multi.Generic (1)
18:43:53.0621 2304 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:43:53.0723 2304 WinRM - ok
18:43:53.0892 2304 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:43:53.0948 2304 Wlansvc - ok
18:43:54.0007 2304 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:43:54.0049 2304 WmiAcpi - ok
18:43:54.0117 2304 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:43:54.0144 2304 wmiApSrv - ok
18:43:54.0174 2304 WMPNetworkSvc - ok
18:43:54.0203 2304 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:43:54.0227 2304 WPCSvc - ok
18:43:54.0251 2304 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:43:54.0280 2304 WPDBusEnum - ok
18:43:54.0305 2304 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:43:54.0369 2304 ws2ifsl - ok
18:43:54.0403 2304 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:43:54.0437 2304 wscsvc - ok
18:43:54.0444 2304 WSearch - ok
18:43:54.0630 2304 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:43:54.0726 2304 wuauserv - ok
18:43:54.0868 2304 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:43:54.0942 2304 WudfPf - ok
18:43:54.0977 2304 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:43:55.0042 2304 WUDFRd - ok
18:43:55.0072 2304 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:43:55.0138 2304 wudfsvc - ok
18:43:55.0178 2304 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:43:55.0216 2304 WwanSvc - ok
18:43:55.0261 2304 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:43:55.0648 2304 \Device\Harddisk0\DR0 - ok
18:43:55.0659 2304 Boot (0x1200) (3efce229d8639413c350b46bacaf68ec) \Device\Harddisk0\DR0\Partition0
18:43:55.0663 2304 \Device\Harddisk0\DR0\Partition0 - ok
18:43:55.0706 2304 Boot (0x1200) (f379b40a9d0f84d17e5e28a143d0d8a9) \Device\Harddisk0\DR0\Partition1
18:43:55.0709 2304 \Device\Harddisk0\DR0\Partition1 - ok
18:43:55.0741 2304 Boot (0x1200) (bf212a161a988d745538ff01a672611e) \Device\Harddisk0\DR0\Partition2
18:43:55.0744 2304 \Device\Harddisk0\DR0\Partition2 - ok
18:43:55.0745 2304 ============================================================
18:43:55.0745 2304 Scan finished
18:43:55.0745 2304 ============================================================
18:43:55.0771 5068 Detected object count: 3
18:43:55.0771 5068 Actual detected object count: 3
18:43:59.0818 5068 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:59.0819 5068 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:43:59.0819 5068 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:59.0819 5068 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:43:59.0823 5068 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
18:43:59.0823 5068 WinRiskXASmClSoftwareUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alt 03.07.2012, 19:01   #6
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer

Alt 03.07.2012, 20:46   #7
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-07-02.01 - L5566 03.07.2012  21:16:11.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3836.2352 [GMT 2:00]
ausgeführt von:: c:\users\L5566\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 24 bytes in 1 streams. 
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-03 bis 2012-07-03  ))))))))))))))))))))))))))))))
.
.
2012-07-03 19:29 . 2012-07-03 19:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-03 10:06 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B224A75-6164-447B-9170-7369A04F6AC3}\mpengine.dll
2012-07-02 16:40 . 2012-07-02 16:40	116016	----a-w-	c:\windows\system32\drivers\69983532.sys
2012-07-02 06:14 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-30 09:38 . 2012-06-30 09:38	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 09:38 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-30 07:17 . 2012-07-02 10:21	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-06-30 07:17 . 2012-07-02 09:58	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-06-26 06:38 . 2012-06-26 06:38	--------	d-----w-	c:\program files (x86)\OneMediaHub
2012-06-26 06:32 . 2012-06-26 06:32	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-26 06:32 . 2012-06-26 06:32	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-21 09:33 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-21 09:33 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-21 09:33 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-21 09:33 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-21 09:33 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-21 09:33 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-21 09:33 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-21 09:32 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-21 09:32 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-15 17:57 . 2012-06-15 17:57	--------	d-----w-	c:\users\L5566\AppData\Roaming\Avira
2012-06-15 17:50 . 2012-05-02 13:24	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-15 17:50 . 2012-04-27 08:20	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-15 17:50 . 2012-04-24 22:32	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-06-15 17:50 . 2012-06-15 17:50	--------	d-----w-	c:\programdata\Avira
2012-06-15 17:50 . 2012-06-15 17:50	--------	d-----w-	c:\program files (x86)\Avira
2012-06-15 17:40 . 2012-05-18 01:51	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-06-15 17:40 . 2012-05-17 22:24	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-06-15 17:40 . 2012-05-17 23:21	140920	----a-w-	c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-06-15 17:40 . 2012-05-18 02:51	174200	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2012-06-15 17:40 . 2012-05-18 01:57	548864	----a-w-	c:\program files\Internet Explorer\ieproxy.dll
2012-06-15 17:40 . 2012-05-17 22:31	194560	----a-w-	c:\program files (x86)\Internet Explorer\ieproxy.dll
2012-06-14 06:07 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-14 06:07 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-14 06:07 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-14 06:07 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-14 06:01 . 2012-07-01 04:35	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-06-14 06:01 . 2012-07-01 04:35	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-06-14 06:01 . 2012-06-14 06:01	375632	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-13 16:21 . 2012-06-13 16:21	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-06-13 16:21 . 2012-06-13 16:21	772592	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-06-13 06:07 . 2012-03-08 21:10	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-06-13 06:07 . 2012-03-08 21:10	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5A84C74-96CF-4D2F-B351-D5803E19979C}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-01 04:35 . 2012-06-02 07:44	375632	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-28 06:17 . 2012-06-02 07:46	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-28 06:17 . 2012-06-02 07:45	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-13 16:21 . 2012-02-03 20:11	687600	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-05-29 11:09 . 2012-02-12 12:53	34656	----a-w-	c:\windows\system32\TURegOpt.exe
2012-05-29 11:09 . 2012-04-14 06:56	25952	----a-w-	c:\windows\system32\authuitu.dll
2012-05-29 11:09 . 2012-04-14 06:56	21344	----a-w-	c:\windows\SysWow64\authuitu.dll
2012-05-29 11:09 . 2012-02-12 12:54	35680	----a-w-	c:\windows\system32\uxtuneup.dll
2012-05-29 11:09 . 2012-02-12 12:54	29024	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2012-05-10 08:16 . 2012-05-10 08:16	419488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-10 08:16 . 2012-03-27 06:40	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-09 14:27 . 2012-05-18 06:18	190480	----a-w-	c:\windows\system32\CbFsMntNtf3.dll
2012-04-09 14:27 . 2012-05-18 06:18	158224	----a-w-	c:\windows\SysWow64\CbFsMntNtf3.dll
2012-04-09 14:27 . 2012-05-18 06:18	141328	----a-w-	c:\windows\system32\CbFsNetRdr3.dll
2012-04-09 14:27 . 2012-05-18 06:18	223760	----a-w-	c:\windows\SysWow64\CbFsNetRdr3.dll
2012-04-09 14:27 . 2012-02-03 20:11	352144	----a-w-	c:\windows\system32\drivers\cbfs3.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{89D80A96-D438-4E53-A324-9192F2397B12}"
[HKEY_CLASSES_ROOT\CLSID\{89D80A96-D438-4E53-A324-9192F2397B12}]
2012-04-09 14:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\L5566\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneMediaHub.lnk - c:\program files (x86)\OneMediaHub\pushfnbl.exe [2012-6-22 145408]
Wuala.lnk - c:\users\L5566\AppData\Roaming\Wuala\Wuala.exe [2011-11-22 451504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-7-28 1211680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 M4-Service;M4-Service;c:\users\L5566\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-01-16 1007472]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 Ltn_stk7070P_64;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P_64.sys [2007-06-14 543232]
R3 Ltn_stkrc_64;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc_64.sys [2007-06-13 16256]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-26 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-01 1255736]
R4 WinRiskXASmClSoftwareUpdate;InterRisk WinRisk Smart-Client Softwareaktualisierung;c:\program files (x86)\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [2011-09-12 24576]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2012-04-09 352144]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-10 204288]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-11 9981440]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-10 309248]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-04-30 437288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-22 39976]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-12-09 206128]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-01 11856]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 12:10	1721856	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 12:10	1721856	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 12:10	1721856	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2012-05-02 12:10	1721856	----a-w-	c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{89D80A96-D438-4E53-A324-9192F2397B12}"
[HKEY_CLASSES_ROOT\CLSID\{89D80A96-D438-4E53-A324-9192F2397B12}]
2012-04-09 14:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2011-11-05 980368]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\L5566\AppData\Roaming\Mozilla\Firefox\Profiles\7vqytien.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-03  21:37:01
ComboFix-quarantined-files.txt  2012-07-03 19:37
.
Vor Suchlauf: 13 Verzeichnis(se), 93.272.698.880 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 92.925.997.056 Bytes frei
.
- - End Of File - - 9F26B9C984855B55F25AB6497894E804
         
--- --- ---

Alt 04.07.2012, 16:46   #8
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



gibts noch popups?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2012, 16:01   #9
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Leider ja... Wobei es jetzt nicht mehr auf jeder Webseite auftritt wie noch zuvor.

Die Pop ups sehen so aus: www.munich-broker.de/blog/wp-content/uploads/pop-up.png

Wechseln immer wieder mal und poppen nicht auf jeder Seite auf.

Bis jetzt ist mir das pop up nur noch auf meiner eigenen Webseite aufgefallen sowie auf der Seite von muenchen.de

Sobald ich mit Wordpress als Admin auf meiner Homepage eingeloggt erscheinen keine Pop Ups mehr.

Noch was... Es baut sich dann durch das Pop Up folgender Code in die Webseit ein:

<div style="padding-top:15px;">
<iframe width="300" scrolling="no" height="250" frameborder="0" src="hxxp://tag.tlvmedia.com/?id=102031_125330&ad_type=banner&ad_size=300x250" marginheight="0" marginwidth="0">
<html>
<head></head>
<body>
<script src="hxxp://tag.tlvmedia.com/tags.js?id=102031_125330&ad_type=banner&ad_size=300x250" type="text/javascript">
<iframe width="300" scrolling="no" height="250" frameborder="0" marginwidth="0" marginheight="0" style="width: 300px; height: 250px;" src="hxxp://ads.tlvmedia.com/st?ad_type=iframe&ad_size=300x250&section=3021651">
</body>
</html>
</iframe>
</div>

Alt 06.07.2012, 21:49   #10
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



hi
hast du nen backup deiner seite, dann mal einspielen und gucken obs noch auftritt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2012, 07:14   #11
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Backup habe ich kein älteres, da mich das Problem schon länger plagt.

Hier aber noch ein Code, der dessen Link genau zu dem Bild führt, welches sich einschiebt.

<object width="300" height="250" wmode="opaque" loop="false" data="hxxp://content.yieldmanager.edgesuite.net/atoms/98/94/ae/d7/9894aed7064503bc3ea1da8068614f24.swf?clickTag=http%3A%2F%2Fads%2Etlvmedia%2Ecom%2Fclk%3F3%2CeJytjV1rgzAUhn%2DNd1JMYmJEdhF1Vodx65Z26M3wI%2EWjdZUaRuevn7 Vl%2DwN7ORweHl7OAcjB1V5ialFoFoQgy3YAoiTHtCIS6objOCY0kW1hy7L1MPTO3o4Xce0V0VPNliTDlGxuyBYV3fiFXrfnpbB5vVd3sRuy%2E4nYNts7Rsvf2qcsqbI072r3t%2DVvLmnnHpJ11s TvHD%2DvueIiOPI30HC%2ExLEIunQKDplgRiYeTf53%2E0HXG6UGDTENBvPk1bhSx69eVm2%2DKk%2E9rEalodl%2EqO9Bashv9%2De8lxoksxrb6aqQYVwgNmY3ylK1p8%2EFQUAw%2DAGkRWt5%2 C" type="application/x-shockwave-flash"><param value="opaque" name="wmode"><param value="hxxp://content.yieldmanager.edgesuite.net/atoms/98/94/ae/d7/9894aed7064503bc3ea1da8068614f24.swf?clickTag=http%3A%2F%2Fads%2Etlvmedia%2Ecom%2Fclk%3F3%2CeJytjV1rgzAUhn%2DNd1JMYmJEdhF1Vodx65Z26M3wI%2EWjdZUaRuevn7 Vl%2DwN7ORweHl7OAcjB1V5ialFoFoQgy3YAoiTHtCIS6objOCY0kW1hy7L1MPTO3o4Xce0V0VPNliTDlGxuyBYV3fiFXrfnpbB5vVd3sRuy%2E4nYNts7Rsvf2qcsqbI072r3t%2DVvLmnnHpJ11s TvHD%2DvueIiOPI30HC%2ExLEIunQKDplgRiYeTf53%2E0HXG6UGDTENBvPk1bhSx69eVm2%2DKk%2E9rEalodl%2EqO9Bashv9%2De8lxoksxrb6aqQYVwgNmY3ylK1p8%2EFQUAw%2DAGkRWt5%2 C" name="movie"></object>


Das Ding ist, dass es sich nur von einem PC reinschiebt, auf anderen hab ich das Problem nicht.

Alt 10.07.2012, 13:41   #12
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



hi, dann mach den betroffenen pc neu.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.07.2012, 22:01   #13
Te8
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



Hab den PC noch nicht neu gemacht.

Mir ist in meiner Hosts Datei ganz weit unten etwas aufgefallen. Folgende Zeilen habe ich aus der Hosts Datei entfernt:

149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

Jetzt klappt alles. Die Pop Ups sind im IE sowie Firefox weg.

Wie allerdings diese Zeilen da hinein gekommen sind ist mir schleierhaft.

Könnte es sein, dass sich jemand Zugang verschafft hat? Da kein einziges Virenprogramm etwas gefunden hat, gehe ich davon aus dass mein PC sicher ist ???

Viele Grüße!

Alt 14.07.2012, 12:22   #14
markusg
/// Malware-holic
 
Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Standard

Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer



hi
deswegen würde ich ja immernoch neu aufsetzen, denn es könnte malware aktiev gewesen sein, bzw noch saktiev sein.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer
administrator, adobe, antivir, avg, avira, bho, dateisystem, desktop, explorer, firefox, heuristiks/extra, heuristiks/shuriken, hijack, hijackthis, internet, internet explorer, mozilla, notification, opera, performance, plug-in, pop ups, rundll, scan, server, software, updates, ups, werbung, windows



Ähnliche Themen: Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer


  1. Windows 8 macht nichts mehr & Werbung links,unten-rechts,unten-mitte
    Plagegeister aller Art und deren Bekämpfung - 21.02.2014 (11)
  2. Popup-Fenster und Werbung unten links und rechts im Internet-Explorer
    Log-Analyse und Auswertung - 20.04.2013 (11)
  3. Falsche Weiterleitung von Links und Werbe-Popup unten Rechts
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (36)
  4. Falsche Weiterleitung von Links und Werbe-Popup unten Rechts Falsche Weiterleitung von Links und Werbe-Popup unten Rechts
    Mülltonne - 03.09.2012 (1)
  5. Browser- & Windowsfenster scrollen immer nach Unten oder Rechts !
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (4)
  6. Wieder mal: Popup rechts unten im Browser
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (10)
  7. Popup rechts unten im Browser, nervende Werbung, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (16)
  8. Popup unten rechts in Firefox - div. Poker-Seiten, etc
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (7)
  9. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 06.06.2012 (15)
  10. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (36)
  11. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten ...Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 12.06.2011 (17)
  12. Internet Explorer öffnet immer wieder Werbung
    Antiviren-, Firewall- und andere Schutzprogramme - 27.04.2010 (7)
  13. internet explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 25.04.2010 (2)
  14. Internet Explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 10.04.2010 (6)
  15. Internet Explorer öffnet sich immer wieder
    Log-Analyse und Auswertung - 03.02.2010 (1)
  16. Internet Explorer poppt immer wieder auf (HJT-Logfile)
    Log-Analyse und Auswertung - 01.01.2010 (3)
  17. Internet Explorer öffnet immer wieder automatisch
    Log-Analyse und Auswertung - 08.02.2005 (10)

Zum Thema Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer - Seit einigen Wochen, wie auch immer habe ich mir die nervende Werbung eingefangen, welche sich beim surfen immer wieder von unten rechts einschiebt. Evtl. kann mir jemand kurz behilflich sein. - Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer...
Archiv
Du betrachtest: Immer wieder Werbe Pop ups unten rechts im Firefox und Internet Explorer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.