Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen2 / Lapqeteazore.exe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.08.2012, 23:00   #1
Suratarius
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Nabend,
hab seit heute Abend den scheinbar schon häufiger auffallenden Störenfried "TR/ATRAPS.Gen2 / Lapqeteazore.exe"...
Anvira kann ihn offensichtlich nicht löschen, Zonealarm macht auch nicht viel.
Hab nen Lappi mit Windows7, 64Bit, Intel I5...

Wäre nett wenn ihr mir mit ner idiotensicheren Geduld erklärt was ich wann wo wie durchlaufen lassen muss. im worste case Fall habe ich nen Systemabbild auf ner externen Platte von vor 2 oder 3 Wochen...

mfg Sura

P.S. falls es wen interessiert, dieser Dreck erstellt ne Datei im persönlichen Ordner namens "lapqeteazore" ...

Alt 02.08.2012, 23:16   #2
Chris4You
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Hi,

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten...

chris
__________________

__________________

Alt 02.08.2012, 23:34   #3
Suratarius
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



so ganz nebenbei, ist es nachteilig die verschiedenen Programme parallel ausühren zu lassen oder nebenbei was zu zocken?
__________________

Geändert von Suratarius (02.08.2012 um 23:42 Uhr)

Alt 03.08.2012, 01:24   #4
Suratarius
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



So auf gehts:
Malwarebytes:

Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.08.02.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Suratarius :: SURATARIU-PC [Administrator]

03.08.2012 00:25:11
mbam-log-2012-08-03 (00-25-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 411751
Laufzeit: 1 Stunde(n), 17 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)










OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 03.08.2012 01:56:31 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Suratarius\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 48,97% Memory free
7,82 Gb Paging File | 5,08 Gb Available in Paging File | 64,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 555,07 Gb Total Space | 409,13 Gb Free Space | 73,71% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS
Drive F: | 5,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: SURATARIU-PC | User Name: Suratarius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Suratarius\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Suratarius\lapqeteazore.exe (Akasa)
PRC - C:\Users\SURATA~1\AppData\Local\Temp\220509987.exe (Akasa)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\PHotkey\POSD.exe (Pegatron Corporation)
PRC - C:\Program Files (x86)\PHotkey\PHotkey.exe (Pegatron Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\PHotkey\MsgTranAgt.exe ()
PRC - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe ()
PRC - C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe (Schomäcker GmbH)
PRC - C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-GUI\XPrint-Client-GUI.exe (Schomäcker GmbH)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e16482769fcdf856919e292a968f16c\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3b2b9f4ec1819e4b95792d92f56d26f9\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XXML6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XXXL6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSWN6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSSE6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XMIS6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XMNG6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSEC6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSQL6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XSND6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XPKC6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XRMI6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XKRN6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XJCE6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\jetrt\XAWT6407.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\bin\jetvm\jvm.dll ()
MOD - C:\Program Files (x86)\Schomaecker\XPrint-Client\Common\rt\bin\java.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\Sysnative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (SharedAccess) -- C:\Windows\Sysnative\svchost.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (GFNEXSrv) -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (XPrint-Client-Service) -- C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe (Schomäcker GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dtsoftbus01) -- C:\Windows\Sysnative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avipbb) -- C:\Windows\Sysnative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\Sysnative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\Sysnative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\Sysnative\drivers\lirsgt.sys ()
DRV:64bit: - (teamviewervpn) -- C:\Windows\Sysnative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\Sysnative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (nvpciflt) -- C:\Windows\Sysnative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\Sysnative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\Sysnative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\Sysnative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\Sysnative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\Sysnative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (Vsdatant) -- C:\Windows\Sysnative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (NETwNs64) -- C:\Windows\Sysnative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\Sysnative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\Sysnative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\Sysnative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\Sysnative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\Sysnative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\Sysnative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\Sysnative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\Sysnative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\Sysnative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (fspad_xp64) -- C:\Windows\Sysnative\drivers\fspad_xp64.sys (Sentelic Corporation)
DRV:64bit: - (fspad_wlh64) -- C:\Windows\Sysnative\drivers\fspad_wlh64.sys (Sentelic Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\Sysnative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\Sysnative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\Sysnative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (L1C) -- C:\Windows\Sysnative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8192su) -- C:\Windows\Sysnative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (AmUStor) -- C:\Windows\Sysnative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\Sysnative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\Sysnative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\Sysnative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\Sysnative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\Sysnative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\Sysnative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\Sysnative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\Sysnative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (PEGAGFN) -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys (PEGATRON)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKCU\..\SearchScopes,DefaultScope = {851AD6DB-48BB-409D-B9B1-059F2AE7D42A}
IE - HKCU\..\SearchScopes\{851AD6DB-48BB-409D-B9B1-059F2AE7D42A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDND_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Suratarius\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.07.10 18:06:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.07.10 17:49:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.23 21:10:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.24 01:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suratarius\AppData\Roaming\mozilla\Extensions
[2012.05.15 04:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suratarius\AppData\Roaming\mozilla\Firefox\Profiles\5vy3v48n.default\extensions
[2012.06.17 20:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.17 20:09:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.05.23 21:10:26 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\Sysnative\drivers\etc\hosts
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\Sysnative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\Sysnative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\Sysnative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [lapqeteazore] C:\Users\Suratarius\lapqeteazore.exe (Akasa)
O4 - HKCU..\Run: [SkypePM] C:\Users\Suratarius\AppData\Local\Skype\SkypePM.exe File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BD665DE-B209-409B-9DDF-20B96566CB3D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B37211CB-611B-4C00-8D9E-05460FD7487A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\Sysnative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\Sysnative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.07 02:53:09 | 000,000,126 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{a576e6c9-d326-11e1-a4c4-3860772c224f}\Shell - "" = AutoRun
O33 - MountPoints2\{a576e6c9-d326-11e1-a4c4-3860772c224f}\Shell\AutoRun\command - "" = F:\raf-dead_island.exe -- [2011.09.07 06:29:57 | 000,794,049 | R--- | M] (RAF Production                                              )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.03 00:25:36 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\#ISW.FS#
[2012.08.03 00:25:24 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Suratarius\Desktop\OTL.exe
[2012.08.03 00:22:56 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\Malwarebytes
[2012.08.03 00:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.03 00:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.03 00:22:39 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.03 00:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.01 15:45:50 | 000,090,584 | ---- | C] (Akasa) -- C:\Users\Suratarius\lapqeteazore.exe
[2012.07.28 16:03:47 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
[2012.07.28 16:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
[2012.07.28 16:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD
[2012.07.23 19:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012.07.23 19:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver
[2012.07.23 19:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.23 19:12:56 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.23 19:12:53 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\DAEMON Tools Lite
[2012.07.23 19:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.07.23 19:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.07.13 13:20:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.13 13:20:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.13 13:20:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.13 13:20:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.13 13:20:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.13 13:20:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.13 13:20:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.13 13:20:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.13 13:20:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.13 13:20:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.13 13:20:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.13 13:20:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.13 13:20:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.12 20:41:44 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\Application Data
[2012.07.12 18:14:32 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Local\Macromedia
[2012.07.12 09:40:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.12 09:40:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.12 09:39:54 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.12 09:34:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.12 09:34:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.05 11:14:11 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Suratarius\Desktop\*.tmp files -> C:\Users\Suratarius\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\SysNative\
[2012.08.03 01:25:54 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.03 01:25:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.03 01:25:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.03 00:25:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Suratarius\Desktop\OTL.exe
[2012.08.03 00:22:40 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.02 22:35:25 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2012.08.01 18:08:08 | 001,614,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.01 18:08:08 | 000,697,550 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.01 18:08:08 | 000,652,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.01 18:08:08 | 000,148,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.01 18:08:08 | 000,121,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.01 15:46:31 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2012.08.01 15:45:29 | 000,090,584 | ---- | M] (Akasa) -- C:\Users\Suratarius\lapqeteazore.exe
[2012.07.30 02:38:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 02:38:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 02:30:28 | 3151,269,888 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.28 16:03:47 | 000,002,172 | ---- | M] () -- C:\Users\Suratarius\Desktop\Die Gilde Gold-Edition TL.lnk
[2012.07.23 19:27:05 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\Dead Island PreOrder Edition.lnk
[2012.07.23 19:12:56 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.13 13:35:38 | 000,428,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.10 17:51:44 | 000,415,933 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Suratarius\Desktop\*.tmp files -> C:\Users\Suratarius\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\SysNative\
[2012.08.03 01:58:09 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\800000cb.@
[2012.08.03 00:22:40 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.01 15:50:45 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@
[2012.08.01 15:46:29 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@
[2012.07.28 16:03:47 | 000,002,172 | ---- | C] () -- C:\Users\Suratarius\Desktop\Die Gilde Gold-Edition TL.lnk
[2012.07.23 19:27:05 | 000,001,214 | ---- | C] () -- C:\Users\Public\Desktop\Dead Island PreOrder Edition.lnk
[2012.06.05 02:43:22 | 000,045,270 | ---- | C] () -- C:\Users\Suratarius\AppData\Roaming\room_v3.dat
[2012.03.28 02:37:08 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012.01.26 17:50:02 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.01.25 20:33:51 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.24 17:08:50 | 000,941,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@
[2012.01.09 22:00:48 | 004,346,880 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012.01.08 00:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012.01.08 00:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-53.dll
[2012.01.08 00:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-53.dll
[2012.01.08 00:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012.01.08 00:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012.01.08 00:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2011.12.20 20:50:04 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.12.20 20:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2011.12.20 20:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2011.12.20 20:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2011.12.20 20:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2011.12.20 20:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2011.12.20 20:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2011.12.20 20:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2011.12.20 20:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2011.12.20 20:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.11.16 11:36:00 | 001,592,858 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.07.15 12:16:31 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.15 12:16:29 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.15 12:16:28 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.03.03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011.03.03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011.03.03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010.08.18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini

< End of report >
         
--- --- ---








OTL Extra:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 03.08.2012 01:56:31 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Suratarius\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 48,97% Memory free
7,82 Gb Paging File | 5,08 Gb Available in Paging File | 64,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 555,07 Gb Total Space | 409,13 Gb Free Space | 73,71% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS
Drive F: | 5,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: SURATARIU-PC | User Name: Suratarius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B33371A-C04F-48D3-980C-285369ECD634}" = ZoneAlarm Firewall
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{528CA916-2209-4779-990A-11D749A49C4A}_is1" = Dead Island PreOrder Edition
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" = AGEIA PhysX v6.10.05
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die*Sims*Mittelalter
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4C255FE-BE15-4C06-AAD9-A08F2DBB2E39}" = ZoneAlarm Security
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"im" = Garena Plus
"InfernalGame" = Infernal
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nano" = Nano 1.1.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"ProInst" = Intel PROSet Wireless
"Steam App 10500" = Empire: Total War
"Steam App 73010" = Cities in Motion
"streamWriter_is1" = streamWriter
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.1
"WebcamMax" = WebcamMax
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.7.0
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.6 [64-Bit]
"WinLiveSuite" = Windows Live Essentials
"X-Print Client Uni Oldenburg_is1" = X-Print 4.0 Client
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23.07.2012 13:41:34 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: deadislandgame.exe, Version: 1.0.0.0,
 Zeitstempel: 0x4e37e5fe  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
 Zeitstempel: 0x4dace5b9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0003af60  ID des fehlerhaften
 Prozesses: 0x1688  Startzeit der fehlerhaften Anwendung: 0x01cd68fa63a6457d  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Deep Silver\Dead Island\deadislandgame.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
 a48b0ca8-d4ed-11e1-a4c4-3860772c224f
 
Error - 23.07.2012 13:48:21 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: deadislandgame.exe, Version: 1.0.0.0,
 Zeitstempel: 0x4e37e5fe  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
 Zeitstempel: 0x4dace5b9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0003af60  ID des fehlerhaften
 Prozesses: 0x1454  Startzeit der fehlerhaften Anwendung: 0x01cd68fb587a6ee8  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Deep Silver\Dead Island\deadislandgame.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
 97a08f98-d4ee-11e1-a4c4-3860772c224f
 
Error - 24.07.2012 09:51:52 | Computer Name = Suratariu-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 26.07.2012 10:08:53 | Computer Name = Suratariu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet
 werden.  
 
Error - 27.07.2012 16:04:49 | Computer Name = Suratariu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet
 werden.  
 
Error - 28.07.2012 10:06:12 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GildeGold_TL.exe, Version: 0.0.0.0,
 Zeitstempel: 0x3f7a87ac  Name des fehlerhaften Moduls: GildeGold_TL.exe, Version:
 0.0.0.0, Zeitstempel: 0x3f7a87ac  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001fee0
ID
 des fehlerhaften Prozesses: 0xc6c  Startzeit der fehlerhaften Anwendung: 0x01cd6cc9f3846023
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Berichtskennung:
 62b14f8d-d8bd-11e1-9313-3860772c224f
 
Error - 28.07.2012 10:06:42 | Computer Name = Suratariu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GildeGold_TL.exe, Version: 0.0.0.0,
 Zeitstempel: 0x3f7a87ac  Name des fehlerhaften Moduls: GildeGold_TL.exe, Version:
 0.0.0.0, Zeitstempel: 0x3f7a87ac  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002422d
ID
 des fehlerhaften Prozesses: 0x1530  Startzeit der fehlerhaften Anwendung: 0x01cd6cca2c466810
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\JoWooD\Die Gilde Gold-Edition\GildeGold_TL.exe
Berichtskennung:
 74ebc7dc-d8bd-11e1-9313-3860772c224f
 
Error - 29.07.2012 20:28:32 | Computer Name = Suratariu-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 7.0.10.8 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1a1c    Startzeit:
 01cd6dea1a4bcbf2    Endzeit: 0    Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID:
   
 
Error - 29.07.2012 20:29:24 | Computer Name = Suratariu-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 7.0.10.8 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1858    Startzeit:
 01cd6dea48fba932    Endzeit: 0    Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID:
   
 
Error - 31.07.2012 09:00:03 | Computer Name = Suratariu-PC | Source = Windows Backup | ID = 4103
Description = 
 
[ System Events ]
Error - 29.07.2012 11:29:39 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.131.805.0)
 
Error - 29.07.2012 20:30:51 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 29.07.2012 20:30:52 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 29.07.2012 20:30:58 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 30.07.2012 07:47:43 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 30.07.2012 07:47:48 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.131.805.0)
 
Error - 31.07.2012 07:24:08 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 31.07.2012 07:24:14 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.131.1058.0)
 
Error - 01.08.2012 09:45:43 | Computer Name = Suratariu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 01.08.2012 09:45:49 | Computer Name = Suratariu-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.131.1058.0)
 
 
< End of report >
         
--- --- ---



























TDSSKiller:
02:13:29.0725 0452 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
02:13:29.0818 0452 ============================================================
02:13:29.0818 0452 Current date / time: 2012/08/03 02:13:29.0818
02:13:29.0818 0452 SystemInfo:
02:13:29.0818 0452
02:13:29.0818 0452 OS Version: 6.1.7601 ServicePack: 1.0
02:13:29.0818 0452 Product type: Workstation
02:13:29.0818 0452 ComputerName: SURATARIU-PC
02:13:29.0818 0452 UserName: Suratarius
02:13:29.0818 0452 Windows directory: C:\Windows
02:13:29.0818 0452 System windows directory: C:\Windows
02:13:29.0818 0452 Running under WOW64
02:13:29.0818 0452 Processor architecture: Intel x64
02:13:29.0818 0452 Number of processors: 4
02:13:29.0818 0452 Page size: 0x1000
02:13:29.0818 0452 Boot type: Normal boot
02:13:29.0818 0452 ============================================================
02:13:30.0520 0452 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:13:30.0536 0452 ============================================================
02:13:30.0536 0452 \Device\Harddisk0\DR0:
02:13:30.0536 0452 MBR partitions:
02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x45625000
02:13:30.0536 0452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x45657800, BlocksNum 0x5000000
02:13:30.0536 0452 ============================================================
02:13:30.0598 0452 C: <-> \Device\Harddisk0\DR0\Partition1
02:13:30.0661 0452 D: <-> \Device\Harddisk0\DR0\Partition2
02:13:30.0707 0452 ============================================================
02:13:30.0707 0452 Initialize success
02:13:30.0707 0452 ============================================================
02:14:18.0521 14716 ============================================================
02:14:18.0521 14716 Scan started
02:14:18.0521 14716 Mode: Manual; SigCheck; TDLFS;
02:14:18.0521 14716 ============================================================
02:14:20.0518 14716 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:14:20.0721 14716 1394ohci - ok
02:14:20.0768 14716 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:14:20.0799 14716 ACPI - ok
02:14:20.0830 14716 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:14:20.0924 14716 AcpiPmi - ok
02:14:21.0049 14716 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:14:21.0064 14716 AdobeARMservice - ok
02:14:21.0236 14716 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:14:21.0251 14716 AdobeFlashPlayerUpdateSvc - ok
02:14:21.0361 14716 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
02:14:21.0439 14716 adp94xx - ok
02:14:21.0517 14716 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
02:14:21.0548 14716 adpahci - ok
02:14:21.0595 14716 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
02:14:21.0610 14716 adpu320 - ok
02:14:21.0641 14716 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:14:21.0860 14716 AeLookupSvc - ok
02:14:21.0938 14716 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:14:22.0031 14716 AFD - ok
02:14:22.0078 14716 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:14:22.0109 14716 agp440 - ok
02:14:22.0156 14716 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:14:22.0234 14716 ALG - ok
02:14:22.0281 14716 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:14:22.0297 14716 aliide - ok
02:14:22.0312 14716 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:14:22.0328 14716 amdide - ok
02:14:22.0375 14716 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
02:14:22.0437 14716 AmdK8 - ok
02:14:22.0468 14716 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
02:14:22.0515 14716 AmdPPM - ok
02:14:22.0577 14716 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:14:22.0593 14716 amdsata - ok
02:14:22.0640 14716 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
02:14:22.0655 14716 amdsbs - ok
02:14:22.0687 14716 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:14:22.0702 14716 amdxata - ok
02:14:22.0733 14716 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS
02:14:22.0796 14716 AmUStor - ok
02:14:22.0921 14716 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
02:14:22.0967 14716 AntiVirSchedulerService - ok
02:14:23.0014 14716 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
02:14:23.0030 14716 AntiVirService - ok
02:14:23.0061 14716 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:14:23.0326 14716 AppID - ok
02:14:23.0357 14716 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:14:23.0404 14716 AppIDSvc - ok
02:14:23.0467 14716 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:14:23.0529 14716 Appinfo - ok
02:14:23.0591 14716 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
02:14:23.0591 14716 arc - ok
02:14:23.0623 14716 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
02:14:23.0638 14716 arcsas - ok
02:14:23.0701 14716 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
02:14:23.0716 14716 ASLDRService - ok
02:14:23.0825 14716 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:14:23.0841 14716 aspnet_state - ok
02:14:23.0872 14716 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:14:23.0935 14716 AsyncMac - ok
02:14:23.0981 14716 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:14:24.0013 14716 atapi - ok
02:14:24.0106 14716 atksgt (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys
02:14:24.0137 14716 atksgt ( UnsignedFile.Multi.Generic ) - warning
02:14:24.0137 14716 atksgt - detected UnsignedFile.Multi.Generic (1)
02:14:24.0231 14716 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:14:24.0356 14716 AudioEndpointBuilder - ok
02:14:24.0356 14716 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:14:24.0387 14716 AudioSrv - ok
02:14:24.0449 14716 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
02:14:24.0465 14716 avgntflt - ok
02:14:24.0496 14716 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
02:14:24.0512 14716 avipbb - ok
02:14:24.0543 14716 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
02:14:24.0543 14716 avkmgr - ok
02:14:24.0590 14716 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:14:24.0730 14716 AxInstSV - ok
02:14:24.0793 14716 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
02:14:24.0871 14716 b06bdrv - ok
02:14:24.0949 14716 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:14:24.0980 14716 b57nd60a - ok
02:14:25.0058 14716 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:14:25.0120 14716 BDESVC - ok
02:14:25.0136 14716 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:14:25.0198 14716 Beep - ok
02:14:25.0307 14716 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
02:14:25.0401 14716 BFE - ok
02:14:25.0510 14716 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
02:14:25.0588 14716 BITS - ok
02:14:25.0635 14716 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:14:25.0697 14716 blbdrive - ok
02:14:25.0744 14716 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:14:25.0822 14716 bowser - ok
02:14:25.0869 14716 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
02:14:25.0900 14716 BrFiltLo - ok
02:14:25.0947 14716 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
02:14:25.0994 14716 BrFiltUp - ok
02:14:26.0041 14716 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
02:14:26.0087 14716 BridgeMP - ok
02:14:26.0134 14716 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:14:26.0228 14716 Browser - ok
02:14:26.0290 14716 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:14:26.0384 14716 Brserid - ok
02:14:26.0415 14716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:14:26.0462 14716 BrSerWdm - ok
02:14:26.0524 14716 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:14:26.0555 14716 BrUsbMdm - ok
02:14:26.0602 14716 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:14:26.0633 14716 BrUsbSer - ok
02:14:26.0680 14716 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
02:14:26.0789 14716 BthEnum - ok
02:14:26.0836 14716 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
02:14:26.0883 14716 BTHMODEM - ok
02:14:26.0945 14716 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
02:14:27.0023 14716 BthPan - ok
02:14:27.0117 14716 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
02:14:27.0148 14716 BTHPORT - ok
02:14:27.0211 14716 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:14:27.0273 14716 bthserv - ok
02:14:27.0304 14716 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
02:14:27.0335 14716 BTHUSB - ok
02:14:27.0382 14716 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:14:27.0476 14716 cdfs - ok
02:14:27.0538 14716 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
02:14:27.0585 14716 cdrom - ok
02:14:27.0632 14716 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:14:27.0741 14716 CertPropSvc - ok
02:14:27.0788 14716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
02:14:27.0835 14716 circlass - ok
02:14:27.0897 14716 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:14:27.0928 14716 CLFS - ok
02:14:28.0022 14716 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:14:28.0037 14716 clr_optimization_v2.0.50727_32 - ok
02:14:28.0100 14716 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:14:28.0115 14716 clr_optimization_v2.0.50727_64 - ok
02:14:28.0193 14716 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:14:28.0225 14716 clr_optimization_v4.0.30319_32 - ok
02:14:28.0287 14716 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:14:28.0303 14716 clr_optimization_v4.0.30319_64 - ok
02:14:28.0334 14716 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
02:14:28.0349 14716 clwvd - ok
02:14:28.0396 14716 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:14:28.0459 14716 CmBatt - ok
02:14:28.0490 14716 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:14:28.0521 14716 cmdide - ok
02:14:28.0599 14716 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
02:14:28.0630 14716 CNG - ok
02:14:28.0786 14716 CnxtHdAudService (e0b53d1fef69106b76c06a0d783916e8) C:\Windows\system32\drivers\CHDRT64.sys
02:14:28.0833 14716 CnxtHdAudService - ok
02:14:28.0958 14716 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
02:14:28.0989 14716 Compbatt - ok
02:14:29.0036 14716 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:14:29.0083 14716 CompositeBus - ok
02:14:29.0114 14716 COMSysApp - ok
02:14:29.0207 14716 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
02:14:29.0239 14716 crcdisk - ok
02:14:29.0285 14716 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
02:14:29.0363 14716 CryptSvc - ok
02:14:29.0551 14716 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
02:14:29.0582 14716 cvhsvc - ok
02:14:29.0629 14716 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe
02:14:29.0629 14716 CxAudMsg - ok
02:14:29.0707 14716 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:14:29.0831 14716 DcomLaunch - ok
02:14:29.0878 14716 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:14:29.0956 14716 defragsvc - ok
02:14:30.0019 14716 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:14:30.0097 14716 DfsC - ok
02:14:30.0206 14716 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:14:30.0284 14716 Dhcp - ok
02:14:30.0315 14716 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:14:30.0362 14716 discache - ok
02:14:30.0424 14716 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
02:14:30.0424 14716 Disk - ok
02:14:30.0471 14716 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:14:30.0533 14716 Dnscache - ok
02:14:30.0565 14716 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:14:30.0643 14716 dot3svc - ok
02:14:30.0689 14716 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:14:30.0814 14716 DPS - ok
02:14:30.0845 14716 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:14:30.0877 14716 drmkaud - ok
02:14:30.0955 14716 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
02:14:30.0970 14716 dtsoftbus01 - ok
02:14:31.0064 14716 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:14:31.0111 14716 DXGKrnl - ok
02:14:31.0157 14716 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:14:31.0204 14716 EapHost - ok
02:14:31.0423 14716 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
02:14:31.0610 14716 ebdrv - ok
02:14:31.0703 14716 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:14:31.0797 14716 EFS - ok
02:14:31.0906 14716 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:14:32.0015 14716 ehRecvr - ok
02:14:32.0062 14716 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:14:32.0109 14716 ehSched - ok
02:14:32.0203 14716 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
02:14:32.0234 14716 elxstor - ok
02:14:32.0249 14716 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:14:32.0296 14716 ErrDev - ok
02:14:32.0374 14716 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:14:32.0452 14716 EventSystem - ok
02:14:32.0655 14716 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
02:14:32.0702 14716 EvtEng - ok
02:14:32.0858 14716 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:14:32.0920 14716 exfat - ok
02:14:32.0951 14716 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:14:33.0014 14716 fastfat - ok
02:14:33.0107 14716 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:14:33.0185 14716 Fax - ok
02:14:33.0201 14716 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
02:14:33.0248 14716 fdc - ok
02:14:33.0279 14716 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:14:33.0341 14716 fdPHost - ok
02:14:33.0373 14716 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:14:33.0435 14716 FDResPub - ok
02:14:33.0466 14716 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:14:33.0482 14716 FileInfo - ok
02:14:33.0497 14716 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:14:33.0544 14716 Filetrace - ok
02:14:33.0575 14716 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
02:14:33.0607 14716 flpydisk - ok
02:14:33.0653 14716 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:14:33.0669 14716 FltMgr - ok
02:14:33.0794 14716 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:14:33.0903 14716 FontCache - ok
02:14:33.0997 14716 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:14:34.0012 14716 FontCache3.0.0.0 - ok
02:14:34.0059 14716 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:14:34.0090 14716 FsDepends - ok
02:14:34.0137 14716 fspad_wlh64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\DRIVERS\fspad_wlh64.sys
02:14:34.0184 14716 fspad_wlh64 - ok
02:14:34.0215 14716 fspad_xp64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\drivers\fspad_xp64.sys
02:14:34.0246 14716 fspad_xp64 - ok
02:14:34.0277 14716 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:14:34.0277 14716 Fs_Rec - ok
02:14:34.0340 14716 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:14:34.0371 14716 fvevol - ok
02:14:34.0418 14716 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
02:14:34.0433 14716 gagp30kx - ok
02:14:34.0543 14716 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
02:14:34.0558 14716 GFNEXSrv - ok
02:14:34.0636 14716 GGSAFERDriver - ok
02:14:34.0730 14716 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:14:34.0808 14716 gpsvc - ok
02:14:34.0839 14716 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:14:34.0901 14716 hcw85cir - ok
02:14:35.0026 14716 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:14:35.0089 14716 HdAudAddService - ok
02:14:35.0213 14716 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:14:35.0245 14716 HDAudBus - ok
02:14:35.0291 14716 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
02:14:35.0338 14716 HidBatt - ok
02:14:35.0369 14716 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
02:14:35.0432 14716 HidBth - ok
02:14:35.0447 14716 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
02:14:35.0479 14716 HidIr - ok
02:14:35.0510 14716 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
02:14:35.0557 14716 hidserv - ok
02:14:35.0588 14716 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:14:35.0603 14716 HidUsb - ok
02:14:35.0635 14716 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:14:35.0681 14716 hkmsvc - ok
02:14:35.0744 14716 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:14:35.0806 14716 HomeGroupListener - ok
02:14:35.0853 14716 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:14:35.0900 14716 HomeGroupProvider - ok
02:14:35.0947 14716 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:14:35.0962 14716 HpSAMD - ok
02:14:36.0040 14716 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:14:36.0149 14716 HTTP - ok
02:14:36.0181 14716 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:14:36.0196 14716 hwpolicy - ok
02:14:36.0227 14716 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:14:36.0227 14716 i8042prt - ok
02:14:36.0305 14716 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
02:14:36.0321 14716 iaStor - ok
02:14:36.0446 14716 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
02:14:36.0508 14716 IAStorDataMgrSvc - ok
02:14:36.0586 14716 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:14:36.0633 14716 iaStorV - ok
02:14:36.0773 14716 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:14:36.0820 14716 idsvc - ok
02:14:37.0678 14716 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:14:38.0068 14716 igfx - ok
02:14:38.0209 14716 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
02:14:38.0224 14716 iirsp - ok
02:14:38.0318 14716 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:14:38.0380 14716 IKEEXT - ok
02:14:38.0458 14716 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
02:14:38.0474 14716 IntcDAud - ok
02:14:38.0489 14716 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:14:38.0505 14716 intelide - ok
02:14:38.0552 14716 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:14:38.0567 14716 intelppm - ok
02:14:38.0614 14716 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:14:38.0692 14716 IPBusEnum - ok
02:14:38.0723 14716 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:14:38.0770 14716 IpFilterDriver - ok
02:14:38.0817 14716 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:14:38.0848 14716 IPMIDRV - ok
02:14:38.0895 14716 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:14:38.0942 14716 IPNAT - ok
02:14:38.0957 14716 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:14:39.0004 14716 IRENUM - ok
02:14:39.0035 14716 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:14:39.0051 14716 isapnp - ok
02:14:39.0098 14716 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:14:39.0113 14716 iScsiPrt - ok
02:14:39.0207 14716 ISWKL (1152f8beb568f2f72f1c5c32a1f4e529) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
02:14:39.0223 14716 ISWKL - ok
02:14:39.0347 14716 IswSvc (ef46ef3a790c42bba9b5afa2586448db) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
02:14:39.0379 14716 IswSvc - ok
02:14:39.0425 14716 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:14:39.0425 14716 kbdclass - ok
02:14:39.0457 14716 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
02:14:39.0488 14716 kbdhid - ok
02:14:39.0535 14716 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:14:39.0535 14716 KeyIso - ok
02:14:39.0581 14716 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
02:14:39.0613 14716 KSecDD - ok
02:14:39.0628 14716 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
02:14:39.0644 14716 KSecPkg - ok
02:14:39.0691 14716 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:14:39.0753 14716 ksthunk - ok
02:14:39.0815 14716 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:14:39.0925 14716 KtmRm - ok
02:14:39.0971 14716 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
02:14:39.0971 14716 L1C - ok
02:14:40.0049 14716 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
02:14:40.0143 14716 LanmanServer - ok
02:14:40.0174 14716 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:14:40.0237 14716 LanmanWorkstation - ok
02:14:40.0299 14716 lirsgt (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys
02:14:40.0346 14716 lirsgt ( UnsignedFile.Multi.Generic ) - warning
02:14:40.0346 14716 lirsgt - detected UnsignedFile.Multi.Generic (1)
02:14:40.0393 14716 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:14:40.0455 14716 lltdio - ok
02:14:40.0517 14716 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:14:40.0564 14716 lltdsvc - ok
02:14:40.0595 14716 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:14:40.0642 14716 lmhosts - ok
02:14:40.0689 14716 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
02:14:40.0720 14716 LSI_FC - ok
02:14:40.0751 14716 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
02:14:40.0751 14716 LSI_SAS - ok
02:14:40.0783 14716 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
02:14:40.0798 14716 LSI_SAS2 - ok
02:14:40.0829 14716 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
02:14:40.0829 14716 LSI_SCSI - ok
02:14:40.0861 14716 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:14:40.0923 14716 luafv - ok
02:14:40.0970 14716 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:14:41.0001 14716 Mcx2Svc - ok
02:14:41.0157 14716 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:14:41.0173 14716 MDM - ok
02:14:41.0375 14716 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
02:14:41.0407 14716 megasas - ok
02:14:41.0453 14716 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
02:14:41.0485 14716 MegaSR - ok
02:14:41.0516 14716 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:14:41.0563 14716 MMCSS - ok
02:14:41.0594 14716 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:14:41.0641 14716 Modem - ok
02:14:41.0687 14716 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:14:41.0734 14716 monitor - ok
02:14:41.0781 14716 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:14:41.0797 14716 mouclass - ok
02:14:41.0828 14716 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:14:41.0859 14716 mouhid - ok
02:14:41.0906 14716 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:14:41.0906 14716 mountmgr - ok
02:14:41.0968 14716 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:14:41.0999 14716 MozillaMaintenance - ok
02:14:42.0031 14716 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:14:42.0046 14716 mpio - ok
02:14:42.0077 14716 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:14:42.0124 14716 mpsdrv - ok
02:14:42.0140 14716 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:14:42.0171 14716 MRxDAV - ok
02:14:42.0249 14716 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:14:42.0358 14716 mrxsmb - ok
02:14:42.0405 14716 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:14:42.0483 14716 mrxsmb10 - ok
02:14:42.0514 14716 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:14:42.0561 14716 mrxsmb20 - ok
02:14:42.0608 14716 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:14:42.0623 14716 msahci - ok
02:14:42.0655 14716 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:14:42.0670 14716 msdsm - ok
02:14:42.0701 14716 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:14:42.0748 14716 MSDTC - ok
02:14:42.0779 14716 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:14:42.0857 14716 Msfs - ok
02:14:42.0904 14716 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:14:42.0951 14716 mshidkmdf - ok
02:14:42.0982 14716 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:14:42.0982 14716 msisadrv - ok
02:14:43.0045 14716 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:14:43.0138 14716 MSiSCSI - ok
02:14:43.0138 14716 msiserver - ok
02:14:43.0185 14716 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:14:43.0247 14716 MSKSSRV - ok
02:14:43.0263 14716 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:14:43.0310 14716 MSPCLOCK - ok
02:14:43.0341 14716 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:14:43.0388 14716 MSPQM - ok
02:14:43.0450 14716 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:14:43.0466 14716 MsRPC - ok
02:14:43.0481 14716 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
02:14:43.0497 14716 mssmbios - ok
02:14:43.0528 14716 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:14:43.0591 14716 MSTEE - ok
02:14:43.0637 14716 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
02:14:43.0669 14716 MTConfig - ok
02:14:43.0700 14716 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:14:43.0715 14716 Mup - ok
02:14:43.0825 14716 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
02:14:43.0840 14716 MyWiFiDHCPDNS - ok
02:14:43.0887 14716 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:14:43.0949 14716 napagent - ok
02:14:43.0996 14716 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:14:44.0027 14716 NativeWifiP - ok
02:14:44.0152 14716 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:14:44.0183 14716 NDIS - ok
02:14:44.0199 14716 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:14:44.0277 14716 NdisCap - ok
02:14:44.0324 14716 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:14:44.0371 14716 NdisTapi - ok
02:14:44.0402 14716 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:14:44.0449 14716 Ndisuio - ok
02:14:44.0480 14716 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:14:44.0542 14716 NdisWan - ok
02:14:44.0573 14716 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:14:44.0620 14716 NDProxy - ok
02:14:44.0667 14716 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:14:44.0729 14716 NetBIOS - ok
02:14:44.0776 14716 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:14:44.0854 14716 NetBT - ok
02:14:44.0901 14716 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:14:44.0917 14716 Netlogon - ok
02:14:44.0979 14716 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:14:45.0041 14716 Netman - ok
02:14:45.0197 14716 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:14:45.0260 14716 NetMsmqActivator - ok
02:14:45.0275 14716 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:14:45.0291 14716 NetPipeActivator - ok
02:14:45.0338 14716 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:14:45.0416 14716 netprofm - ok
02:14:45.0431 14716 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:14:45.0447 14716 NetTcpActivator - ok
02:14:45.0447 14716 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:14:45.0463 14716 NetTcpPortSharing - ok
02:14:46.0040 14716 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
02:14:46.0352 14716 NETwNs64 - ok
02:14:46.0477 14716 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
02:14:46.0508 14716 nfrd960 - ok
02:14:46.0570 14716 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:14:46.0648 14716 NlaSvc - ok
02:14:46.0679 14716 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:14:46.0711 14716 Npfs - ok
02:14:46.0742 14716 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:14:46.0789 14716 nsi - ok
02:14:46.0804 14716 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:14:46.0882 14716 nsiproxy - ok
02:14:47.0023 14716 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:14:47.0069 14716 Ntfs - ok
02:14:47.0225 14716 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:14:47.0303 14716 Null - ok
02:14:47.0366 14716 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
02:14:47.0428 14716 nusb3hub - ok
02:14:47.0475 14716 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
02:14:47.0553 14716 nusb3xhc - ok
02:14:48.0302 14716 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:14:48.0645 14716 nvlddmkm - ok
02:14:48.0801 14716 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
02:14:48.0817 14716 nvpciflt - ok
02:14:48.0863 14716 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:14:48.0895 14716 nvraid - ok
02:14:48.0910 14716 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:14:48.0926 14716 nvstor - ok
02:14:49.0082 14716 NVSvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
02:14:49.0144 14716 NVSvc - ok
02:14:49.0409 14716 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
02:14:49.0472 14716 nvUpdatusService - ok
02:14:49.0581 14716 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:14:49.0612 14716 nv_agp - ok
02:14:49.0643 14716 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:14:49.0675 14716 ohci1394 - ok
02:14:49.0831 14716 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:14:49.0846 14716 ose - ok
02:14:50.0252 14716 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:14:50.0408 14716 osppsvc - ok
02:14:50.0564 14716 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:14:50.0626 14716 p2pimsvc - ok
02:14:50.0673 14716 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:14:50.0720 14716 p2psvc - ok
02:14:50.0798 14716 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
02:14:50.0860 14716 Parport - ok
02:14:50.0891 14716 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:14:50.0907 14716 partmgr - ok
02:14:50.0954 14716 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:14:51.0001 14716 PcaSvc - ok
02:14:51.0047 14716 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:14:51.0063 14716 pci - ok
02:14:51.0079 14716 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:14:51.0094 14716 pciide - ok
02:14:51.0141 14716 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
02:14:51.0157 14716 pcmcia - ok
02:14:51.0172 14716 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:14:51.0188 14716 pcw - ok
02:14:51.0250 14716 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:14:51.0313 14716 PEAUTH - ok
02:14:51.0422 14716 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys
02:14:51.0422 14716 PEGAGFN - ok
02:14:51.0531 14716 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:14:51.0593 14716 PerfHost - ok
02:14:51.0796 14716 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:14:51.0890 14716 pla - ok
02:14:51.0952 14716 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:14:52.0015 14716 PlugPlay - ok
02:14:52.0046 14716 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:14:52.0077 14716 PNRPAutoReg - ok
02:14:52.0124 14716 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:14:52.0155 14716 PNRPsvc - ok
02:14:52.0202 14716 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:14:52.0264 14716 PolicyAgent - ok
02:14:52.0311 14716 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:14:52.0389 14716 Power - ok
02:14:52.0467 14716 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:14:52.0529 14716 PptpMiniport - ok
02:14:52.0561 14716 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
02:14:52.0592 14716 Processor - ok
02:14:52.0639 14716 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
02:14:52.0670 14716 ProfSvc - ok
02:14:52.0685 14716 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:14:52.0701 14716 ProtectedStorage - ok
02:14:52.0748 14716 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:14:52.0810 14716 Psched - ok
02:14:52.0935 14716 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
02:14:52.0982 14716 ql2300 - ok
02:14:53.0122 14716 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
02:14:53.0169 14716 ql40xx - ok
02:14:53.0200 14716 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:14:53.0231 14716 QWAVE - ok
02:14:53.0263 14716 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:14:53.0294 14716 QWAVEdrv - ok
02:14:53.0325 14716 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:14:53.0372 14716 RasAcd - ok
02:14:53.0419 14716 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:14:53.0465 14716 RasAgileVpn - ok
02:14:53.0497 14716 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:14:53.0543 14716 RasAuto - ok
02:14:53.0590 14716 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:14:53.0653 14716 Rasl2tp - ok
02:14:53.0746 14716 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:14:53.0840 14716 RasMan - ok
02:14:53.0887 14716 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:14:53.0949 14716 RasPppoe - ok
02:14:53.0980 14716 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:14:54.0027 14716 RasSstp - ok
02:14:54.0074 14716 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:14:54.0121 14716 rdbss - ok
02:14:54.0152 14716 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
02:14:54.0183 14716 rdpbus - ok
02:14:54.0214 14716 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:14:54.0261 14716 RDPCDD - ok
02:14:54.0292 14716 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:14:54.0323 14716 RDPENCDD - ok
02:14:54.0355 14716 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:14:54.0386 14716 RDPREFMP - ok
02:14:54.0433 14716 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
02:14:54.0526 14716 RDPWD - ok
02:14:54.0589 14716 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:14:54.0604 14716 rdyboost - ok
02:14:54.0745 14716 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
02:14:54.0791 14716 RegSrvc - ok
02:14:54.0823 14716 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:14:54.0869 14716 RemoteAccess - ok
02:14:54.0932 14716 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:14:54.0994 14716 RemoteRegistry - ok
02:14:55.0119 14716 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
02:14:55.0166 14716 RFCOMM - ok
02:14:55.0197 14716 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:14:55.0291 14716 RpcEptMapper - ok
02:14:55.0322 14716 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:14:55.0353 14716 RpcLocator - ok
02:14:55.0431 14716 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:14:55.0478 14716 RpcSs - ok
02:14:55.0525 14716 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:14:55.0571 14716 rspndr - ok
02:14:55.0634 14716 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:14:55.0665 14716 RTL8167 - ok
02:14:55.0774 14716 RTL8192su (4629c5c4772d223b0ecd1ea8ba7a2a33) C:\Windows\system32\DRIVERS\RTL8192su.sys
02:14:55.0790 14716 RTL8192su - ok
02:14:55.0821 14716 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:14:55.0837 14716 SamSs - ok
02:14:55.0868 14716 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:14:55.0868 14716 sbp2port - ok
02:14:55.0915 14716 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:14:55.0977 14716 SCardSvr - ok
02:14:55.0993 14716 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:14:56.0039 14716 scfilter - ok
02:14:56.0149 14716 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:14:56.0211 14716 Schedule - ok
02:14:56.0227 14716 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:14:56.0258 14716 SCPolicySvc - ok
02:14:56.0289 14716 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:14:56.0336 14716 SDRSVC - ok
02:14:56.0398 14716 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:14:56.0461 14716 secdrv - ok
02:14:56.0492 14716 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:14:56.0523 14716 seclogon - ok
02:14:56.0554 14716 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
02:14:56.0601 14716 SENS - ok
02:14:56.0632 14716 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:14:56.0695 14716 SensrSvc - ok
02:14:56.0726 14716 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
02:14:56.0757 14716 Serenum - ok
02:14:56.0804 14716 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
02:14:56.0835 14716 Serial - ok
02:14:56.0882 14716 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
02:14:56.0913 14716 sermouse - ok
02:14:56.0944 14716 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:14:57.0007 14716 SessionEnv - ok
02:14:57.0038 14716 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:14:57.0069 14716 sffdisk - ok
02:14:57.0100 14716 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:14:57.0131 14716 sffp_mmc - ok
02:14:57.0147 14716 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:14:57.0163 14716 sffp_sd - ok
02:14:57.0194 14716 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
02:14:57.0225 14716 sfloppy - ok
02:14:57.0334 14716 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
02:14:57.0397 14716 Sftfs - ok
02:14:57.0553 14716 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
02:14:57.0584 14716 sftlist - ok
02:14:57.0646 14716 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
02:14:57.0662 14716 Sftplay - ok
02:14:57.0677 14716 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
02:14:57.0693 14716 Sftredir - ok
02:14:57.0724 14716 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
02:14:57.0724 14716 Sftvol - ok
02:14:57.0771 14716 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
02:14:57.0787 14716 sftvsa - ok
02:14:57.0849 14716 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:14:57.0896 14716 ShellHWDetection - ok
02:14:57.0958 14716 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
02:14:57.0974 14716 SiSRaid2 - ok
02:14:58.0005 14716 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
02:14:58.0021 14716 SiSRaid4 - ok
02:14:58.0301 14716 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
02:14:58.0348 14716 Skype C2C Service - ok
02:14:58.0473 14716 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
02:14:58.0504 14716 SkypeUpdate - ok
02:14:58.0629 14716 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:14:58.0691 14716 Smb - ok
02:14:58.0723 14716 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:14:58.0754 14716 SNMPTRAP - ok
02:14:58.0785 14716 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:14:58.0801 14716 spldr - ok
02:14:58.0863 14716 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:14:58.0910 14716 Spooler - ok
02:14:59.0159 14716 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:14:59.0253 14716 sppsvc - ok
02:14:59.0378 14716 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:14:59.0440 14716 sppuinotify - ok
02:14:59.0534 14716 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:14:59.0612 14716 srv - ok
02:14:59.0659 14716 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:14:59.0674 14716 srv2 - ok
02:14:59.0721 14716 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:14:59.0752 14716 srvnet - ok
02:14:59.0799 14716 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:14:59.0861 14716 SSDPSRV - ok
02:14:59.0877 14716 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:14:59.0939 14716 SstpSvc - ok
02:15:00.0033 14716 Steam Client Service - ok
02:15:00.0142 14716 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
02:15:00.0158 14716 Stereo Service - ok
02:15:00.0189 14716 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
02:15:00.0189 14716 stexstor - ok
02:15:00.0267 14716 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:15:00.0314 14716 stisvc - ok
02:15:00.0345 14716 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
02:15:00.0345 14716 swenum - ok
02:15:00.0407 14716 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:15:00.0470 14716 swprv - ok
02:15:00.0641 14716 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:15:00.0735 14716 SysMain - ok
02:15:00.0860 14716 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:15:00.0907 14716 TabletInputService - ok
02:15:00.0938 14716 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:15:01.0016 14716 TapiSrv - ok
02:15:01.0047 14716 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:15:01.0094 14716 TBS - ok
02:15:01.0250 14716 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:15:01.0312 14716 Tcpip - ok
02:15:01.0593 14716 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:15:01.0640 14716 TCPIP6 - ok
02:15:01.0749 14716 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:15:01.0811 14716 tcpipreg - ok
02:15:01.0843 14716 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:15:01.0905 14716 TDPIPE - ok
02:15:01.0936 14716 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:15:01.0967 14716 TDTCP - ok
02:15:01.0999 14716 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:15:02.0077 14716 tdx - ok
02:15:02.0389 14716 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
02:15:02.0451 14716 TeamViewer7 - ok
02:15:02.0591 14716 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
02:15:02.0623 14716 teamviewervpn - ok
02:15:02.0638 14716 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
02:15:02.0669 14716 TermDD - ok
02:15:02.0747 14716 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:15:02.0810 14716 TermService - ok
02:15:02.0841 14716 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:15:02.0857 14716 Themes - ok
02:15:02.0888 14716 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:15:02.0903 14716 THREADORDER - ok
02:15:02.0950 14716 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:15:02.0997 14716 TrkWks - ok
02:15:03.0075 14716 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:15:03.0153 14716 TrustedInstaller - ok
02:15:03.0184 14716 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:15:03.0247 14716 tssecsrv - ok
02:15:03.0293 14716 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:15:03.0340 14716 TsUsbFlt - ok
02:15:03.0356 14716 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
02:15:03.0387 14716 TsUsbGD - ok
02:15:03.0465 14716 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:15:03.0512 14716 tunnel - ok
02:15:03.0527 14716 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
02:15:03.0543 14716 uagp35 - ok
02:15:03.0590 14716 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:15:03.0637 14716 udfs - ok
02:15:03.0668 14716 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:15:03.0699 14716 UI0Detect - ok
02:15:03.0746 14716 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:15:03.0761 14716 uliagpkx - ok
02:15:03.0793 14716 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
02:15:03.0839 14716 umbus - ok
02:15:03.0871 14716 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
02:15:03.0917 14716 UmPass - ok
02:15:03.0980 14716 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:15:04.0042 14716 upnphost - ok
02:15:04.0105 14716 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
02:15:04.0120 14716 usbaudio - ok
02:15:04.0151 14716 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:15:04.0198 14716 usbccgp - ok
02:15:04.0229 14716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:15:04.0276 14716 usbcir - ok
02:15:04.0307 14716 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:15:04.0354 14716 usbehci - ok
02:15:04.0417 14716 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:15:04.0463 14716 usbhub - ok
02:15:04.0495 14716 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
02:15:04.0541 14716 usbohci - ok
02:15:04.0573 14716 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
02:15:04.0619 14716 usbprint - ok
02:15:04.0651 14716 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:15:04.0729 14716 USBSTOR - ok
02:15:04.0760 14716 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:15:04.0791 14716 usbuhci - ok
02:15:04.0853 14716 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
02:15:04.0916 14716 usbvideo - ok
02:15:04.0947 14716 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:15:04.0994 14716 UxSms - ok
02:15:05.0025 14716 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:15:05.0056 14716 VaultSvc - ok
02:15:05.0103 14716 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:15:05.0119 14716 vdrvroot - ok
02:15:05.0197 14716 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:15:05.0259 14716 vds - ok
02:15:05.0290 14716 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:15:05.0306 14716 vga - ok
02:15:05.0321 14716 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:15:05.0353 14716 VgaSave - ok
02:15:05.0384 14716 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:15:05.0399 14716 vhdmp - ok
02:15:05.0415 14716 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:15:05.0431 14716 viaide - ok
02:15:05.0462 14716 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:15:05.0462 14716 volmgr - ok
02:15:05.0524 14716 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:15:05.0555 14716 volmgrx - ok
02:15:05.0602 14716 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:15:05.0618 14716 volsnap - ok
02:15:05.0680 14716 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
02:15:05.0711 14716 Vsdatant - ok
02:15:05.0805 14716 vsmon - ok
02:15:05.0852 14716 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
02:15:05.0867 14716 vsmraid - ok
02:15:06.0008 14716 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:15:06.0086 14716 VSS - ok
02:15:06.0211 14716 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:15:06.0273 14716 vwifibus - ok
02:15:06.0320 14716 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:15:06.0367 14716 vwififlt - ok
02:15:06.0398 14716 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:15:06.0429 14716 vwifimp - ok
02:15:06.0491 14716 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:15:06.0538 14716 W32Time - ok
02:15:06.0569 14716 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
02:15:06.0585 14716 WacomPen - ok
02:15:06.0616 14716 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:15:06.0663 14716 WANARP - ok
02:15:06.0679 14716 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:15:06.0710 14716 Wanarpv6 - ok
02:15:06.0850 14716 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:15:06.0897 14716 WatAdminSvc - ok
02:15:07.0022 14716 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:15:07.0100 14716 wbengine - ok
02:15:07.0209 14716 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:15:07.0271 14716 WbioSrvc - ok
02:15:07.0318 14716 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:15:07.0349 14716 wcncsvc - ok
02:15:07.0381 14716 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:15:07.0459 14716 WcsPlugInService - ok
02:15:07.0505 14716 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
02:15:07.0521 14716 Wd - ok
02:15:07.0583 14716 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:15:07.0615 14716 Wdf01000 - ok
02:15:07.0630 14716 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:15:07.0739 14716 WdiServiceHost - ok
02:15:07.0739 14716 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:15:07.0771 14716 WdiSystemHost - ok
02:15:07.0802 14716 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:15:07.0849 14716 WebClient - ok
02:15:07.0880 14716 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:15:07.0973 14716 Wecsvc - ok
02:15:08.0005 14716 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:15:08.0051 14716 wercplsupport - ok
02:15:08.0098 14716 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:15:08.0176 14716 WerSvc - ok
02:15:08.0239 14716 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:15:08.0317 14716 WfpLwf - ok
02:15:08.0332 14716 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:15:08.0348 14716 WIMMount - ok
02:15:08.0348 14716 WinHttpAutoProxySvc - ok
02:15:08.0426 14716 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:15:08.0519 14716 Winmgmt - ok
02:15:08.0675 14716 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:15:08.0753 14716 WinRM - ok
02:15:08.0925 14716 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:15:08.0987 14716 Wlansvc - ok
02:15:09.0097 14716 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:15:09.0128 14716 wlcrasvc - ok
02:15:09.0331 14716 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:15:09.0409 14716 wlidsvc - ok
02:15:09.0534 14716 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:15:09.0596 14716 WmiAcpi - ok
02:15:09.0690 14716 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:15:09.0736 14716 wmiApSrv - ok
02:15:09.0814 14716 WMPNetworkSvc - ok
02:15:09.0861 14716 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:15:09.0908 14716 WPCSvc - ok
02:15:09.0924 14716 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:15:09.0955 14716 WPDBusEnum - ok
02:15:09.0970 14716 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:15:10.0033 14716 ws2ifsl - ok
02:15:10.0033 14716 WSearch - ok
02:15:10.0095 14716 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
02:15:10.0095 14716 wsvd - ok
02:15:10.0298 14716 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
02:15:10.0392 14716 wuauserv - ok
02:15:10.0516 14716 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:15:10.0610 14716 WudfPf - ok
02:15:10.0657 14716 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:15:10.0735 14716 WUDFRd - ok
02:15:10.0766 14716 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:15:10.0797 14716 wudfsvc - ok
02:15:10.0828 14716 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:15:10.0860 14716 WwanSvc - ok
02:15:11.0062 14716 XPrint-Client-Service (83326d0dd0615d03aeb42131c624e3f3) C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe
02:15:11.0094 14716 XPrint-Client-Service ( UnsignedFile.Multi.Generic ) - warning
02:15:11.0094 14716 XPrint-Client-Service - detected UnsignedFile.Multi.Generic (1)
02:15:11.0156 14716 MBR (0x1B8) (af7e2860d7c52a307fc27eecf18f08df) \Device\Harddisk0\DR0
02:15:13.0200 14716 \Device\Harddisk0\DR0 - ok
02:15:13.0215 14716 Boot (0x1200) (8af0380f1f1ceee2fec372c9e8961a00) \Device\Harddisk0\DR0\Partition0
02:15:13.0215 14716 \Device\Harddisk0\DR0\Partition0 - ok
02:15:13.0246 14716 Boot (0x1200) (e7dac6cebb8dd616e59820ae8b2948bb) \Device\Harddisk0\DR0\Partition1
02:15:13.0262 14716 \Device\Harddisk0\DR0\Partition1 - ok
02:15:13.0293 14716 Boot (0x1200) (26d7c8ff6c0fb1b0f43508d6a5f185e9) \Device\Harddisk0\DR0\Partition2
02:15:13.0293 14716 \Device\Harddisk0\DR0\Partition2 - ok
02:15:13.0293 14716 ============================================================
02:15:13.0293 14716 Scan finished
02:15:13.0293 14716 ============================================================
02:15:13.0293 15108 Detected object count: 3
02:15:13.0293 15108 Actual detected object count: 3
02:17:05.0239 15108 C:\Windows\system32\DRIVERS\atksgt.sys - copied to quarantine
02:17:05.0239 15108 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
02:17:05.0270 15108 C:\Windows\system32\DRIVERS\lirsgt.sys - copied to quarantine
02:17:05.0270 15108 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
02:17:05.0473 15108 C:\Program Files (x86)\Schomaecker\XPrint-Client\XPrint-Client-Service\XPrint-Client-Service.exe - copied to quarantine
02:17:05.0473 15108 XPrint-Client-Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine



tdssKiller befunde erst mal in Quarantäne verschoben.
Was kommt nun?

Alt 03.08.2012, 08:08   #5
Chris4You
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Hi,

das was der Killer gefunden hat, sind nicht signierte Dateien, das kommt sehr oft vor. Bitte an die Anweisungen halten, die hättest Du nicht verschieben lassen sollen (aber wenn der Rechner noch läuft ,o)...

So, Du hast einen Rootkit und noch ein paar nette Sachen auf dem Rechner, ich hoffe OTL kommt damit zurecht...

In den abgesicherten Modus booten (F8 beim Booten), dann das Script wie folgt ausführen:

OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
PRC - C:\Users\SURATA~1\AppData\Local\Temp\220509987.exe (Akasa)
O4 - HKCU..\Run: [lapqeteazore] C:\Users\Suratarius\lapqeteazore.exe (Akasa)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.08.03 00:25:36 | 000,000,000 | ---D | C] -- C:\Users\Suratarius\AppData\Roaming\#ISW.FS#
[2012.08.01 15:50:45 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@
[2012.08.01 15:46:29 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@
[2012.01.11 20:19:12 | 000,002,048 | -HS- | C] () -- C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@


:Commands
[purity]
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Der Rechner sollte neu booten, wenn nicht, selber booten, dann (wieder im abgesicherten Modus) ComboFix:

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

Erstelle und poste dann auch noch ein neues OTL-Log...

chris

__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 04.08.2012, 01:03   #6
Suratarius
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Hiho,
hier der OTL log:

All processes killed
========== OTL ==========
No active process named 220509987.exe was found!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\lapqeteazore deleted successfully.
C:\Users\Suratarius\lapqeteazore.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
C:\Users\Suratarius\AppData\Roaming\#ISW.FS# folder moved successfully.
C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\80000000.@ moved successfully.
C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\U\00000001.@ moved successfully.
C:\Windows\Installer\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ moved successfully.
C:\Users\Suratarius\AppData\Local\{dd0b6037-a9c2-e38b-9363-0614255749a0}\@ moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Suratarius
->Temp folder emptied: 194286944 bytes
->Temporary Internet Files folder emptied: 570104133 bytes
->Java cache emptied: 139200 bytes
->FireFox cache emptied: 348216159 bytes
->Flash cache emptied: 137821 bytes

User: UpdatusUser
->Temp folder emptied: 1119016 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 486930970 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 28757891 bytes

Total Files Cleaned = 1.554,00 mb


OTL by OldTimer - Version 3.2.55.0 log created on 08042012_014622

Files\Folders moved on Reboot...
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=1QM9HK30XG2056CQHEZS[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\b8c480c89bb44beac6e7e9b29558468;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=18NBH49QJPNWA41EH581[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[10].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[9].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\584ad4a460a70ac5c94;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=09X34TAA0G717773TQCR;vegas=nav[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\712410d5bdf447dac4d4a7ad3e3ec14;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=18NBH49QJPNWA41EH581[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\9fbada38ff451f6c216;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=18NBH49QJPNWA41EH581;vegas=nav[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\07682bf0cb05b7a503d;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=1QM9HK30XG2056CQHEZS;vegas=nav[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=1QM9HK30XG2056CQHEZS[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=09X34TAA0G717773TQCR[1].js not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=09X34TAA0G717773TQCR[1].js not found!
C:\Users\Suratarius\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Suratarius\AppData\Local\Temp\~DF52989E33F6FF1E41.TMP not found!
File\Folder C:\Users\Suratarius\AppData\Local\Temp\~WRD0001.doc not found!
File\Folder C:\Users\Suratarius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS0000.tmp not found!

PendingFileRenameOperations files...
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=1QM9HK30XG2056CQHEZS[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\b8c480c89bb44beac6e7e9b29558468;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=18NBH49QJPNWA41EH581[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\W6MC0NC9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[10].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[8].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U3H8KPH9\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[9].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\584ad4a460a70ac5c94;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=09X34TAA0G717773TQCR;vegas=nav[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\712410d5bdf447dac4d4a7ad3e3ec14;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=18NBH49QJPNWA41EH581[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\9fbada38ff451f6c216;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=18NBH49QJPNWA41EH581;vegas=nav[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[6].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5S6THUL2\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[7].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\07682bf0cb05b7a503d;s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=1140;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2115;z=2104 ;tile=1;ord=1QM9HK30XG2056CQHEZS;vegas=nav[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1051;s=1080;s=485;s=1068;s=602;s=621;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=1QM9HK30XG2056CQHEZS[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[3].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[4].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\c_iframe_htm&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[5].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[1].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\rame_top_img&CUSTOMERNO=23846095&t=de857294640.1321865979.33b7c4c3&freemailuseragent=Mozilla%2F5.0+(compatible%3B+MSIE+9.0% 3B+Windows+NT+6.1%3B+WOW64%3B+Trident%2F5[2].htm not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=1;ord=09X34TAA0G717773TQCR[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\4KHTM6ZH\s=i1;s=i2;s=i3;s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=483;s=1140;s=702;s=1080;s=485;s=1068;s=602;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z =202;z=193;tile=2;ord=09X34TAA0G717773TQCR[1].js not found!
File C:\Users\Suratarius\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Suratarius\AppData\Local\Temp\~DF52989E33F6FF1E41.TMP not found!
File C:\Users\Suratarius\AppData\Local\Temp\~WRD0001.doc not found!
File C:\Users\Suratarius\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS0000.tmp not found!

Registry entries deleted on Reboot...


lief etwas anders als du es mir beschrieben hast (ich versuche mal möglichst kurz zu beschreiben was bei mir ablief):
OTL nach Anweisung im Abgesicherten Modus ausgeführt
(keine Möglichkeit den Log zu speichern da direkt die Nachricht des Neustarts kam).
Neustart wieder im abgesicherten Modus.
ComboFix gestartet. Hatte keine Möglichkeit die 1 auszuwählen, Programm hat direkt den Durchlauf gestartet. Während des Durchlaufs gab es mehrfach die Info dass auf bestimmte Datein nicht zugegriffen werden kann(Durchlauf dauerte nichtmal 3 Minuten). Nach dem Durchlauf kam die Info, dass ComboFix nur für Windows 2000/XP sei.
Neustart des Rechner (normaler Modus), nach dem Start kam der oben gepostete log von OTL.

Hab ich was falsch gemacht? Wie geht es weiter?

Zusätzliche Frage: Wenn Zonealarm läut hab ich keine Verbindung mehr zum Internet, kann es daran liegen, dass ich die paar Datein in die Quarantäne verschoben habe? Lohnt es sich die Datein da wieder raus zu holen?

Geändert von Suratarius (04.08.2012 um 01:13 Uhr)

Alt 04.08.2012, 18:38   #7
Chris4You
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Hi,

nein, CF ist auch für win7...
Poste ein neues OTL-Log, es ist sehr ungewöhnlich, das CF einfach so startet...

Lade Dir Farbar Service Scanner (http://download.bleepingcomputer.com/farbar/FSS.exe runter, starte ihn und wähle folgende Optionen aus:
  • Internet Services
  • Windows Firewall
  • System Restore

Starte durch "Scan".
Das Logfile (FSS.txt) wird in dem Arbeitsverzeichnis erstellt.
Log hier posten

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 07.08.2012, 14:45   #8
Suratarius
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



hiho, bin im Urlaub und habe leider doch kein Internet. Wenn es ok ist, geht es mit dem lappi ab Montag weiter.

mfg Suratarius

Alt 08.08.2012, 06:27   #9
Chris4You
 
TR/ATRAPS.Gen2 / Lapqeteazore.exe - Standard

TR/ATRAPS.Gen2 / Lapqeteazore.exe



Hi,

Ok, Melde Dich dann wieder...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu TR/ATRAPS.Gen2 / Lapqeteazore.exe
64bit, datei, dreck, erklärt, erstell, erstellt, externe, externen, heute, häufiger, intel, lapqeteazore, löschen, namens, nicht löschen, ordner, persönliche, platte, schei, sichere, sicheren, störenfried, tr/atraps.gen, tr/atraps.gen2, windows, woche, zonealarm



Ähnliche Themen: TR/ATRAPS.Gen2 / Lapqeteazore.exe


  1. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  2. Trojaner Befall TR/ATRAPS.GEN ,TR/ATRAPS.GEN2 , TR/Cutwail.jhg , TR/ZAccess.H , TR/Sirefef.A.37
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  3. TR/Atraps.gen - TR/Atraps.gen2 - TR/Rogue.kdv.686334 - von AVIRA Antivirus entdeckt
    Log-Analyse und Auswertung - 05.09.2012 (24)
  4. TR/ATRAPS.Gen2 und TR/ATRAPS.Gen wird alle paar Minuten von Antivir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (22)
  5. Avira: 800000cb.@ TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer\.. und weitere Pfaden
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (25)
  6. antivir meldet alle paar minuten den fund TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Log-Analyse und Auswertung - 01.08.2012 (4)
  7. Von Avira gefundene Trojaner - TR/Crypt.ZPACK.Gen, TR/ATRAPS.Gen, TR/ATRAPS.Gen2 und BDS/ZAccess.T
    Log-Analyse und Auswertung - 27.07.2012 (25)
  8. Trojaner Atraps.Gen, Atraps.Gen2 und Sirefef.AB.20 - gelöscht, aber auch sicher?
    Log-Analyse und Auswertung - 14.07.2012 (23)
  9. TR/ATRAPS.GEN, TR/ATRAPS.Gen2 6 seit ein paar Minuten auch noch ein Sirefef.P.528
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (1)
  10. Antivir findet 4 Trojaner: TR/ATRAPS.Gen, TR/ATRAPS.Gen2, Sirefef.P.342, Dldr.Phdet.E.41
    Log-Analyse und Auswertung - 11.07.2012 (1)
  11. TR/ATRAPS.GEN, TR/ATRAPS.GEN2 in C:\Windows\Installer\{...} und JAVA/Dldr.Lamar.CI
    Mülltonne - 09.07.2012 (2)
  12. Nach Befall tr/atraps.gen tr/atraps.gen2 formatiert - Computer startet selbständig neu
    Log-Analyse und Auswertung - 09.07.2012 (1)
  13. Virus (Rootkit.0Access, TR/ATRAPS.Gen, TR/ATRAPS.Gen2) entfernt; tatsächlich clean?
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (7)
  14. Avira ANtivir meldet Befall durch: tr/atraps.gen & tr atraps.gen2
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (3)
  15. Und noch einer: Trojaner TR/ATRAPS.Gen2 und TR/ATRAPS.Gen und W32/Patched.UA HILFE!!!
    Log-Analyse und Auswertung - 28.06.2012 (7)
  16. TR/Small.FI, TR/ATRAPS.Gen und TR/ATRAPS.Gen2 gefunden, aber nach Systemwiederherstellung weg?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (4)
  17. Antivir meldet ständig wiederholten Fund von TR/ATRAPS.Gen, TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 03.06.2012 (1)

Zum Thema TR/ATRAPS.Gen2 / Lapqeteazore.exe - Nabend, hab seit heute Abend den scheinbar schon häufiger auffallenden Störenfried "TR/ATRAPS.Gen2 / Lapqeteazore.exe"... Anvira kann ihn offensichtlich nicht löschen, Zonealarm macht auch nicht viel. Hab nen Lappi mit Windows7, - TR/ATRAPS.Gen2 / Lapqeteazore.exe...
Archiv
Du betrachtest: TR/ATRAPS.Gen2 / Lapqeteazore.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.